17.10 - Gateway Processing of Permissive Filters - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)
  1. The Teradata Vantage gateway processes each incoming IP address against the permissive filter deny element.
    1. The filter masks the incoming IP address under test with the mask from the deny element.
    2. The filter masks the IP address in the deny element with the same mask.
    3. If the two masked IP addresses match, the filter identifies the IP address under test as a candidate for denial. The filter then ends the deny phase of testing.
  2. The gateway does allow-testing only if deny-testing identifies an IP address as a candidate for denial. If allow-testing does not override the denial, the gateway rejects the IP.
    1. The filter masks the incoming IP address under test with the mask from the allow element.
    2. The filter masks the IP address in the deny element with the same mask.
    3. If the two masked IP addresses match, the filter allows the IP address under test to access the database and then ends the allow phase of testing.