About Permissive Filters - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.05
17.00
Published
September 2020
Language
English (United States)
Last Update
2021-01-23
dita:mapPath
ied1556235912841.ditamap
dita:ditavalPath
lze1555437562152.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢

A permissive filter without a deny element permits logons from all IPs regardless of which IPs are explicitly allowed by the allow element. You can use permissive filter deny elements to define denied IPs for a list of users, and then optionally use an allow element to enable some IPs within the denied range.

The Teradata Vantage gateway first processes permissive filter deny elements, and then processes the allow elements. As a result, the gateway denies any IP address listed in the deny element unless it also appears in an allow element, in which case the gateway allows the IP to access the database.