Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Encrypting data from Oracle to MS SQL over WAN Expand / Collapse
Author
Message
Posted Friday, May 2, 2014 8:36 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Tuesday, May 6, 2014 8:02 AM
Points: 3, Visits: 39
I have been tasked to find a solution for Encrypting data being transferred from an Oracle database in one state to a SQL database in another. We setup MDS and DQS and want to send the data directly from the oracle db to the sql db. Currently they are transferring the data to an excel file and encrypting it and sending it through email. Not having done anything with encryption for either database im not sure what I need to do. I do know that both programs can use TDE but not sure if that is the solution here. Ive been looking at Encryption appliances but will they actually encrypt your data for you along with creating the keys or do you have to encrypt the data and then send it to the Encryption appliance for the key and send it off through there?
Post #1567064
Posted Saturday, May 3, 2014 12:20 PM
SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Today @ 12:26 AM
Points: 2,532, Visits: 7,090
First thought would be a VPN implementation, encrypts the point to point communication
Post #1567288
Posted Sunday, May 4, 2014 12:27 AM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Yesterday @ 11:55 AM
Points: 6,752, Visits: 14,397
Is the oracle database on unix or windows?
Both sql server and oracle have their own TDE feature but that wont encrypt the comms point to point. Best way would be to use IPSec to secure the communication channel between the hosts.


-----------------------------------------------------------------------------------------------------------

"Ya can't make an omelette without breaking just a few eggs"
Post #1567315
Posted Monday, May 5, 2014 8:47 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Tuesday, May 6, 2014 8:02 AM
Points: 3, Visits: 39
@ Eirikur Eiriksson-

We thought about this as part of the options but the connection would have to be permanently up and if data isnt getting sent all the time then the connection would have to be brought back up every time it dropped. we could use a ping to keep the talk going but im not sure this is the best solution since there will be too many moving parts. Unless you know a good way to make sure the vpn connection permanent?
Post #1567546
Posted Monday, May 5, 2014 9:12 AM
SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Today @ 12:26 AM
Points: 2,532, Visits: 7,090
This depends of the type of connection between the two points. My advice is to configure this at the network level, even with a DSL connection, a Layer 4/7 VPN should be straight forward.

Post #1567557
Posted Monday, May 5, 2014 10:18 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Tuesday, May 6, 2014 8:02 AM
Points: 3, Visits: 39
How about just using Certificates? Are they trusted enough to make sure the information is encrypted over the WAN since the data being sent has PII? I'm trying to keep this solution as simple as possible but still trying to make it as safe as possible. Can you use Certificates going from an Oracle database to a SQL database? I believe the Oracle database resides on a Unix box.
Post #1567602
Posted Monday, May 5, 2014 10:28 AM
SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Today @ 12:26 AM
Points: 2,532, Visits: 7,090
I would have thought so, better ask around, been a while
From a unix/linux box, the most straight forward would be ssh-tunnel.
Post #1567612
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse