I found the answer. In the SNC Users Guide in section 4.8.1 it says:
Microsoft's NTLMSSP provides a uni-directional authentication of the initiator (client) to the acceptor (server) only. It does not provide mutual authentication, and it does not offer data integrity or data privacy protection for the communication.
You can find this guide at ftp://ftp.sap.com/pub/icc/bc-snc40/SNC_User_Guide.pdf
So, you need to use a different SNC library that supports Kerberos or x.509. For keeping it simple and low cost I would suggest Kerberos.
Thanks
Tim