16.10 - About GDO-Based IP Access Restriction - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

You can define IP restrictions in:

  • Teradata Database, by creating an XML IP document
  • A supported directory, by configuring Teradata schema objects in the directory
    You must use Teradata schema extensions to configure IP filter directory objects. Directories configured without Teradata extensions, as shown in Using Native Directory Schema to Provision Directory Users, cannot use directory-based IP restrictions.

After defining the IP restrictions, you must transfer them to the IP restriction GDO.

The system applies IP restrictions to users based on:

  • Filters that define allowed or denied IP addresses or address ranges.
  • The users assigned to each filter.

The Gateway screens each database logon and allows or denies the logon according to the IP restrictions in the GDO. If no IP restrictions exist, the database allows logons from any IP address to an authenticated user.