Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

VPN Security Lock Down, Data Transfer Security

Posted on 2004-09-03
2
Medium Priority
?
261 Views
Last Modified: 2013-12-04
Good Morning Gentlemen,
I have a client who needs to transfer SENSITVE data e.g. Customer data, telephone numbers, Credit Card numbers etc from there side to my side and back again.

On my side I have a SQL 2000 Database running on WIN 2K Server behind a FIREWALL on the clients side they are using an web based Access Database/Application. There will be HTTP requests going back and forth, What security features can I implement from source to destination to lock down/secure the data transfer.... I am thinking of using a VPN can I use an encrypted VPN for the data transfer? Any Suggestions please….on what I can put in place on my side and the clients side to really lock down and secure the transfer process. Are there any SQL 2000, WIN2k Security Features I can activate?

Jaspn Burke
0
Comment
Question by:JaspnBurke
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Accepted Solution

by:
LimeSMJ earned 700 total points
ID: 11983248
Since you are using a web based application, SSL might be the easiest to implement.  Just get a certificate (either self-generated or commercial like Verisign) and install it on the server.  Then force the client to use an HTTPS link instead of HTTP.  Keep in mind though, that this will require that you make your web server public - which may be not in your best interest if it's strictly an intranet application.

A VPN is a good idea if you don't want to make your server public.  There are a couple ways to implement a VPN, each with it's own advantages and disavantages.  

> A site-to-site tunnel is good if you want to keep the connection between you and the client machine secure and permanent.  
> A simple client - server VPN is good if your firewall supports it... Windows XP can handle and log into most firewall VPNs without use of an expensive client side software.

In addition to the method, the VPN security strength can also be tailored for your needs through the use of different transport protocols - TLS, EAP, PPTP, L2TP/IPSec, etc...

There isn't much you can do to lock down the server besides installing the latest security patches for both SQL and Win2K.  Your firewall should handle the bulk of the security on the server side.  Just make sure that when you do implement any client - server relationship that the client itself (and the user) is protected... VPNs are useless if the client is untrusted.
0
 

Author Comment

by:JaspnBurke
ID: 11985727
Thank You LimeSMJ,
I am going down the VPN route it seems to be the safest option.
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Every business owner understands the significance of online customer reviews and the impact it can have on sales and revenues. With technology advancing at such a rapid pace, getting online reviews has never been easier, especially when many regions…
Viewers will get an overview of the benefits and risks of using Bitcoin to accept payments. What Bitcoin is: Legality: Risks: Benefits: Which businesses are best suited?: Other things you should know: How to get started:
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question