Getting Started with ALTR & Snowflake
Configure ALTR's Snowflake Service User
Connect Snowflake Databases
Connect Columns to ALTR
Creating Policy & Manage Data
Classification
Analytics
Column Access Policies
Thresholds
Row Access Policy
Audit Logs
Settings
Vault Tokenization
Tokenization API
Management API
ALTR Driver JDBC Installation
ALTR Driver ODBC Installation
Configure Tableau to Gain User Level Observability
Integrating ALTR Notifications with AWS S3
TDS Proxy Installation
CDM Installation
Custom Masking and Extensibility Functions
Bring Your Own Key for Vaulted Tokenization
The TDS Proxy is a database proxy that communicates on TDS protocol, which is the protocol leveraged by SQL Server. This proxy sits between your application and database - intercepting queries and commands and taking action based on your governance and security policies. ALTR's proxy is able to observe queries, control data access, and perform query and result set edits for tokenization support.
Similar to ALTR's Smart Drivers, ALTR's proxy solution supports three modes: Observe, Govern, and Protect.
TDS Proxy is able to identify every query made to a database including which columns and how many rows are returned in result sets. This enables customers to have full visibility into queries made against their database, including which users or applications performed those queries, what data was accessed, and how many values were accessed.
TDS Proxy is able to communicate with the ALTR platform to take governance action based on data access, enabling customers to control which users and applications can access what data.
The Proxy supports tokenization and detokenization of data for your databases, securing the data from malicious use and supporting PCI compliance standards. The Proxy is able to tokenize existing data, edit queries made on the fly to support operations on tokenized data, and detokenize query result sets.
Prerequisites
ALTR Customer Care will create an organization for your ALTR account.
ALTR Customer Care will provide a Docker image of the TDS Proxy.
Load the provided Docker image.
List the loaded Docker image. Make a record of the TAG name, this will be used to execute the container, in the following example it is master-xxxxxxxx
Configuration Parameters
All configuration parameters which do not have a default value are required.
DATA_GATEWAY_HOST(Type: String)
This is the hostname for the ALTR services data gateway. You can get this value from your customer care representative.
DATA_GATEWAY_PORT
This is the port for the ALTR services data gateway. You can get this value from your customer care representative.
DATA_GATEWAY_TRANSPORT_PROTOCOL(Type: String(SOCKET_IO))
This value should be set to SOCKET_IO
MACHINE_ID(Type: String)
Contact ALTR Customer care to retrieve this parameter value.
SELF_HOST_NAME(Type:String, Default: localhost)
The external name the TDS-Gateway would resolve to.
SQL_SERVER_HOSTNAME(Type: String)
The hostname of your SQL Server Database.
SQL_SERVER_PORT(Type: Number(Min: 0, Max: 65536), Default: 1433)
The port of your SQL Server Database.
LOG_LEVEL(Type: Number(Min: 2, Max: 9, Inclusive), Default: 6)
The log severity level to print to console. The higher the number the more visibility into the application. We recommend using the default value of 6.
