If your running MS-SQL, i can safely assume your running an Active Directory Environment, in that case, implement IPSEC, its cross platform and provides encryption (kerberos can be used) and authentication (well, Active Directory atleast)....

This method will stop hackers from packet sniffing the information, however, as stated before, this is only protecting against another revenue of attack, more layers maybe needed....