If the database is local-only then disable ALL netlibs and use shared memory to access the SQL Server.  If you must connect from remote clients, use TCP/IP and enable encryption (non-trusted subnets) .   Only use the alternative netlibs (NwLink, Names Pipes, Banyan, etc) if need be in those integration scenarios.

SQL Server 2000 includes the new Super Sockets net-lib which can do SSL over any of the protocols. It is highly recommended you make use of this in lieu of the multi-protocol encryption. Remember that a server certificate must be installed before the encryption can occur. The certificate must match the DNS name of the server and be issues by a certificate authority that the client trusts.

Yet another option if you are using Windows 2000 is IPsec. IPsec will allow you to encrypt ALL traffic between the client and server. This is a good solution when you have complete control over the server and the clients can take the time to learn IPsec policy deployment.