Table of Contents

Search

  1. Preface
  2. Introduction to Dynamic Data Masking
  3. Rules
  4. Connection Rules
  5. Security Rules
  6. Security Rule Set Simulator
  7. Masking Functions
  8. Stored Procedure Result Set Masking
  9. Integration with Informatica Products
  10. Appendix A: XML Functions Reference
  11. Appendix B: Glossary

Connection Rule Actions

Connection Rule Actions

The connection rule action defines the process that the Dynamic Data Masking service applies to the connection after the Rule Engine identifies a match.
Apply connection rule actions to manage the connection routing. An action can determine whether the Rule Engine blocks the connection request, applies a rule set to the connection, or forwards the connection to the database.
The following table describes the connection rule actions:
Connection Rule Action
Description
Nothing
Applies the connection processing action, but does not apply an action.
Folder
Creates a folder and processes the connection through the contents of the folder until a processing action stops the Rule Engine. Use the folder action to nest rules that are conditional upon each other.
Use the continue processing action with the folder connection rule action to apply the rules defined within the folder.
Switch to database
Forwards connections to the specified database.
Direct
Connects applications and clients directly to the target database. When the Rule Engine applies the direct action, the connection bypasses the Dynamic Data Masking service. You can only use the Direct action with the DDM for Oracle service.
Use rule set
Applies the specified security rule set to the SQL statement request.
Refuse
Defines the access that an application has to the database. The application receives an error that indicates that the database refuses the connection.
Transparent Archive
Routes the request to the Data Vault. Define the following parameters:
  • DDM Database Name. The Dynamic Data Masking database name for the Data Vault that you define in the Management Console.
  • DBA User. The Data Archive user name.
  • DBA Password. The password for the Data Archive user.
Load Control
Sets the priority levels for primary and secondary Dynamic Data Masking Servers when you configure Dynamic Data Masking Server high availability for Db2. Define the following parameters:
  • Host. The host names of the Dynamic Data Masking Servers.
  • Port. The listener port numbers of the Dynamic Data Masking Servers.
  • Priority. The priority of the Dynamic Data Masking Servers.