Solved

VPN Security Lock Down, Data Transfer Security

Posted on 2004-09-03
2
259 Views
Last Modified: 2013-12-04
Good Morning Gentlemen,
I have a client who needs to transfer SENSITVE data e.g. Customer data, telephone numbers, Credit Card numbers etc from there side to my side and back again.

On my side I have a SQL 2000 Database running on WIN 2K Server behind a FIREWALL on the clients side they are using an web based Access Database/Application. There will be HTTP requests going back and forth, What security features can I implement from source to destination to lock down/secure the data transfer.... I am thinking of using a VPN can I use an encrypted VPN for the data transfer? Any Suggestions please….on what I can put in place on my side and the clients side to really lock down and secure the transfer process. Are there any SQL 2000, WIN2k Security Features I can activate?

Jaspn Burke
0
Comment
Question by:JaspnBurke
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
LimeSMJ earned 175 total points
ID: 11983248
Since you are using a web based application, SSL might be the easiest to implement.  Just get a certificate (either self-generated or commercial like Verisign) and install it on the server.  Then force the client to use an HTTPS link instead of HTTP.  Keep in mind though, that this will require that you make your web server public - which may be not in your best interest if it's strictly an intranet application.

A VPN is a good idea if you don't want to make your server public.  There are a couple ways to implement a VPN, each with it's own advantages and disavantages.  

> A site-to-site tunnel is good if you want to keep the connection between you and the client machine secure and permanent.  
> A simple client - server VPN is good if your firewall supports it... Windows XP can handle and log into most firewall VPNs without use of an expensive client side software.

In addition to the method, the VPN security strength can also be tailored for your needs through the use of different transport protocols - TLS, EAP, PPTP, L2TP/IPSec, etc...

There isn't much you can do to lock down the server besides installing the latest security patches for both SQL and Win2K.  Your firewall should handle the bulk of the security on the server side.  Just make sure that when you do implement any client - server relationship that the client itself (and the user) is protected... VPNs are useless if the client is untrusted.
0
 

Author Comment

by:JaspnBurke
ID: 11985727
Thank You LimeSMJ,
I am going down the VPN route it seems to be the safest option.
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
read ebay data from mysql and post to ebay 2 60
paypal ipn url 5 132
Set a time range for screen lockout for Windows 10/7 OS 2 36
What cart is this? 2 56
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Learn about the eCommerce marketing trends for the year ahead.
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question