Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Is it possible to use NW Gateway between Cloud connector and ECC ?

Former Member

on ‎2018 Feb 08 7:41 AM

0 Likes
825

Dear Experts,


we are planning to start SF integration project using SCPI, I have few questions from architectural point of view considering standard integration content


1. flow is SF-->SCPI--> SAP Cloud Connector(SCC)-->Netwear Gateway(ABAP)--> SAP ECC: SAP given option to replicate Emp & Org data using SCC connecting with ECC, how ever we are enforced to use gateway instance in between SCC & ECC due to security reasons. Standard content is based on SOAP. SCI calls ECC web service based on communication channel as the addons installed in ECC. hence Is it possible to use NW Gateway in between ? if yes please explore options considering web services to use gateway in between with standard integration content + custom development.

2. when we use cloud connector do we need to deploy any certificates in SCC, SCPI & ECC ? even in case of basic authontication considering inbound and outbound.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

MortenWittrock
SAP Mentor
SAP Mentor
‎2018 Feb 09 5:17 PM

Hi Bhaskar

1) The pre-packaged integration content expects a SOAP service, and SAP Gateway does not expose SOAP services. So no, you cannot place SAP Gateway between Cloud Connector and ECC in your case.

2) You don't need to add any certificates to Cloud Integration. You can add a signed certificate to Cloud Connector, and import it into ECC to established trust, but it is not a requirement.

I would suggest to enter into a dialogue with the security people about Cloud Connector. Make sure to mention, that Cloud Connector has very fine grained security measures, that let you provide access to only the required SOAP services on that one particular ECC system. Also, those services are not accessible on the internet, but only from the SAP Cloud Platform subaccount, that your Cloud Connector is connected to. You can even restrict access to just the Cloud Integration service. Cloud Connector does not open any firewall ports to the internet; it connects directly to the SCP subaccount, and establishes a TLS-encrypted tunnel, that all subsequent communication goes through.

Regards,

Morten

Show replies
Show replies
Former Member
‎2018 Feb 15 8:15 AM
0 Likes

Hi Morten,

Thanks for the response.

that let you provide access to only the required SOAP services on that one particular ECC system

Can we use same cloud connector to connect with multiple on-premise ECC systems? or do we need to have separate cloud connector for each onpremise ECC system ?

Regards

Bhaskar

Show replies
Show replies
MortenWittrock
SAP Mentor
SAP Mentor
‎2018 Feb 15 9:58 AM

Hi Bhaskar

You can use the same Cloud Connector to provide access to multiple on-premise systems. My point was that when you install Cloud Connector, you need to actively add each system and resource, that should be made available to applications and services in your SAP Cloud Platform subaccount. It's not the case that once installed, Cloud Connector will suddenly expose your entire internal network to the Internet. That's an important point to make, when describing Cloud Connector to your security department.

Regards,

Morten

Ask a Question