This chapter gives an overview of Oracle Audit Vault and Database Firewall (Oracle AVDF) and its installation.
See Also:
Oracle Audit Vault and Database Firewall Administrator's Guide for general information about secure installation, data protection, and general recommendations for deploying Oracle AVDF in a network and in special configurationsYou can download the latest version of this manual from the following website:
http://www.oracle.com/pls/topic/lookup?ctx=avdf121
You can find documentation for other Oracle products at the following website:
Audit Collection: Supported Secured Target Types and Versions
Database Firewall Protection: Supported Secured Target Types and Versions
Oracle AVDF is delivered as software appliance images ready to be deployed on their own hardware, either directly or as virtual appliances. Oracle AVDF can be installed and run on the following platforms:
(Recommended) Any Intel x86 64-bit hardware platform supported by Oracle Linux Release 5 Update 10.
For a complete list of certified hardware that supports Oracle Linux, go to https://linux.oracle.com/hardware.html.
Oracle VM Server for x86, version 3.x
Table 1-1 lists supported secured target types and versions for audit data collection for the current release of Oracle Audit Vault and Database Firewall.
Table 1-1 Audit Collection: Supported Secured Target Types and Versions
|
Category |
Releases/Versions |
|
DATABASE |
|
|
Oracle Database (includes Oracle Exadata and Oracle Real Application Clusters) |
10g, 11g, 12c |
|
IBM DB2 for LUW (Linux, UNIX, Windows) |
9.x-10.5 |
|
Microsoft SQL Server |
2000, 2005, 2008, 2008 R2, 2012 |
|
SAP Sybase ASE |
12.5.4 - 15.7 |
|
MySQL |
5.5.29 - 5.6.12 |
|
OPERATING SYSTEM |
|
|
Oracle Solaris (SPARC64) |
10, 11 |
|
Oracle Solaris (x86-64) |
10, 11 |
|
Oracle Linux |
OL5.8 (requires |
|
OL6.0 (requires |
|
|
OL 6.1-6.4 (requires |
|
|
Microsoft Windows Server (x86-64) |
2008, 2008 R2 |
|
DIRECTORY SERVICE |
|
|
Microsoft Active Directory |
2008, 2008 R2 |
|
FILE SYSTEM |
|
|
Oracle ACFS |
12c |
|
HADOOP SYSTEM |
|
|
Oracle Big Data Appliance* |
2.3 |
* This plug-in is not shipped out of the box. Refer to Oracle Big Data Appliance Owner's Guide for more information.
Table 1-2 lists supported secured target types and versions for Database Firewall protection for the current release.
Table 1-2 Database Firewall Protection: Supported Secured Target Types and Versions
|
Database Product |
Releases/Versions |
|
Oracle Database (includes Oracle Exadata and Oracle Real Application Clusters) |
9i, 10g, 11g, 12c |
|
MySQL |
5.0, 5.1, 5.5, 5.6 |
|
IBM DB2 for LUW (Linux, UNIX, Windows) |
9.x |
|
Microsoft SQL Server |
2000, 2005, 2008, 2008 R2, 2012 |
|
SAP Sybase ASE |
12.5.4 - 15.7 |
|
SAP Sybase SQL Anywhere |
10.0.1 |
Table 1-3 lists supported platforms and versions for the Audit Vault Agent for the current release.
Table 1-3 Audit Vault Agent: Supported Platforms and Versions
|
Operating System |
Releases/Versions |
|
Linux (x86-64, x86-32) |
Oracle Linux 5, 6; RHEL5,6; SLES11; Asianux 3 |
|
Microsoft Windows (x64-64, x86-32) |
7, 8.x |
|
Microsoft Windows Server (x86-64, x86-32) |
2003, 2003 R2, 2008, 2008 R2 |
|
Oracle Solaris (SPARC64, x86-64) |
10, 11 |
|
IBM AIX on POWER Systems (64-bit) |
6.1, 7.1 |
|
HP-UX (Itanium) |
11.31 and later |
Table 1-4 lists supported platforms and versions for the host monitor for the current release.
Oracle Audit Vault and Database Firewall (AVDF) secures databases and other critical components of IT infrastructure (such as operating systems) in these key ways:
Provides a database firewall that can monitor activity and/or block SQL statements on the network based on a firewall policy
Collects audit data, and makes it available in audit reports
Provides dozens of built-in, customizable activity and compliance reports, and lets you proactively configure alerts and notifications
See Also:
Oracle Audit Vault and Database Firewall Administrator's Guide for detailed information about Oracle AVDF administrative features
Oracle Audit Vault and Database Firewall Auditor's Guide for detailed information about Oracle AVDF auditing features
This section briefly describes the Oracle AVDF components that you will install.
See Also:
Oracle Audit Vault and Database Firewall Administrator's Guide for more information about Oracle AVDF components, including a diagram of how they work togetherAn Audit Vault Server is a dedicated server that has:
Tools to configure Oracle AVDF to collect audit data from secured targets, and/or apply firewall policies to secured targets.
For more information about the secured targets, see Oracle Audit Vault and Database Firewall Administrator's Guide.
An Oracle database, which provides a data repository for audit and firewall events.
For more information about the Audit Vault Server, see Oracle Audit Vault and Database Firewall Administrator's Guide.
A Database Firewall is a dedicated server that collects SQL data from network traffic going to and from a database and sends the data to the Audit Vault Server. Oracle AVDF can support one or more Database Firewalls, depending on your network scenario. For more information about Database Firewalls, see Oracle Audit Vault and Database Firewall Administrator's Guide.
An Audit Vault Agent retrieves audit trail data from a secured target database or nondatabase (such as an operating system) and sends it to the Audit Vault Server. Each secured target is associated with an Audit Vault Agent, which retrieves data from one or more of its audit trails. For information about the Audit Vault Agent and deploying it on secured target computers, see Oracle Audit Vault and Database Firewall Administrator's Guide.
Oracle AVDF has the following users for the Audit Vault Server:
Administrator: The administrator user can access the Audit Vault Server administration functions. A super administrator can create other super administrator or administrator users. Administrators perform all system configuration tasks including setting up connections to secured targets, audit trails, system and network services, maintenance, backup, high availablity, and third-party integrations. See Oracle Audit Vault and Database Firewall Administrator's Guide for detailed information.
Auditor: The auditor user can access the Audit Vault Server auditing functions. A super auditor can create other super auditor or auditor users. Auditors perform Oracle AVDF auditing functions such as setting up audit and firewall policies, generating reports, retrieving entitlement information, setting up alerts, and creating customer reports. See Oracle Audit Vault and Database Firewall Auditor's Guide for detailed information.
support: This the Linux operating system user who does Audit Vault Server updates, and diagnostic or remedial tasks. Only use this account as documented, or as instructed by Oracle Support.
root: This is the Linux operating system user with the highest system privileges, and can do the same tasks as the support user, as well as additional tasks as required by Oracle AVDF. Only use this account as documented, or as instructed by Oracle Support.
Oracle AVDF has the following users for the Database Firewall:
Administration User: This user can access the Database Firewall administration interface. The administration user can perform all configuration tasks on the Database Firewall, including setting up system networking and services, traffic sources, proxy configuration, view diagnostic information, configuring high availablity, etc. See Oracle Audit Vault and Database Firewall Administrator's Guide for detailed information.
support: This the Linux operating system user who does Database Firewall updates, and diagnostic or remedial tasks. Only use this account as documented, or as instructed by Oracle Support.
root: This is the Linux operating system user with the highest system privileges, and can do the same tasks as the support user, as well as additional tasks as required by Oracle AVDF. Only use this account as documented, or as instructed by Oracle Support.
Briefly, the Oracle AVDF installation steps are:
Understand the Oracle AVDF components to be installed.
For information about the components, see "Summary of Oracle AVDF Components and Users".
Plan the system configuration that best suits your needs.
For details, see Oracle Audit Vault and Database Firewall Administrator's Guide.
Ensure that your system meets the pre-install requirements.
For details, see Chapter 2, "Oracle Audit Vault and Database Firewall Pre-Install Requirements."
Install the Oracle AVDF software.
For details, see Chapter 3, "Installing Oracle Audit Vault and Database Firewall Software."
Do the post-install configuration tasks.
For details, see Chapter 4, "Post-Install Configuration Tasks."
Periodically, you might need to update the Oracle AVDF software. For instructions, see "Upgrading or Removing Oracle Audit Vault and Database Firewall"
If you must remove Oracle AVDF software from your system, see the instructions in "Removing the Oracle AVDF Software".
Secured targets are the systems (such as a database or operating system) that you will monitor using Oracle AVDF. Each type of supported secured target has a corresponding plug-in in Oracle AVDF. See Oracle Audit Vault and Database Firewall Administrator's Guide for detailed information on plug-ins shipped out-of-the-box.
See these topics for secured targets supported for auditing and firewall functions:
"Audit Collection: Supported Secured Target Types and Versions"
"Database Firewall Protection: Supported Secured Target Types and Versions"
In addition, you can find supported platforms for prior releases in Article 1536380.1 at the following website: