RATE THIS ANSWER
0
Click to Vote:
- 0
0
Last Answered:
Jul 17 2008 1:45 AM GMT
by Mrdenny
Be sure you understand
SQL injection vulnerabilities. Ensure the system remains patched to the most current level. Limit management connections from your private network. Setup some type of monitoring to watch the system services and any attempts at exploiting weaknesses (not a trivial thing but a good idea).
----------
You'll want to setup port 1433 in the firewall to allow traffic from your networks public IP address(es) only. Otherwise people would be able to access the database from the Internet which will give them a way to break into your database. Having a database directly accessed from the Internet makes it a question of when someone will break in, not if someone will break in.
I would recommend setting up a VPN between the two sites so that the data between the sites is encrypted. This also gives the added benefit of not needing the SQL Server to be available from the Internet at all.
As for name resolution I'd recommend putting a DNS entry into your local DNS server pointing to the IP address which you need to access the SQL Server over. This way if you need to change the IP, you can simply update DNS without needing to reconfigure every one's connection string.
Also I'd recommend using OLE instead of ODBC. OLE is slimmer and a little bit faster then ODBC.
SQL Server 2000, Remote access, .NET, SQL server database
I have been tasked to set up access from a remote site to a SQL Server 2000 database. The user interface was programmed in .NET. This database will sit outside our firewall and will be protected by its own firewall. The application currently uses an ODBC connection to the database. Do you have any suggestions for implementation? 
