Hello,
My company is running a centralized SAP PI/PO AEX and BPM (7.4), java only, to which many internal systems connect. We have a new requirement to process messages from external vendors. Corporate Security is insisting that we have the external users authenticate in the DMZ. With this stipulation, our options seem to be limited to building an AEX in the DMZ with a load balancer in front of it, whether it's Cisco or SAP WD. The problem with this is that we also are trying to limit the complexity/footprint of the applications in the DMZ (simpler apps have less maintenance needs). An AEX instance will require failover capability and a database both also in the DMZ.
Can we do this with the SAP Web Dispatcher alone in the DMZ? I have read the document regarding SAP Web Dispatcher Security and it seems that, although we can provide layers of filtering, there is still no authentication capability.
Are there alternatives that I am missing here?
Thanks much,
Diane Maller