Troubleshooting
Problem
Guardium S-GATE firewall is in open mode and policy has S-GATE ATTACH rule followed by S-GATE TERMINATE rule (or S-TAP TERMINATE rule). When running a query that should be terminated in Microsoft SQL Server Management Studio (SSMS) the command is terminated the first time. When the same query is run again, the command completes without being terminated. If the query is executed multiple times, only every other command is terminated.
Cause
After a session is terminated, the SSMS GUI automatically creates a new session if a new SQL is executed.
The new session and SQL are started and run immediately after each other, so the session can be attached but not terminated in that time. After the new session is attached, the next SQL causes it to be terminated.
The result is that for every other SQL executed, the session is terminated.
The cause of this behavior is a combination of the expected behavior of S-GATE in open mode and the reconnecting behavior of SSMS.
Environment
MSSQL Server using SSMS client
Diagnosing The Problem
The problem can be reproduced in a configuration like this example:
1. Set guard_tap.ini with firewall_installed=1, firewall_default_state=0
2. Set policy with Rule 1 S-GATE ATTACH on user. Rule 2 S-GATE TERMINATE on Object
3. Login to SSMS GUI with user
4. Run query against object -> Message appears saying connection is terminated
5. Run same query again -> It works
6. Run same query again -> Message appears saying connection is terminated
7. Repeat 5 & 6 indefinitely.
Resolving The Problem
This behavior is expected for S-GATE in open mode. The only way to guarantee the session is always terminated in a case like this is to use S-GATE in closed mode and S-GATE TERMINATE action.
Note the tradeoffs between S-GATE in open and closed mode. Using S-GATE in closed mode is expected to cause latency on the database server.
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21990010