Performance issues with securing remote database connection

Question

I am involved in creating a system where the web application and the database won't be hosted on the same LAN or WAN, i.e. data will be transferred across public network. The web server and database server will be located in the same country.

As the data communication needs to be secure I am researching a couple of options:

Option 1: IPsec tunnel between web server and database server

Option 2: Encrypting data using SSL between web server and database server

To try to give some background, the purpose of the web application is to present data (mostly graph co-ordinates, text labels, etc) from the database so for each page request there will be 1-2 database requests returning 10-100 records.

Questions:

1. How much will encryption degrade the application performance?
2. How much will having disparate locations for web and database servers affect performance?
3. Would there be a performance difference between the two options?

Am still researching, but any help would be appreciated, I know the question are a bit general so general answer is okay or experience with this type of disparate server model would be great too!

I've read this post: How much overhead does SSL impose?

Answer 1

I feel you can create a WCF application hosted in same LAN where your database server is. After this you have flexibility to put some secure mechanism on WCF and database.

You website can make WCF calls to retrieve and save the data rather than over complicating the things.

Hope this helps.