Security Basics mailing list archives
Re: Secure Database Communication
From: Chad Giulini <chad.giulini () gmail com>
Date: Thu, 10 Feb 2005 14:28:15 -0500
On Thu, 10 Feb 2005 10:20:04 -0800, Casey Mees <casey.mees () gmail com> wrote:
Establish a VPN. I have a Cisco PIX at each location with VPN support so I could establish a VPN between the two Cisco PIX's. From the reading I have done regarding VPN's this seems to be overkill considering I only need to secure communication on the DB port. VPN's seem to be able to accomplish this, but do a lot more that I don't foresee needing.
The PIX-PIX VPN solution is certainly worth looking into. I've set up and seen a number of similar configurations and never run into any trouble. Once you have the tunnel configured, you really shouldn't need to touch it again. Encryption/decryption can impose some additional load on the firewall so that may be a consideration. Additionally, the encryption in this configuration is not end-to-end as your data is only encrypted between the PIXes, not on the LAN. Regards, Chad -- "The time to repair a roof is when the sun is shining." -John F. Kennedy
Current thread:
- Secure Database Communication Casey Mees (Feb 10)
- Re: Secure Database Communication Chad Giulini (Feb 10)
- Re: Secure Database Communication Steve (Feb 11)
- <Possible follow-ups>
- RE: Secure Database Communication Schott, Erik J Mr ANOSC/FCBS (Feb 11)