16.10 - Rules for Using Network Groups to Define Policy Effects - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

Each ipNetwork object can appear in as many network groups as needed.

Each ipNetwork object functions independently, so overlap of IP address ranges among several ipNetwork objects is allowed.

You can create as many ipNetwork and network group objects as is required to represent the IP address ranges you want to use for assigning security policies.

To avoid detailed searches of the directory that would be required to verify the effects of IP based policy assignments, the database holds policy-related IP information in the network cache. The network cache is not updated dynamically.

If you make changes to ipNetwork or Network Group objects in the directory you must perform a TPA reset to force the database to reload the network cache and make the revised information available for policy enforcement.