[vpn] DB and VPN

Dante Mercurio dmercurio at ccgsecurity.com
Mon Dec 24 08:10:37 EST 2001

If I understand you correctly, VPN does not sound like the best solution
for this project. If the only thing your vendors need access to is a web
interface, your best bet is to set up a certificate server, and issue
certificates to the vendors. Make sure your webserver only accepts
certain certificates to authenticate, and have the vendors install the
certificate on the machines they wish to access with.

1) This ensures only authenticated users will have access to the web
2) SSL encrypts the data so you are secure there.
3) You can suspend or restrict access by revoking a certificate.
4) It is much easier to manage than trying to install VPN software with
many different people using different hardware, and using different

Just a thought.

M. Dante Mercurio, CCNA, MCSE+I, CCSA
Consulting Services Manager
Continental Consulting Group, LLC

www.ccgsecurity.com <http://www.ccgsecurity.com> 

dmercurio at ccgsecurity.com <mailto:dmercurio at ccgsecurity.com> 

> -----Original Message-----
> From: Paul J P Slater [mailto:pjpslater at ntlworld.com] 
> Sent: Friday, December 21, 2001 3:41 AM
> To: vpn at securityfocus.com
> Subject: [vpn] DB and VPN
> Hi,
> I am just about to embark on a database project which will 
> most probably end up in a VPN. Users (through a web browser) 
> will be able to read and (with
> privs) alter the .db contents. More than likely it will be MS 
> SQL server 2000 on a Wintel platform.
> What are the known VPN minefields for this ?
> Seasons Greetings,
> Paul Slater
> VPN is sponsored by SecurityFocus.com

VPN is sponsored by SecurityFocus.com

More information about the VPN mailing list