Skip Headers
Oracle® Audit Vault and Database Firewall Installation Guide
Release 12.1.1

E27778-08
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

1 Overview of Oracle Audit Vault and Database Firewall Installation

This chapter gives an overview of Oracle Audit Vault and Database Firewall (Oracle AVDF) and its installation.

Topics

See Also:

Oracle Audit Vault and Database Firewall Administrator's Guide for general information about secure installation, data protection, and general recommendations for deploying Oracle AVDF in a network and in special configurations

About Oracle AVDF

Topics

Oracle AVDF Features

Oracle Audit Vault and Database Firewall (AVDF) secures databases and other critical components of IT infrastructure (such as operating systems) in these key ways:

  • Provides a database firewall that can monitor activity and/or block SQL statements on the network based on a firewall policy

  • Collects audit data, and makes it available in audit reports

  • Provides dozens of built-in, customizable activity and compliance reports, and lets you proactively configure alerts and notifications

See this link for the Oracle AVDF data sheet and FAQ: http://www.oracle.com/technetwork/products/audit-vault-and-database-firewall/overview/overview-1877404.html

See Also:

Summary of Oracle AVDF Components and Users

This section briefly describes the Oracle AVDF components that you will install.

Topics

See Also:

Oracle Audit Vault and Database Firewall Administrator's Guide for more information about Oracle AVDF components, including a diagram of how they work together

Audit Vault Server

An Audit Vault Server is a dedicated server that has:

  • Tools to configure Oracle AVDF to collect audit data from secured targets, and/or apply firewall policies to secured targets.

    A secured target is a supported database or nondatabase product that you secure using an Audit Vault Agent, a Database Firewall, or both. For more information about the secured targets, see Oracle Audit Vault and Database Firewall Administrator's Guide.

  • An Oracle database, which provides a data repository for audit and firewall events.

For more information about the Audit Vault Server, see Oracle Audit Vault and Database Firewall Administrator's Guide.

Database Firewalls

A Database Firewall is a dedicated server that collects SQL data from network traffic going to and from a database and sends the data to the Audit Vault Server. Oracle AVDF can support one or more Database Firewalls, depending on your network scenario. For more information about Database Firewalls, see Oracle Audit Vault and Database Firewall Administrator's Guide.

Audit Vault Agents

An Audit Vault Agent retrieves audit trail data from a secured target database or nondatabase (such as an operating system) and sends it to the Audit Vault Server. Each secured target has its own dedicated Audit Vault Agent, which retrieves data from one or more of its audit trails. For information about the Audit Vault Agent and deploying it on secured target computers, see Oracle Audit Vault and Database Firewall Administrator's Guide.

Oracle AVDF Users

Oracle AVDF has the following users for the Audit Vault Server:

  • Administrator: This is the super administrator who can access the Audit Vault Server administration functions, and create other administrator users. Administrators perform all system configuration tasks including setting up connections to secured targets, audit trails, system and network services, maintenance, backup, high availablity, third-party integrations, etc. See Oracle Audit Vault and Database Firewall Administrator's Guide for detailed information.

  • Auditor: This is the super auditor who can access the Audit Vault Server auditing functions, and create other auditor users. Auditors perform Oracle AVDF auditing functions such as setting up audit and firewall policies, generating reports, retrieving entitlement information, setting up alerts, creating customer reports, etc. See Oracle Audit Vault and Database Firewall Auditor's Guide for detailed information.

  • support: This the Linux operating system user who does Audit Vault Server updates, and diagnostic or remedial tasks. Only use this account as documented, or as instructed by Oracle Support.

  • root: This is the Linux operating system user with the highest system privileges, and can do the same tasks as the support user. Only use this account as documented, or as instructed by Oracle Support.

Oracle AVDF has the following users for the Database Firewall:

  • Administration User: This user can the Database Firewall administration interface. The administration user can perform all configuration tasks on the Database Firewall, including setting up system networking and services, traffic sources, proxy configuration, view diagnostic information, configuring high availablity, etc. See Oracle Audit Vault and Database Firewall Administrator's Guide for detailed information.

  • support: This the Linux operating system user who does Database Firewall updates, and diagnostic or remedial tasks. Only use this account as documented, or as instructed by Oracle Support.

  • root: This is the Linux operating system user with the highest system privileges, and can do the same tasks as the support user. Only use this account as documented, or as instructed by Oracle Support.

About Oracle AVDF Installation

Briefly, the Oracle AVDF installation steps are:

  1. Understand the Oracle AVDF components to be installed.

    For information about the components, see "Summary of Oracle AVDF Components and Users".

  2. Plan the system configuration that best suits your needs.

    For details, see Oracle Audit Vault and Database Firewall Administrator's Guide.

  3. Ensure that your system meets the pre-install requirements.

    For details, see Chapter 2, "Oracle Audit Vault and Database Firewall Pre-Install Requirements."

  4. Install the Oracle AVDF software.

    For details, see Chapter 3, "Installing Oracle Audit Vault and Database Firewall Software."

  5. Do the post-install configuration tasks.

    For details, see Chapter 4, "Post-Install Configuration Tasks."

Periodically, you might need to update the Oracle AVDF software. For instructions, see "Updating or Removing the Audit Vault and Database Firewall Software"

If you must remove Oracle AVDF software from your system, see the instructions in "Removing the Oracle AVDF Software".

Supported Secured Targets Latest Platform Matrix

Secured targets are the systems (such as a database or operating system) that you will monitor using Oracle AVDF. See Oracle Audit Vault and Database Firewall Administrator's Guide for supported secured targets.

In addition, you can find the latest supported platform information in Article 1536380.1 at the following website:

https://support.oracle.com

Compatible Third-Party Products

You can use Oracle AVDF with these third-party products:

  • HP ArcSight Security Information Event Management (SIEM), which logs, analyzes, and manages network user activity that is recorded in syslog messages from different sources

  • F5 BIG-IP ASM (Application Security Manager) (versions 9.5.x and 10.x), which provides protection against Web-based attacks