snc/enable

Posted by — January 29, 2015 in SAP PARAMETER Leave a reply

Parameter

snc/enable

Short text

Enable SNC Module (Secure Network Communications)

Parameter Description

If this parameter is set to “1”, the work processes try to activate/initialize the module SNC (Secure Network Communications) when starting up.

Strategy

If security is activated, by default, all incoming connections are accepted only if they are secure. If you want to permit conventional connections in parallel and use packet filtering routers to partition the R/3 system, you need to permit unsecure connections via additional profile parameters. In this case, you need to enter “snc/accept_insecure_gui = 1” for the GUI, for example, and “snc/accept_insecure_rfc = 1″ or snc/accept_insecure_cpic = 1” for RFC or CPIC connections.

The SNC module requires the file name (including the path) of the shared library of the external security product. When the SNC module is activated, this shared library is loaded at runtime. (for example, “snc/gssapi_lib = /usr/local/lib/libsecude.so”) If the shared library cannot be found or loaded, or is not recognized, SncInit() returns the error SNCERR_INIT and the work process terminates the process.

Application Area

SNC

Parameter Unit

BOOLEAN

Default Value

0

Who is permitted to make changes?

Customer

Operating System Restrictions

None

Database System Restrictions

None

Are other parameters affected or dependent?

• snc/gssapi_lib path name of GSS-API shared library
• snc/identity/as identity of the application server at the external security system
• snc/accept_insecure_gui permit conventional logon GUI
• snc/accept_insecure_rfc permit conventional logon RFC
• snc/accept_insecure_cpic permit conventional logon CPIC
• snc/data_protection/min minimum requirement to protect the data during transfer
• snc/data_protection/max limit on the protection of data during the transfer
• snc/data_protection/use default value for the protection of outgoing connections
• snc/r3int_rfc_secure secured connections also for internal RFCs within the R/3 system
• snc/r3int_rfc_qop protection levels for internal RFCs
• snc/permit_insecure_start permission for the gateway to also start unsecure programs

Values allowed

0 or 1

You May Also Like

jstartup/shutdown_timeout : Timeout for the jstart controller process to wait for shutdown of child processes

jstartup/security_level : Security level for jcontrol

jstartup/sdm_properties : Path to SDM properties file

jstartup/recorder : Flight recorder configuration

Leave a Reply?