Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Web application firewall (WAF) between SAP Cloud Platform and SAP Cloud Connector

former_member82170
Participant

on ‎2018 Apr 03 10:34 PM

0 Likes
5,664

Hello,

We are working on SAP Cloud Platform and SAP Cloud Connector integration. Our web security team recommended us to implement Web application firewall (WAF) between SAP Cloud Platform and SAP Cloud Connector integration to monitor, filter or block the data packets. Has any one implemented this approch? any suggestions or recommendations?

Thanks and Regards,

Prasad

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (2)

Answers (2)

gregorw
SAP Mentor
SAP Mentor
‎2018 Apr 04 6:32 AM

Dear Prasad,

seems your web security team hasn't looked into the details of SAP Cloud Connector (SCC) yet. Putting it between SCP and the Cloud Connector will break it's functionality as the WAF has to break into the SSL connection. Which will result into changed certificates that should be rejected by SCC. But putting the WAF between SCC and the Gateway Frontend Server (FES) is a valid option. But also there you can run into issues when you would like to use X.509 based Principal Propagation.

Best regards
Gregor

Show replies
Show replies
MortenWittrock
SAP Mentor
SAP Mentor
‎2018 Apr 04 10:44 AM
0 Likes

Prasad, adding to Gregor's excellent answer: Make sure to engage with the security team, and make certain that they understand the architecture of SAP Cloud Platform and Cloud Connector. The project will progress a lot smoother from that starting point.

Regards,

Morten

former_member82170
Participant
‎2018 Apr 05 5:15 PM
0 Likes

Thanks Gregor and Morten for your input. Are there any documents which talk about this? if yes, could you please point me to that guide, as I am unable to locate.

Show replies
Show replies
MortenWittrock
SAP Mentor
SAP Mentor
‎2018 Apr 06 12:41 AM

Hi Prasad

The Security section of the Cloud Connector documentation is a good place to start.

Regards,

Morten

Ask a Question