Security Basics mailing list archives
Secure SQL Replication via GRPS
From: Stephane Favre <stephane () blue-matrix co za>
Date: Tue, 06 Dec 2005 12:05:45 +0200
Hi there Please.... I need advice urgently! We have a 3rd party designing an application for our 40 PDA's. It is meant to replicate a SQL database via GPRS. The SQL server hosting the databases to be replicated is currently in our DMZ. Our DMZ comprises of a Checkpoint FW on the outside and an ISA 2004 box on the inside. Yesterday they asked me to exposed a shared folder to the internet, I told them not a chance. They then request FTP, which I adviced was not the most secure protocol. They now request a pptp vpn to be enabled on the checkpoint firewall, enabling the pda devices to access the server via a vpn. What about IPSEC / L2TP with a pre-shared key? Could you please let me know if this is secure? And what would the most securest way to replicate a SQL database from a PDA accross GPRS? As I understand they are using SQL CE on the SQL server and using IIS for publishing the snapshots of the database. would it not be more secure to publish these webshots in IIS and making them available via HTTP or even HTTPS and via a shared folder? Help! Stephane
Current thread:
- Secure SQL Replication via GRPS Stephane Favre (Dec 06)
- Re: Secure SQL Replication via GRPS jim (Dec 07)