Home Page for the TeradataForum
 

Archives of the TeradataForum

Message Posted: Fri, 07 Jan 2005 @ 08:54:26 GMT


     
  <Prev Next>   <<First <Prev Next> Last>>  


Subj:   Re: Restricting IPs
 
From:   Victor Sokovin

  Does anyone know of a way to restrict users logging on to the Teradata system by their IP address at login in time? The user himself might have access to Teradata Prod, let's say, but if they are on a particular machine/IP address and trying to log in then that user should be restricted from doing anything on Teradata Prod.  


  Hope that makes sense.  



It does make sense but it might be difficult to implement.

Just a few thoughts, though. If users use applications (not the "raw" TD tools), it is possible to implement such checking on the application level. Before even connecting to TD the application would notify the user that he/she is not on an approved machine he/she is allowed to connect from.

If a user has access to raw utilities, such as BTEQ, SQLA etc, and the database is not behind the firewall, then my understanding is that nothing will stop him/her from logging in.

It is possible to monitor the sessions, though, and track where they are coming from. You can then set up alerts or even disconnect certain sessions, if that is the requirement. I understand that tracking of the originating IP might sometimes involve going beyond the database as the session table might store the generic IP address of the firewall etc.


Regards,

Victor



     
  <Prev Next>   <<First <Prev Next> Last>>  
 
 
 
 
 
 
 
 
  
  Top Home Privacy Feedback  
 
 
Copyright for the TeradataForum (TDATA-L), Manta BlueSky    
Copyright 2016 - All Rights Reserved    
Last Modified: 27 Dec 2016