TLS Protection Options | Teradata Vantage - Using TLS with a Directory Server - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-05-03
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
Product Category
Teradata Vantage
If your site policy requires simple binds for directory authentication of database users, as shown in LDAP Binding Options, consider that simple binding introduces security risks:
  • Network connections to the database are vulnerable to man-in-the-middle attacks.
  • Communications between the directory and the database transmit user identities and passwords across the network in plain text.

To eliminate the these security risks, Teradata strongly recommends that you configure TLS protection for all systems that use simple binding.

FIPS (Federal Information Processing Standard) compliance allows organizations to have robust information security programs. Both government and non-government organizations use FIPS when current industry standards or solutions do not meet government requirements. Teradata software running on SLES 12.3 is FIPS-compliant when connected through TLSv1.2 and linked with a FIPS 140-2 compliant version of OpenSSL. The OpenSSL libraries are automatically used.
Analytics Database runs in FIPS-compliant mode. This might impact third-party products libraries that get loaded directly into the SQL processes if they use non-FIPS cryptographic functions, such as MD5 hashing.