locked
Is SSL connection necessary for SQL Server in Intranet ? RRS feed

  • Question

  • Hi,

    I have a SQL Server and an application server that connects to it. The SQL Server contains highly sensitive data. They are all in the intranet. Should I setup SSL connection to secure the connection between them ? Is it enough to deter internal sniffer ?

    I've heard of IPSec which can be configured to secure IP connections too.

    Please kindly advise.

    TIA !

    Friday, July 11, 2014 8:07 AM

Answers

  • Yes its good to have if you want to protect servers and datas and so that you can allow  only secured connections and etc..

    http://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx


    Raju Rasagounder Sr MSSQL DBA

    • Proposed as answer by Sofiya Li Monday, July 14, 2014 7:14 AM
    • Marked as answer by Sofiya Li Friday, July 18, 2014 2:16 AM
    Friday, July 11, 2014 8:29 AM

  •  Is it enough to deter internal sniffer ?

    Have a look at these links please:

    SQL Server Database Security Reminders & Resources

    How to encrypt sensitive information in your SQL Server databases


    Saeid Hasani [sqldevelop]

    • Proposed as answer by Sofiya Li Monday, July 14, 2014 7:14 AM
    • Marked as answer by Sofiya Li Friday, July 18, 2014 2:17 AM
    Friday, July 11, 2014 8:49 AM
  • Should I setup SSL connection to secure the connection between them ? Is it enough to deter internal sniffer ?

    SSL will protect data via encryption as it is transferred over the network, so a network packet sniffer cannot read the data.


    Dan Guzman, SQL Server MVP, http://www.dbdelta.com

    • Proposed as answer by Sofiya Li Monday, July 14, 2014 7:14 AM
    • Marked as answer by Sofiya Li Friday, July 18, 2014 2:17 AM
    Saturday, July 12, 2014 11:37 PM

All replies

  • Yes its good to have if you want to protect servers and datas and so that you can allow  only secured connections and etc..

    http://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx


    Raju Rasagounder Sr MSSQL DBA

    • Proposed as answer by Sofiya Li Monday, July 14, 2014 7:14 AM
    • Marked as answer by Sofiya Li Friday, July 18, 2014 2:16 AM
    Friday, July 11, 2014 8:29 AM

  •  Is it enough to deter internal sniffer ?

    Have a look at these links please:

    SQL Server Database Security Reminders & Resources

    How to encrypt sensitive information in your SQL Server databases


    Saeid Hasani [sqldevelop]

    • Proposed as answer by Sofiya Li Monday, July 14, 2014 7:14 AM
    • Marked as answer by Sofiya Li Friday, July 18, 2014 2:17 AM
    Friday, July 11, 2014 8:49 AM
  • Should I setup SSL connection to secure the connection between them ? Is it enough to deter internal sniffer ?

    SSL will protect data via encryption as it is transferred over the network, so a network packet sniffer cannot read the data.


    Dan Guzman, SQL Server MVP, http://www.dbdelta.com

    • Proposed as answer by Sofiya Li Monday, July 14, 2014 7:14 AM
    • Marked as answer by Sofiya Li Friday, July 18, 2014 2:17 AM
    Saturday, July 12, 2014 11:37 PM