<div>
<div class="content wysiwyg-content">
<br />
We have a SQL Server 2008 std on W2k8 Srv. &nbsp; SQL instance has about 20 separate databases, for access by our different clients with their own login creds. &nbsp; Our current security is that clients RDP into our LAN, everything inside our 192.x network. &nbsp; &nbsp;Our primary app is written in VB6 enterprise with connects to the SQL database. <br />
<br />
If we move to Amazon AWS, it'll be like moving our existing <b>SQL to public facing internet</b>. &nbsp;We're also planing to move the VB6 App to the individual desktops of the clients, which effectively takes everyone off our network completely. &nbsp;The cloud. <br />
<br />
We're asking for advice on finding the best, not too expensive, easy would be a plus, way to secure the public SQL box? &nbsp; &nbsp;Maybe our apps need some specific security programmed in APIs? &nbsp;Tokens? &nbsp;SSL? &nbsp;Tunnel? &nbsp; We already did the basics things like avoiding port 1433, and strong creds policies, etc, but these are weak. &nbsp; &nbsp;We're seeking direction to secure a public SQL Server.<br />
<br />
<br />

</div>
</div>



We have a SQL Server 2008 std on W2k8 Srv.   SQL instance has about 20 separate databases, for access by our different clients with their own login creds.   Our current security is that clients RDP into our LAN, everything inside our 192.x network.    Our primary app is written in VB6 enterprise with connects to the SQL database. 

If we move to Amazon AWS, it'll be like moving our existing SQL to public facing internet.  We're also planing to move the VB6 App to the individual desktops of the clients, which effectively takes everyone off our network completely.  The cloud. 

We're asking for advice on finding the best, not too expensive, easy would be a plus, way to secure the public SQL box?    Maybe our apps need some specific security programmed in APIs?  Tokens?  SSL?  Tunnel?   We already did the basics things like avoiding port 1433, and strong creds policies, etc, but these are weak.    We're seeking direction to secure a public SQL Server.




SQL 2008 server in Amazon cloud, how to do security?

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Cloud computing, also known as on-demand computing, is a kind of Internet-based computing where shared resources and information are provided to computers and other devices. It is a model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources. Cloud computing and storage solutions provide users and enterprises with various capabilities to store and process their data in third-party data centers, relying on sharing of resources to achieve coherence and economies of scale.

Cloud Computing

Amazon Web Services (AWS), is a collection of remote computing services, also called web services, that make up a cloud-computing platform  operated from 11 geographical regions across the world. The most central and well-known of these services include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". Other services include Elastic MapReduce (EMR), Route 53 (a DNS web service),  provides a highly available and scalable Domain Name System (DNS) web service, Virtual Private Cloud (VPC), storage, database, deployment and application services.