Advice on Design of Agent Program to get/put SQL data

we are developing an agent that will reside on endpoints (computers) and they will have to talk through a firewall to a SQL server.  The problem is we want to make this as secure as possible, and have doubts that direct connections to SQL is the way to go.  Trying to get some opinions on best method to do this. Here is what we are considering.

1.  A web service located on same box as SQL server, the agents talk to the web service instead of SQL directly.  Would use IIS and SSL

2. A socket windows service that listens on port xxx on server, the agents talk to this service, the service communicates to SQL and returns results.

Our programmers are thinking 1 is the best and most secure way, but wanted to get some others thoughts and ideas
Who is Participating?
TempDBAConnect With a Mentor Commented:
I second the first idea.
Kelvin McDanielConnect With a Mentor Sr. Developer/ConsultantCommented:
Of the two, #1 is definitely the more secure.
binaryevoConnect With a Mentor Commented:
I agree with my colleagues, #1 is going to give you the most flexibility and security.
rknealAuthor Commented:
was hoping for a little backup other than just choosing, but received very detailed explanation from programmer today that made it clear.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.