checking ssl encryption in firewall

From: Andreas Birgerson (andbir@sema.removethis.se)
Date: 05/14/02


From: "Andreas Birgerson" <andbir@sema.removethis.se>
Date: Tue, 14 May 2002 13:25:36 +0200


I am using TCP at port 1433 and I am running SQL server 2000 sp2 and
I want to allow only ssl-encrypted sql traffic from some clients on the
internet and still allow unencrypted traffic on the backend (inside)
network.

Is there some bit or byte of the SQL server client request packet that I
can examine in my firewall to allow only SSL-encrypted SQL-traffic and drop
all other requests made to the same port?

- - -

Also - what does the certificate need to cover considering the following
scenario:

A) I have a machine name
"osiris.webprod.whatever.com"
 as part of an active directory that only exists on the DMZ. This dns domain
does not exist on the internet.

B) The machine also has its' own public dns entry "osiris.whatever.com"

C) There might be scenarios where clients on the internet will connect to it
as "sql.whatever.com"

So what/which certificate(s) do I need to purchase?

Thanks



Relevant Pages

  • Re: ISA Server Problems, please help
    ... > clients are unaffected, is it secureNAT clients which are affected? ... then checked Send the original host header to the publishing server instead ... > provided unrestricted internet access. ...
    (microsoft.public.windows.server.sbs)
  • Re: Cant RDP to severs desktop through RWW
    ... I understand that the issue occurs both in LAN and the Internet, ... 'Microsoft Firewall' service. ... Does this issue occur to all clients or several clients? ... I get the same error message ...
    (microsoft.public.windows.server.sbs)
  • Re: Online disk
    ... FTP ist here not really the securest one :-( If you're using Windows 2008 R2 and Win7 clients you could have a look at Direct Access which is really a genius solution for remote access scenario and built in! ... The performance depends mostly on the internet bandwith from datacenter and clients internet connection, also the latency is a huge factor for file access. ...
    (microsoft.public.windows.server.setup)
  • Re: After installing SBS 2003 two IE 6.0.29 SP2 clients that cannot to companyweb
    ... Mozilla, and other clients can access the http://comanyweb, the SBS server ... Reset the Internet Explorer Settings to Default. ... DHCP was turned off in SBS 2003. ...
    (microsoft.public.windows.server.sbs)
  • RE: Web Pages Stall
    ... The clients can access the internet via IE7. ... All proxy settings are correct. ... Do you still need the ISA logs?? ...
    (microsoft.public.windows.server.sbs)