Solved

Access SQL Server 2005 over internet connection (Best security)

Posted on 2007-11-28
10
1,161 Views
Last Modified: 2010-08-05
SQL Server 2005/ADO.NET 1.1/VisualStudio 2003 C#

Hi,
 I have an application need to communicate with SQL Server 2005 outside a network. My Customer need to have a Hight Level of security and he could not open SQL Server port. All my others customer, use VPN Connection to manage this problem. But in this situation, my customer doesn't have a VPN and we need to access with Hight Security Level my SQL database. I know that it's possible to build my own server, or access sql with a web service but i don't have time to do this. I need your help to find the best way to resolve this problem and propose solution to our customer : (I forget!  We use a mixed mode security in SQL Server)

Proxy ?
SSL ?
VPN ?
Web Service ?
Custom Server ?
Others

How to implement your best way with ADO.net ? How to pass in connectstring ?
 
It's really important to know that we need to keep performance on SQL Access.

Thanks.

0
Comment
Question by:TelDig
  • 6
  • 4
10 Comments
 
LVL 18

Expert Comment

by:Yveau
ID: 20368740
SSL is easy (once the certificate is installed) and very widely supported. Any connection can use it out of the box (except for JDBC) and it's a matter of one certificate on the server and it works ...
It's very secure. Did my own sniffing with wireshark, nothing that gets over the line is recognizable in any way.

Try this:
http://support.microsoft.com/kb/316898

Hope this helps ...
0
 

Author Comment

by:TelDig
ID: 20368807
thanks for your anwser, but i'm a beginner in security - SSL in SQL Server, I would like to know if you know some problems with SSL during implementation ?

thanks
0
 
LVL 18

Expert Comment

by:Yveau
ID: 20368823
No, just the certificate is a bit difficult ... Once that is in place, works like a charm !

Hope this helps ...
0
 

Author Comment

by:TelDig
ID: 20368827
When we use SSL, did you need to open a SQL port on internet ?
0
 
LVL 18

Expert Comment

by:Yveau
ID: 20368848
Didn't run in on the Internet, so didn't had that issue ... good question. My first guess it would be running on port 1433 ...

0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:TelDig
ID: 20368863
ok but is my biggest issue. I need to certified to my customer then SQL Server can't be hack outside his network. How it's possible to do it ?
0
 
LVL 18

Expert Comment

by:Yveau
ID: 20368889
If you open the port for yourself ... anybody could use that port ... so that is a pretty tough one.
The VPN server would be the best option I guess ...

Try:
http://openvpn.net/
I use it myself, very simple to setup.

Hope this helps ...
0
 

Author Comment

by:TelDig
ID: 20373047
ok, Exept VPN and SSL, Witch mode do you suggest ?
Thanks
0
 
LVL 18

Accepted Solution

by:
Yveau earned 500 total points
ID: 20380092
VPN is probably the most secure ... I would go for VPN. And even then you could do SSL which is always good if going over the Internet.

Hope this helps ...
0
 
LVL 18

Expert Comment

by:Yveau
ID: 20381255
Glad I could be of any help and thanks for the grade !
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
EE experience on sites similar to VirusTotal? 4 98
Route all internet traffic through this VPN (sonicwall) 2 43
Caste datetime 2 50
Unable to save view in SSMS 21 53
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
Use this article to create a batch file to backup a Microsoft SQL Server database to a Windows folder.  The folder can be on the local hard drive or on a network share.  This batch file will query the SQL server to get the current date & time and wi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now