Oracle® Audit Vault Collection Agent Installation Guide Release 10.2.3 Part Number E11057-02 |
|
|
View PDF |
Oracle Audit Vault is a powerful enterprisewide audit solution that efficiently consolidates, detects, monitors, alerts, and reports on audit data for security auditing and compliance. Oracle Audit Vault provides the ability to consolidate audit data and critical events into a centralized and secure audit warehouse.
This chapter provides an overview of the Oracle Audit Vault Agent installation process. This chapter includes the following sections:
You can choose different installation methods to install Oracle Audit Vault, as follows:
When you use the interactive method to install Oracle Audit Vault Agent, Oracle Universal Installer displays a series of screens that enable you to specify all of the required information to install the Oracle Audit Vault Agent software.
Oracle Audit Vault provides a response file template for Audit Vault Agent (avagent.rsp
) and one for an upgrade installation (upgrade_avagent.rsp
). These response template files can be found in the AV installer location
/response
directory on the Audit Vault Agent installation media.
When you start Oracle Universal Installer and specify a response file, you can automate all of the Oracle Audit Vault Agent installation. These automated installation methods are useful if you need to perform multiple installations on similarly configured systems or if the system where you want to install the software does not have X Window system software installed.
Oracle Universal Installer runs in silent mode if you use a response file that specifies all required information. None of the Oracle Universal Installer screens are displayed and all interaction (standard output and error messages) and installation logs appear on the command line.
See Also:
Section 3.3 for information about performing an Audit Vault silent installation and Section 4.4 for information about performing an Audit Vault silent upgrade installation. "Installing Oracle Products" in Oracle Universal Installer and OPatch User's Guide for more information about installing using response filesAn Audit Vault Collection Agent provides run-time support for audit data collection by Audit Vault collectors. It also contains the audit data collectors for Oracle Database and SQL Server database sources. The DBAUD, OSAUD, and REDO collectors are provided for Oracle Database sources, and the MSSQLDB collector is provided for SQL Server database sources. See Oracle Audit Vault Architecture in Oracle Audit Vault Administrator's Guide for more information.
The Audit Vault Agent includes Oracle Container for J2EE (OC4J) and Oracle Database Client components, and is deployed within its own directory. The agent can be installed on the same system as the Audit Vault Server, or on the same system that hosts the source of audit logs, or on a third, independent system. Where you deploy the agent will depend on the hardware resources available and on the requirements from the specific audit data collectors that must run within the agent. As a best practice, the Oracle Audit Vault Agent should be installed on each host system to be audited. The DBAUD and REDO collectors do not place any restrictions on the deployment of the agent; they can be deployed anywhere depending on your requirements. However, the OSAUD and MSSQLDB collectors need local access to the disk that store the audit trail files written by the source database. Therefore, it must be deployed on a host system that mounts these disks locally, not across the network.
The agent communicates with the Audit Vault Server to receive some configuration information and to send audit data for storage. This communication channel is based on the Oracle Call Interface (OCI). Immediately following installation, password-based authentication is used to secure this channel. Administrators can further secure this channel after installation by using the TCPS protocol to encrypt data.
The agent also communicates with the Audit Vault Console to exchange management information, such as starting and stopping collectors, and collecting performance metrics. This communication channel is HTTP-based. If X.509 certificates are provided, this channel can be further secured to use HTTPS encryption and mutual authentication with the Audit Vault Console.
This section contains information that you should consider before deciding how to install this product. It includes the following topics:
The platform-specific hardware and software requirements included in this installation guide were current at the time this guide was published. However, because new platforms and operating system versions might be certified after this guide is published, review the certification matrix on the OracleMetaLink Web site for the most up-to-date list of certified hardware platforms and operating system versions. The OracleMetaLink Web site is available at
https://metalink.oracle.com
If you do not have a current Oracle Support Services contract, then you can access the same information at
http://www.oracle.com/technology/support/metalink/content.html