Hi colleagues,
we have an scenario with an reverse proxy in front of an sap system. The reverse proxy stands in the dmz. The sap system is in data center. The Reverse Invoke with a sap webdispatcher in the dmz seems to be promising more security because the firewall don't have open ports from dmz to data center.
The help.sap.com entry I have found describe it thin and my other searchI haven't found anynotes whether this scenariois safer at using URL exploits?
If there is anexploit, is the exploitexecuted on the sap system and than delivered viareverseinvokeinthedmz to the sap web dispatcher? So in this scenario only one system can attacked or will the attack stops at the sap web dispatcher?
or can this only blocked with an firewall and activ Intrusion Prevention System/Intrusion Detection System?
So the only advantage with a sap web dispatcher is that the attack stops in dmz and system is stillvulnerable but delivering the attacks to the dmz?
Maybe someonecan describe reverseprocedureaccurately. Hopefully it'sclearly explained for you.
Kind regards,
Frank Schewe