17.10 - Rules for Using Network Groups to Define Policy Effects - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

Each ipNetwork object can appear in as many network groups as needed.

Each ipNetwork object functions independently, so overlap of IP address ranges among several ipNetwork objects is allowed.

You can create as many ipNetwork and network group objects as is required to represent the IP address ranges you want to use for assigning security policies.

To avoid detailed searches of the directory that would be required to verify the effects of IP based policy assignments, the database holds policy-related IP information in the network cache. The network cache is not updated dynamically.

If you make changes to ipNetwork or Network Group objects in the directory you must perform a TPA reset to force the database to reload the network cache and make the revised information available for policy enforcement.