Looking for a Security Solution
We have some pretty strict security policies in my company. That often means coming up with creative solutions to problems. Hopefully someone in the DBA community can help me.
We have a company that does some outside work for us. We have a database server at their location. We need to allow the database server to talk to our DB server in a network DMZ. We’d use a linked server from the remote site to talk to our DMZ server. I’m okay setting up the username/password and the firewall ports. The problem is that we need to have the traffic between the two servers encrypted.
To further complicate this, we don’t want all of the traffic on these servers encrypted, just the traffic that goes across the internet.
I’m completely befuddled on how to do this properly. There is a very good chance that I’m making this harder than it needs to be, and I’d be thrilled if someone gave me a simple solution.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
I’m not a DBA, so take this with a grain of salt. What about utilizing either the SQL service broker or take SQL technology out of the picture and use something like a VPN?
http://msdn.microsoft.com/en-us/library/ms345108%28SQL.90%29.aspx
This might be a completely silly suggestion, but have you considered just opening up a VPN tunnel between the two sites? Even if your company absorbed the cost of the endpoint devices, you are looking at a few hundred dollars for a simple setup.
Sorry, the comment form is closed at this time.
Have you considered in IPSec policy between the two machines to encapsulate the traffic?
http://windowsitpro.com/article/articleid/96508/use-ipsec-to-encrypt-data.html