we are developing an agent that will reside on endpoints (computers) and they will have to talk through a firewall to a SQL server. The problem is we want to make this as secure as possible, and have doubts that direct connections to SQL is the way to go. Trying to get some opinions on best method to do this. Here is what we are considering.
1. A web service located on same box as SQL server, the agents talk to the web service instead of SQL directly. Would use IIS and SSL
2. A socket windows service that listens on port xxx on server, the agents talk to this service, the service communicates to SQL and returns results.
Our programmers are thinking 1 is the best and most secure way, but wanted to get some others thoughts and ideas