S-GATE actions
Since session-level policies can end sessions before processing SQL, it's possible to use
session-level policies for firewall optimization. For example, it's possible to prevent malicious
access by using session-level policies to end sessions (using the S-GATE SESSION TERMINATE action)
whenever a database user accesses a specific program or from a specific IP address.
Important: The S-GATE SESSION policy rule actions require setting
firewall_default_state=2
in the S-TAP configuration. For more information about the
firewall_default_state
setting, see S-TAP configuration
firewall parameters.- S-GATE SESSION ATTACH
- S-GATE SESSION ATTACH ON REQUEST
- S-GATE SESSION DETACHNote: S-GATE SESSION DETACH can be used to detach IBM® Knowledge Catalog sessions. For more information about integrating IBM Knowledge Catalog with Guardium see Integrating with IBM Knowledge Catalog for federated data protection.
- S-GATE SESSION DETACH ON REQUEST
- S-GATE SESSION ATTACH OR DETACH
- S-GATE SESSION TERMINATE
- S-GATE SESSION TERMINATE ON REQUEST