Secure Network Communication

Besides building secure gateways between the open Internet and the corporate intranet using the described approaches, the data transmitted over the web must be protected from corruption and eavesdropping. The protection of network connections includes three levels of security:

• Authentication—identifies the communication partner,

• Integrity—recognizes changes made to data while it was transmitted, and

• Confidentiality—encrypts data to prevent read without authorization.

Encryption is mandatory for connections across open networks like the Internet. However, it may also be necessary to use encryption in internal networks for authenticating users and protection. This section describes the ways to make communication connections secure. Cryptographic methods can be used at different layers in the network protocol stack:

• At the data-link layer, network packets can be encrypted directly by the network card. However, this method requires special hardware and is rarely used.

• At the network layer, several standards for securing data are available. The most common is IPsec, which will in future be part of IPv6.

• At the transport layer, Secure Sockets Layer (SSL) is the most common among several standards.

• Application layer—most applications define their own security protocols.

Secure SAP Communication

SAP does not implement strong encryption methods in its software. SAP Secure Network Communication (SNC) provides an interface to security products of other vendors with strong encryption (see Figure 12-9). This way, the SAP software itself is not subject to country-specific restrictions on encryption software. Several security products with additional functionality such as smart cards or biometrics are certified by SAP. SNC provides authentication as well as encryption of the data to be transferred. This guarantees secure connections for all types of external SAP communication, such as SAPGUI, printing, RFC and CPI-C communication, and so on. SNC can also be used to set up a secure tunnel between two SAProuters. However, only SAP data is encrypted this way; access to files or the exchange of email with the corporate network is not secure. SNC cannot be used between the application servers and the database.

Secure Web Communication

All data (including passwords) is usually transmitted through the Internet in plain text. To maintain confidentiality, all modern browsers support the encryption of HTTP data by using the Secure Socket Layer protocol (SSL), also known as HTTPS. To use SSL encryption, the web server must obtain a certificate issued by a Certification Authority (CA). This is the precondition for the secure connection to be established.

Data is sent as clear text by default between the WGate and the AGate. Built in is a connection type that encrypts the data with a triple DES algorithm using a static key. However, this key is not configurable. Therefore, this encryption provides protection only against accidental reading of the data but not against serious attacks. For better protection, you can use SAP's Secure Network Communication (SNC) to protect the link between the WGate and AGate. The connection between AGate and SAP system can also be protected with SNC.

Denial of Service Attacks

The intent of a denial of service attack is not to break into a system; rather it is to break the system. The attack is not designed to steal information but instead to overload a system by tying up its resources with repeated requests, which eventually bring the system to its knees. A denial of service attack occurs when a malicious attacker sends continuous TCP/IP packets to a server, which quickly absorb a resource until there are no more resources available and a system hang or crash occurs. Most denial of service attacks occur at the network level and can be handled by firewalls. However, recent attacks are more sophisticated, targeted directly at the web server (HTTP) level. In this scenario, a connection is requested at the socket level. The web server opens the connection and waits for data, which is never sent. While the web server is waiting for this data, it retains resources that would otherwise be used for handling other requests.

HP WebQoS has capabilities that can help protect web servers against denial of service attacks at the HTTP level. WebQoS does this by intercepting a request before the web server sees it, looking at the request, and making certain there is valid data associated with the request. If the request does not include valid data, WebQoS can treat this request as a phantom request and discard it, saving web server resources.