Showing results for 
Search instead for 
Did you mean: 

How to differentiate private and company owned devices on the ABAP Stack?

Former Member
0 Kudos

Hey all,

maybe someone have ideas, to solve an actual security demand on my side.

Employees shall access a Fiori Launchpad on an NetWeaver Gateway instance. While they shall see all tiles and information from the company owned devices (which are using certificates), they shouldn't by using private devices. The reasons are kind of legal and data privacy.

The first security layer from external access is a VPN SSL tunnel by juniper, the second will be the SAP Netweaver Gateway instance. At this point I want to differentiate between private and company owned devices, to provide further logic.

I'm now struggling with the question, if there is a way, how i can identify the incoming user on the Gateway ABAP system, by his/her maybe ip-range, certificate or something else. Maybe I'm missing something essential or another Dispatcher or Proxy is needed. Thanks for every suggestion.



Accepted Solutions (0)

Answers (1)

Answers (1)

Active Contributor
0 Kudos


I don't think that there is an easy way to achieve this. The problem is that you cannot absolutely trust the browser. Why do they need to have an acccess from their devices if they can't access data? The only solution I can think of is using something like SAP Moccana. Create an app that creates a VPN tunnel that is only way how to access these apps. Then use MDM to controll which device can get his app installed. So to get access a device must be under MDM control.