December 6, 2006 at 11:35 am
What would be the preferred method of communicating with SQL Server between two networks? I'm reading articles and blogs between SSL VPN and IPSec, but nothing specific to SQL. No other resources are necessary other than accessing the SQL Server. My two main concerns are security and maintaining the connection without manual intervention.
Are there alternatives to a VPN, either SSL or IPSec? I hear a lot about SSL but not how that could control access to the SQL Server without being exposed to attacks.
Thanks for the input!
December 6, 2006 at 1:52 pm
What do you mean by communicating? There is an FTP replication or web access, depends on what level you want to access.
Regards,Yelena Varsha
December 6, 2006 at 2:13 pm
The primary purpose will be to read and write data to the database. Since the communication must take place between two separate networks, I'm curious which means to establish the connection would be most appropriate or recommended. Both networks are very small, but secure.
Again, would a VPN connection be most appropriate, and if so, which kind?
If not VPN, what options are available that keep this secured? I've been advised of SSL and that it is quite safe to use if you must open SQL Server up for write access to a system on the other side of my firewall.
I apologize if this information is obscure or incomplete.
December 7, 2006 at 4:11 am
establishing an IPSEC tunnel (with somethign like 3-DES encryption) between the two networks would certainly help secure the data.Authentication could be by certificate or a nice long shared secret ( dont forget to change the shared secret periodically ) You could further restrict it by only allowing SQL traffic along the tunnel from and to specific hosts at each end of said tunnel.
December 7, 2006 at 9:52 am
It seems to me that you would want to use a VPN of some sort. These can be set up between firewalls if they include that feature.
If you can't do it between your firewalls because they don't support tunneling, then you could use two windows boxes as tunnel endpoints. PPTP is easy to set up, but may not meet your needs.
Also, there is an open source and free as in beer system available at http://openvpn.net/.
December 7, 2006 at 12:52 pm
Thanks for all the posts! I'll look into them.
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply