Configuring Gateway for Older Interfaces or Proxies | Teradata Vantage - Configuring the Gateway to Allow Logons from Older Interfaces or Proxies - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantageā„¢

The gateway can be configured to allow logons from older client interfaces or proxies that do not support Teradata Vantage network security policy, even when security policy is configured. A Gateway Control (gtwcontrol) utility option can be set to allow older clients to log on even if security policy that they are unable to automatically follow has been set for them. This allows a mix of newer clients that can accept security policy from the database and older clients that cannot accept it.

When the gateway has been configured to allow logons from older client interfaces, the client interfaces must be manually configured to be within policy or they are forced off for violating policy.

When the gateway has been configured to allow logons from older proxies, these proxies cannot guarantee that the clients logging on through them can automatically follow policy, nor can they transmit policy to clients that could otherwise automatically follow it. For this reason, all clients that log on through such proxies must be manually configured to be within policy or they are forced off for violating policy.

For more information, see Teradata Vantageā„¢ - Database Utilities, B035-1102.

To identify client interfaces or proxies that do not support Teradata Vantage network security policy, see Auditing Logons by Clients that Cannot Automatically Follow Security Policy.

Default Setting for --secpcynotsupported logon

By default the gateway does not allow logons by clients or proxies that are unable to support security policy when security policy applies. To restore the default setting, use:

gtwcontrol --secpcynotsupported logon=no

To enable the gateway to allow these logons, use Gateway Control:

gtwcontrol --secpcynotsupported suboptions