17.10 - Understanding Interactions Between Primary and Secondary Masked IPs - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Advanced SQL Engine
Teradata Database
Release Number
Release Date
July 2021
Content Type
Publication ID
English (United States)

An IP filter can contain both an allow and a deny element, although it is not required. The interaction between the two element types (and their masks) depends on the type of filter they inhabit. The filter type determines which element the system processes first (the primary), as shown in Working with the Effects of Filter Type on allow and deny Elements. The primary element determines the basic rules by which the filter operates. The secondary element defines the exceptions to those rules.

The examples that follow show the interaction between allow and deny elements.

These examples are for a restrictive filter. Masking principles for a permissive filter are similar, but the filter tests allow and deny elements in the opposite order.