My question is about allowing and securing connections to SQL Server 2000 over the internet. The company that I work for has an application server that several of our clients connect to via the internet using secure .NET remoting. Basically, the clients have a desktop application that they run that creates a remoting connection to our server software and we handle the server/database part. Anyway, one of our clients now wants to use Crystal Reports to run ad hoc queries on their data that is hosted on our SQL 2000 database server behind our firewall. Obviously, opening up a port in our firewall and allowing someone to run ad hoc queries on the database makes us all more than a little nervous about security.
Has anyone else here had to deal with this sort of situation before? We'd like to set up a secure, encrypted connection for this one client, but still keep it locked down for everyone else. Is it as simple as enabling encryption and generating SSL certificates for the client machine and our server? I've only been able to find a few resources that help with bits and pieces of the problem, never anything tackling the issue as a whole. If anyone has any thoughts, experiences, links, etc. to share it would be greatly appreciated. We are a small company and no one here has experience with this sort of thing.
Cheers!
Justin
Hi Lovero,
You could setup your SQL Server to doesn't use default port (1433). You will use custom port (10030) for example or another.
Good coding!
Javier Luna
http://guydotnetxmlwebservices.blogspot.com/
|||Yes, we certainly plan to change the default port on SQL Server in addition to any other steps we take. Actually, since there will be port forwarding from the firewall, I'm not sure that it's a required step, but probably a good idea. I'm much less sure about how to set up the whole security/encryption framework.|||
Yes, It is good idea :)
Good Coding!
Javier Luna
http://guydotnetxmlwebservices.blogspot.com/
No comments:
Post a Comment