Security Basics mailing list archives

Re: Secure Database Communication

From: Chad Giulini <chad.giulini () gmail com>
Date: Thu, 10 Feb 2005 14:28:15 -0500

On Thu, 10 Feb 2005 10:20:04 -0800, Casey Mees <casey.mees () gmail com> wrote:

Establish a VPN. I have a Cisco PIX at each location with VPN support so
I could establish a VPN between the two Cisco PIX's. From the reading I
have done regarding VPN's this seems to be overkill considering I only
need to secure communication on the DB port. VPN's seem to be able to
accomplish this, but do a lot more that I don't foresee needing.


The PIX-PIX VPN solution is certainly worth looking into.  I've set up
and seen a number of similar configurations and never run into any
trouble.  Once you have the tunnel configured, you really shouldn't
need to touch it again.  Encryption/decryption can impose some
additional load on the firewall so that may be a consideration. 
Additionally, the encryption in this configuration is not end-to-end
as your data is only encrypted between the PIXes, not on the LAN.

Regards,

Chad


-- 
"The time to repair a roof is when the sun is shining."  -John F. Kennedy

Current thread:

Secure Database Communication Casey Mees (Feb 10)
- Re: Secure Database Communication Chad Giulini (Feb 10)
- Re: Secure Database Communication Steve (Feb 11)
- <Possible follow-ups>
- RE: Secure Database Communication Schott, Erik J Mr ANOSC/FCBS (Feb 11)