17.10 - Using ipNetworks and Network Groups to Assign Policy - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

An ipNetwork object defines an IP address range that can be used to define security policy assignments. However, ipNetwork objects do not link directly to a security policy. Instead, you must create internal and external network group objects, assign network group membership for ipNetwork objects that define affected IP address ranges, and then assign security policy membership to the network groups to link the IP address ranges to policies.

The following policy types can be assigned by IP address:

  • Quality of Protection (QOP) policies for integrity and confidentiality.
  • Options policies (has-policy and no-direct-logon)