Authenticating,Encrypting snort sensor traffic to the remote database

["Sean Wheeler" <S.Wheeler () netprotect ch>]

Greetings all,

I have a requirement for having snort sensors scattered cross the internet and each logging to a central MySQL database.
While this piece in itself was not an issue at all, the additional requirement was that the data between snort & the DB 
must be authenticated & encrypted.

I have a working scenario in the lab using FreeS/WAN, and short snippet from www.freeswan.org is :
These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted 
net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual 
Private Network or VPN. This is a network which is effectively private even though it includes machines at several 
different sites connected by the insecure Internet. 

Anyway the lab environment is working very nicely and stable, albeit a far cry from across the internet scenario which 
is to come in later testing.

My question is : Is anyone else having this encrypted requirement and what have you done to provide the 
authentication/encryption layer ?

I am pretty happy with the stability and capability, but I would like to know if there are other options or 
implementations which have been successfully completed with this requirement.

look forward to hearing about your implementations or if you have not done so, your ideas or concepts would be equaly 
intresting to hear.

regards

Sean