locked
What's the difference between IPSec and SQL Encrypt Connection RRS feed

  • Question

  • Good afternoon,

    I'm currently struggling to decide the best approach to take with regard to encrypting SQL connections.

    I've been looking at Encrypting Connections to SQL Server using SSL and configuring through the SQL COnnection manager.

    Our network admins are saying that we could get the same effect by using IPSec and simply encrypt ALL traffic on the network, not just connections to SQL.

    Does anybody have any experience with this?  What is the difference between the two technologies?  What are the pros and cons to each?

    Sorry for the vagueness and openness of this question.

    Regards,

    Andy

    Thursday, March 12, 2015 12:09 PM

Answers

  • Hi Andy,

    Based on my research, Internet Protocol Security (IPSec) is provided by the client and server operating systems and requires no SQL Server configuration. However, Secure Sockets Layer (SSL) is implemented by SQL Server, and SSL is most commonly used to support Web clients, it can also be used to support native SQL Server clients.

    The main advantages to SSL over IPSec are as follows:

        • Minimal client configuration.

        • Configuration on the server is straightforward.

    A drawback of SSL encryption is that once the ForceEncryption option is set to Yes, it encrypts all data between SQL Server and clients which can cause performance degradation.

    For more details about IPSec , I would like to recommend you post the question in the Windows Server forums for better support.

    Reference:
    http://basitaalishan.com/2012/07/16/encrypting-connections-to-sql-server/
     

    Thanks,
    Lydia Zhang


    Lydia Zhang
    TechNet Community Support



    Friday, March 13, 2015 2:11 AM