Network Security Groups for Teradata Database
When configuring a network security group, set up the port ranges listed below for each Teradata Database VM so the Teradata Database can be locked down to the local host. In particular, note the following:
- If you deploy a Teradata ecosystem or deploy Teradata Database using a solution template, incoming port 1025 is closed by default.
- Port 1025 is blocked in Teradata Database MPP VMs until the dbc password is changed.
When deploying a Teradata ecosystem from a solution template, Teradata uses a different set of security rules for the following software in the Teradata ecosystem and defines the network security group on the NICs of each of these VMs:
- Teradata Data Mover
- Teradata Data Stream Controller
- Teradata Ecosystem Manager
- Teradata REST Services
- Teradata Server Management
- Teradata Viewpoint
When deploying Teradata software separately from an image, you create a new or select an existing public IP address as well as a network security group when you configure the software. For more information, see Deploying Teradata Products Separately on Azure.