16.20 - Gateway Support to Allow Clients that Cannot Automatically Follow Security Policy to Log On - Teradata Vantage NewSQL Engine

Teradata Vantage™ NewSQL Engine Release Summary

prodname
Teradata Database
Teradata Vantage NewSQL Engine
vrm_release
16.20
created_date
March 2019
category
Release Notes
featnum
B035-1098-162K
This feature enables the Gateway to:
  • Allow logons from older client software or proxies that do not support Teradata Database network security policy.

    This allows a mix of newer clients that can accept security policy from the database and older clients that cannot accept it. A Gateway Control (gtwcontrol) option can be set to allow older clients to log on even if security policy that they are unable to automatically follow has been set for them.

  • Log messages identifying these older clients.

By default this feature is disabled. Use gtwcontrol --secpcynotsupported suboptions to enable it.

Benefits

  • Customers can continue to use older clients that cannot be immediately upgraded or replaced.
  • Customers can identify older clients that will need to be manually configured, upgraded, or replaced if network security policy is to be used.

Considerations

  • Proxies that do not support Teradata Database network security policy affect the way this feature handles clients connected through them in ways that may not be obvious. See the documents referenced in Additional Information for the details.
  • Logging impacts:
    • Increases the amount of logging in the gateway logs.
    • The information is scattered throughout the log file because it is logged (along with other entries) by the session’s gateway to its current log on its own node.
    • The information is ephemeral; a new log is opened on restart or when the old log reaches a certain size and logs older than seven days old are deleted when a gateway opens a new log.

Additional Information

For more information on Gateway support for clients that cannot automatically follow security policy, see Teradata Vantage™ NewSQL Engine Security Administration, B035-1100 and Teradata Vantage™ - Database Utilities , B035-1102 .