Solved

VPN Security Lock Down, Data Transfer Security

Posted on 2004-09-03
2
254 Views
Last Modified: 2013-12-04
Good Morning Gentlemen,
I have a client who needs to transfer SENSITVE data e.g. Customer data, telephone numbers, Credit Card numbers etc from there side to my side and back again.

On my side I have a SQL 2000 Database running on WIN 2K Server behind a FIREWALL on the clients side they are using an web based Access Database/Application. There will be HTTP requests going back and forth, What security features can I implement from source to destination to lock down/secure the data transfer.... I am thinking of using a VPN can I use an encrypted VPN for the data transfer? Any Suggestions please….on what I can put in place on my side and the clients side to really lock down and secure the transfer process. Are there any SQL 2000, WIN2k Security Features I can activate?

Jaspn Burke
0
Comment
Question by:JaspnBurke
2 Comments
 
LVL 7

Accepted Solution

by:
LimeSMJ earned 175 total points
Comment Utility
Since you are using a web based application, SSL might be the easiest to implement.  Just get a certificate (either self-generated or commercial like Verisign) and install it on the server.  Then force the client to use an HTTPS link instead of HTTP.  Keep in mind though, that this will require that you make your web server public - which may be not in your best interest if it's strictly an intranet application.

A VPN is a good idea if you don't want to make your server public.  There are a couple ways to implement a VPN, each with it's own advantages and disavantages.  

> A site-to-site tunnel is good if you want to keep the connection between you and the client machine secure and permanent.  
> A simple client - server VPN is good if your firewall supports it... Windows XP can handle and log into most firewall VPNs without use of an expensive client side software.

In addition to the method, the VPN security strength can also be tailored for your needs through the use of different transport protocols - TLS, EAP, PPTP, L2TP/IPSec, etc...

There isn't much you can do to lock down the server besides installing the latest security patches for both SQL and Win2K.  Your firewall should handle the bulk of the security on the server side.  Just make sure that when you do implement any client - server relationship that the client itself (and the user) is protected... VPNs are useless if the client is untrusted.
0
 

Author Comment

by:JaspnBurke
Comment Utility
Thank You LimeSMJ,
I am going down the VPN route it seems to be the safest option.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now