通过 Internet 将数据从 SQL Server 安全传输到 SQL Server [英] Secure transfer of data from SQL server to SQL server over the Internet

问题描述

我需要每天将数据从 SQL Server (2008) 传输到 SQL Server (2005).其中一台服务器位于我们的网络主机上，因此数据将通过 Internet 传输.在同一个网络上，我会使用 SSIS 来传输数据，但在 Internet 上这不是一个安全的选择.有没有安全的方法来实现这一点?

I need to transfer data daily from SQL Server (2008) to SQL Server (2005). One of the servers is located at our web host so the data will be transferred over the Internet. On the same network I would use SSIS to transfer the data, but over the Internet this is not a secure option. Is there a secure way of achieving this?

推荐答案

您可以在 SQL Server 中使用 SSL (2000/2005 说明/2008 说明)和然后强制对两台机器之间的连接进行协议加密.您也不必使用购买的 SSL 证书，您可以使用 Windows Server 证书服务来生成一个 - 但是，如果您这样做，则 CRL 必须位于两台服务器都可以连接的计算机上.一个简单的方法是在一个独立的机器上安装证书服务，也许只是一个虚拟机和 配置它为其 CRL 嵌入公共 DNS 名称.这不一定是一台运行证书服务的机器，只需您拥有并可以上传到的机器.然后你就可以生成证书并发布CRL和tada，一切都完成了.

You can use SSL with SQL Server (2000/2005 Instructions / 2008 Instructions) and then force protocol encryption on the connection between both machines. You don't have to use a purchased SSL certificate either, you can use Windows Server Certificate Services to generate one - however if you do so then the CRL must be on a machine that both servers can connect to. An easy way to do this is install Certificate Services on a stand alone machine, perhaps just a VM and the configure it to embed a public DNS name for it's CRL. This doesn't have to be a machine running Certificate Services, just something you own and can upload to. Then you can generate the certificates and publish the CRL and tada, all done.

您需要确保服务帐户 SQL 正在运行 访问它正在使用的证书的私钥.

You will need to ensure the service account SQL is running as has access to the private key of the certificate it is using.

这篇关于通过 Internet 将数据从 SQL Server 安全传输到 SQL Server的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！