Skip to Content
author's profile photo Former Member
Former Member

SAP Web Dispatcher and other 3rd Party Proxy server options

Hello,

I would like to understand the level of security that SAP Web Dispatcher as a proxy running in a DMZ can provide when compared to other commercially available Proxy servers. Our client believes this is the most secure solution for protecting our backend SAP systems against internet intrusion but I would like to review against other available products. According to a wikipedia page, there are many other choices but I can't find a good comparison table that reviews most relevant features needed for security. Examples of web proxy servers include Apache (with mod_proxy or Traffic Server), HAProxy, IIS configured as proxy (e.g., with Application Request Routing), Nginx, Privoxy, Squid, Varnish (reverse proxy only),WinGate, Ziproxy, Tinyproxy, RabbIT4 and Polipo

Please advise.

Thank you.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • Posted on Jul 21, 2016 at 06:44 AM

    Hi Shahid Bhaidani, SAP Web Dispatcher's functional focus is on load balancing, endpoint aggregation, port switch and some minor protocol manipulation.

    It has some filtering rules, but this does not make it an application level firewall or security gateway.

    Unfortunately SAP Web Dispatchers tend to be forgotten concerning regular updates and security patches by operating staff. Also default configuration of e.g. of SSL/TLS is less than secure. Both subjects are really critical if the SAP Web Dispatcher is your Internet endpoint.

    SAP Web Dispatcher has no track record as part of the security infrastructure and SAP does not sell it as such.

    So what I typically recommend is to use a SAP Web Dispatcher for SAP specific stuff (most times it is load balancing) but to always put a BigIP F5 or comparable in front. An interesting feature to ease firewall pains is SAP Web Dispatcher's ability for "Reverse Invoke".

    Regards,

    Lutz

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.