Secure SQL Replication via GRPS

[Stephane Favre <stephane () blue-matrix co za>]

Hi there

Please.... I need advice urgently! We have a 3rd party designing an application
for our 40 PDA's. It is meant to replicate a SQL database via GPRS. The SQL
server hosting the databases to be replicated is currently in our DMZ. Our DMZ
comprises of a Checkpoint FW on the outside and an ISA 2004 box on the inside.

Yesterday they asked me to exposed a shared folder to the internet, I told them
not a chance. They then request FTP, which I adviced was not the most secure
protocol. They now request a pptp vpn to be enabled on the checkpoint firewall,
enabling the pda devices to access the server via a vpn. What about IPSEC / L2TP
with a pre-shared key?

Could you please let me know if this is secure? And what would the most securest
way to replicate a SQL database from a PDA accross GPRS? As I understand they
are using SQL CE on the SQL server and using IIS for publishing the snapshots
of the database. would it not be more secure to publish these webshots in IIS
and making them available via HTTP or even HTTPS and via a shared folder?

Help!

Stephane