Isn't Advanced Security a database options to be licensed separately? A cheaper solution may be to configure IPSec between client and server, although it does not protect end-to-end (Data get encrypted/decrypted between network endpoints, but between the network and application/database they are not). IPSec provides machine authentication, but not users - but user authentication can still be performed ad the database level.