Greenplum continued to add more security features to make Greenplum database more secure. Here we will discuss few added in Security, Authentication and Encryption
enhancements added in the GPDB 4.3.2.0, 4.3.4.0 and 4.3.5.1.
enhancements added in the GPDB 4.3.2.0, 4.3.4.0 and 4.3.5.1.
The gadget spec URL could not be found
Note: For information about encrypting communication between Greenplum Database and an LDAP server, see “Configuring Client Authentication” in the Greenplum Database Administrator Guide. The gadget spec URL could not be found GPDB 4.3.2 support for encrypting communication between Greenplum Database and an LDAP server has been enhanced. Now Greenplum Database 4.3.2 supports LDAP authentication with the TLS/SSL protocol to encrypt communication with an LDAP server:
The gadget spec URL could not be found In GPDB 4.3.4.0 Greenplum announced 2 new enhancement related to Encryption and Client Connection. Adding Enhancement for Encrypting Data with the Greenplum Database pgcrypto extension, now you can use pgcrypto functions to store columns of data in encrypted form. When the Greenplum Database pgcrypto package version 1.2 is installed, you can enable pgcrypto support for Federal Information Processing Standard (FIPS) 140-2. The Greenplum Database server configuration parameter pgcrypto.fips controls the pgcrypto support for FIPS 140-2. gp_connection_send_timeout Timeout for sending data to unresponsive Greenplum Database user clients during query processing. A value of 0 disables the timeout, Greenplum Database waits indefinitely for a client. When the timeout is reached, the query is cancelled with this message:Could not send data to client: Connection timed out.
The gadget spec URL could not be found In GPDB 4.3.5.1 Greenplum announced encrypting communications between segment hosts. In a Greenplum Database cluster, you can use Internet Protocol Security (IPsec) to authenticate and encrypt communication between Greenplum Database segments on different hosts. When IPsec is enabled for Greenplum Database, a virtual private network (VPN), or tunnel, is established between every pair of hosts in the cluster and every packet exchanged between them is encrypted and sent through the tunnel. You can configure IPsec for a Greenplum cluster that run on Red Hat or CentOS hosts using Openswan, a popular IPsec implementation for Linux. Openswan provides user tools to enable IPsec on Linux. Note: Enabling this feature might impact Greenplum Database cluster performance. For information about configuring IPsec for a Greenplum Database cluster, see the Greenplum Database Administrator Guide. The gadget spec URL could not be found | Database Security, Authentication and Encryption (4.3.2.0, 4.3.4.0, 4.3.5.1) The gadget spec URL could not be found The gadget spec URL could not be found |