How to minimize the attack surface of Hybrid SAP S4HANA landscapes