The Client Information matcher is available for the DDM for JDBC and DDM for ODBC services.
The Client Information matcher provides an include and exclude list that you use to manage the clients that have access to the database. The include list specifies the clients that you want to restrict access to information within the database. The exclude list specifies the clients that you want to allow access to the database.
Enter the host name of the client where the JDBC or ODBC agent runs. The agent runs on the same machine as the application. You can find the host name in the
property value of the Dynamic Data Masking rule.log file.
When the Rule Engine applies the Client Information matcher, the Rule Engine parses the exclude list first. Clients that are on the exclude list bypass Dynamic Data Masking and access the database directly. Next, the Rule Engine parses the include list. Clients that are on the include list can access obfuscated data.
If you do not specify any information in the include list, all hosts can access unmasked data.
Configure the following parameters for the Client Information matcher:
Defines the client host name or IP address that you want to add to the include list. Add clients that you want to deny database access to.
Defines the client host name or IP address that you want to add to the exclude list. Add clients that you want to allow to access the database.