Oracle Audit Vault and Database Firewall (AVDF): In this article we will discuss about Oracle Audit Vault and Database Firewall 20.10 (AVDF 20.10).
AVDF audits databases and monitors network-based activities to help manage the security posture of Oracle and non-Oracle databases, hosted in the cloud or on-premises. AVDF is a scalable, flexible database activity monitoring (DAM) system that consolidates audit data from databases, operating systems, directories, file systems, and applications into a single repository for analysis, alerting, and reporting.
The main componenets of AVDF are listed below:
- Audit Vault server
- Database Firewall server
- Audit Vault agent
- Host Monitoring agent
Pre-requisites:
Below requirements are the pre-requisites for the installation of AVDF 20.10.
Hardware Requirements:
Below are the Hardware Requirements for AVDF 20.10 configuration.
Audit Vault Server Configuration:-
Server : One x-86 64 Bit (2U)
RAM : Minimum 8 GB
Disk : Minimum 220 GB
Network Port : Atleast One *
Database Firewall Server Configuration:-
Server : One x-86 64 Bit (2U)
RAM : Minimum 8 GB
Disk : Minimum 220 GB
Network Port : Atleast One *
* For redundancy requirement will be double.
Archiving Space:-
Separate storage (1 TB) (size will be dependent on Archive policy retention). It can be a NFS mount/a remote server/Windows file sharing. This can be specified when defining the archiving(retention) policy.
Software Requirements:
Below listed are the Software Requirements for AVDF 20.10 configuration.
1. Java SE Requirement - The AVCLI command line utility that the Audit Vault Server administrator uses and the avpack utility (which is part of the software development kit) require Java SE version 8 or 11.
2. Browser Requirements - Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Internet Explorer, and Microsoft Edge.
3. Installing Audit Vault Server on VMware (This is not recommended for Production setup).
Network Interface Cards Requirements:
Oracle recommended that the following number of network interface cards (NICs) are required for each x86 64-bit server on which you install the following components:
• 1 NIC for the Audit Vault Server
• At least 1 NIC for a Database Firewall operating as a proxy with no network separation
• At least 2 NICs for a Database Firewall deployed in Monitoring (Out-of-Band) or Monitoring (Host Monitor) mode
• 2 NICs for Database Firewall deployed in Monitoring / Blocking (Proxy) mode with network separation.
• At least 3 NICs for a Database Firewall deployed in Monitoring / Blocking (Proxy) mode. These 3 NICs are required for network separation, 1 NIC for management, 2 NICs for client and database network connections.
To Download the Software:
1. Use a web browser to access the Oracle Software Delivery Cloud portal: https://edelivery.oracle.com
2. Click Sign In, and if prompted, enter your User ID and Password.
3. In the All Categories menu, select Release. In the next field, enter Oracle Audit Vault and Database Firewall, and then click Search.
4. From the list that is displayed, select the Oracle Audit Vault and Database Firewall version you want to install. Or click the Select icon that appears against the specific release. The download is added to your cart. To check the cart contents, click View Items or Continue in the upper right of the screen.
5. In the next page, verify the details of the installation package, and then click Continue.
6. Read the Oracle Standard Terms and Restrictions displayed on the page. Select I reviewed and accept the Oracle License Agreement check box, and then click Continue. The download page appears and displays the list of ISO files for Oracle Audit Vault and Database Firewall.
Oracle AVDF 20.10 Installation for Linux x86-64
Audit Vault Server and Database Firewall are delivered as software appliance images, ready to be deployed on physical machines or on virtual machines (VM). For Oracle AVDF 20.4 and later, 2 different ISO files are there one is the Audit Vault Server ISO and another is Database Firewall Server ISO. Start with the installation of Audit Vault Server and later install Database Firewall.
Here we are going to install and configure AVDF 20.10 for Linux x86-64. so we will start the installation of Audit Vault Server first and later install Database Firewall Server.
After completed AV and DF both server installation we required to install 2 Agents on all target Database Servers. Two agents are there one is Audit Vault agent and another is Host Monitoring agent.
Please click on the below links to install & configure the complete AVDF 20.10 step by step:
- How to install Oracle Audit Vault Server.
- How to install Oracle Database Firewall Server.
- How to Register Database Firewall with Audit Vault Server.
- How to install Audit Vault Agent installation on Linux.
- How to install Host Monitoring Agent installation on Linux.
I hope my written content will helped you. Your suggestions/feedback are most welcome from orakldba.com. Keep learning… Have a great day!!!
Email :- orakldba@gmail.com
Please comment here for your any query related to above content. You can write to mail me through my Email.
LinkedIn :- https://linkedin.com/in/prasantakirtaniya
Twitter :- https://twitter.com/prasantadba
Facebook Page :- https://www.facebook.com/orakldba
Website :- https://orakldba.com
ACE Profile :- https://ace.oracle.com/apex/ace/profile/prasantakirtaniya