Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia

SSH Tectia Configuration Generation

The SSH Tectia Server configuration requires tunneling settings to allow users in group sapuser to tunnel connections to any ports used by the SAP GUI traffic on the SAP Application Server. Remote tunneling on servers (via the SSH Tectia Server running on the SAP Application Server) is denied for everyone.

The configuration settings are done on tab Configurations → Edit Configurations → SSH Tectia G3 under the SSH Tectia Server configuration Rules → <rule-set> Tunnels view.

Example tunneling settings for G3 versions are shown in Figure 5.15.

Configuring tunneling settings for SAP application server

Figure 5.15. Configuring tunneling settings for SAP application server

Allowing local tunneling on SAP application server

Figure 5.16. Allowing local tunneling on SAP application server

The SSH Tectia Client software on the user workstations needs to be configured to use transparent TCP tunneling in handling the SAP GUI traffic. Figure 5.17 shows the tunneling rule settings for capturing and encrypting all SAP traffic generated by the sap.example.exe application and related to any host address or listen port. The user name and the destination definition will be extracted from the information sent by the SAP application.

Setting the tunneling rules

Figure 5.17. Setting the tunneling rules


 

 
Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more