This feature allows auditing the security level used by the client interfaces when communicating with the gateway. Enable this feature when you need to know what security level client interfaces are using when sending messages to the database. When enabled, security level changes are logged to the gateway log.
There are three auditing options:
- No auditing. The feature is disabled, so nothing is logged.
- Audit everything. Any change in the security level used by a client interface for a session is logged in the current gateway log file.
- Audit cleartext. This only logs security level changes that result in a security level that does not guarantee confidentiality.
Network encryption auditing reports the following security levels: Plaintext, Integrity (Default, Low, Medium, High), and Confidentiality (Default, Low, Medium, High).
This feature is enabled from gtwcontrol. It is disabled by default.
Benefits
- Allows internal and external security auditors to know which security levels are being used on all connections and when.
- Allows security administrators to identify IP addresses and users not in compliance with security policy.
Considerations
- Increases the amount of logging in the gateway logs.
- The auditing information is scattered throughout the log file because it is logged (along with other entries) by the session’s gateway to its current log on its own node.
- The auditing information is ephemeral; a new log is opened on restart or when the old log reaches a certain size and logs older than seven days old are deleted when a gateway opens a new log.
- The auditing information is not entered into database tables, so it must be extracted from the logs and imported to the database to allow sophisticated analysis.
Additional Information
For more information on network encryption auditing, see Teradata Vantage™ NewSQL Engine Security Administration, B035-1100 and Teradata Vantage™ - Database Utilities , B035-1102 .