3 Installing Oracle Audit Vault and Database Firewall Software

This chapter explains how to install Oracle Audit Vault and Database Firewall (Oracle AVDF). You can deploy the Audit Vault Agent once you have installed the Audit Vault Server.

Topics

See Also:

3.1 About the Software Installation Procedure

The Oracle Audit Vault and Database Firewall software is installed using four discs, each created from .iso file downloads:

  • Three Audit Vault installer discs (created from three .iso files)

  • One Database Firewall installer disc (created from one .iso file)

There is an additional Utilities file for Oracle Advanced Security Integration and Database Interrogation setup.

During the installation, you create an installation passphrase that protects the newly installed component until it is fully configured.

Note:

The installation process reimages the server on which you install the Audit Vault Server or Database Firewall, automatically installing the operating system.

3.2 Downloading and Verifying the Software

For a fresh installation, you can download the Oracle Audit Vault and Database Firewall software from the Software Delivery Cloud. You cannot use this package to upgrade. To perform an upgrade from an existing deployment, you can download the upgrade software from the My Oracle Support website.

To download the software:

  1. Use a web browser to access the Oracle Software Delivery Cloud portal:
    https://edelivery.oracle.com

    Note:

    Ensure that the browser version you are using supports TLS 1.2 protocol. See Supported Browsers for complete information.

  2. Click Sign In, and if prompted, enter your User ID and Password.
  3. In the All Categories menu, select Release. In the next field, enter Oracle Audit Vault and Database Firewall and then click Search.
  4. From the list that is displayed, select the Oracle Audit Vault and Database Firewall version you want to install. Alternately, click the +Add to Cart button against the specific release.

    The download is added to your cart. To check the cart contents, click View Cart in the upper right of the screen.

  5. Click Checkout.
  6. In the next page, verify the details of the installation package, and then click Continue.
  7. Read the Oracle Standard Terms and Restrictions displayed on the page. Select I accept the terms in the license agreement, and click Continue.

    The download page appears and displays the list of ISO files for Oracle Audit Vault and Database Firewall. The following is an example:

    • Vpart_number.iso Oracle Audit Vault and Database Firewall 19.1.0.0.0 (AVDF 19.1) - Server - Disc 1, 4.89 GB

    • Vpart_number.iso Oracle Audit Vault and Database Firewall 19.1.0.0.0 (AVDF 19.1) - Server - Disc 2, 4.23 GB

    • Vpart_number.iso Oracle Audit Vault and Database Firewall 19.1.0.0.0 (AVDF 19.1) - Server - Disc 3, 3.18 GB

    • Vpart_number.iso Oracle Audit Vault and Database Firewall 19.1.0.0.0 (AVDF 19.1) - Firewall, 4.51 GB

    • Vpart_number.iso Oracle Audit Vault and Database Firewall 19.1.0.0.0 (AVDF 19.1) - Utilities, 9.2 KB

  8. To the right of the Print button, click View Digest Details.

    The listing for the ISO files expands to display the SHA-1 and SHA-256 checksum reference numbers for each ISO file.

  9. Copy the SHA-256 checksum reference numbers and store them for later reference.
  10. Click Download. The Download Manager Installation screen is displayed.
  11. Click Download the installer, and then click Save File.
  12. Choose a location to save the ISO files. Click Save.

    Alternately, you can save each file individually by clicking its name and then specifying a location for the download.

  13. The combined size of all ISO files exceeds 4 GB, and takes time to download, depending on the network speed. The estimated download time and speed are displayed in the File Download dialog box.
  14. After the ISO files are downloaded to the specified location, verify the SHA-256 checksums of the downloaded files:
    1. From a Linux or Unix machine, generate a SHA256 checksum for the first Vpart_number.iso:
      $ sha256sum Vpart_number.iso
      

      Ensure that the checksum matches the value that you copied from the File Download dialog box in the earlier step.

    2. Generate a SHA-256 checksum for the second Vpart_number.iso:
      $ sha256sum Vpart_number.iso
      

      Ensure that the checksum matches the value that you copied from the File Download dialog box in the earlier step.

  15. Optionally, copy all the Vpart_number.iso files to another media and label them for easy reference.
  16. You can now install the software on a server machine.

3.3 Installation Passphrase Requirements

One step in the installation of an Audit Vault Server or Database Firewall is to create an installation passphrase. The installation passphrase protects the newly installed component from outside attack until you have done the post-install configuration tasks. To do the tasks, you must enter the installation passphrase that you created during the installation.

After doing the tasks, you no longer need the installation passphrase, and it no longer works.

The installation passphrase must have between 8 to 255 characters in these categories:

  • Uppercase letters (A-Z) - must have at least one

  • Lowercase letters (a-z) - must have at least one

  • Digits (0-9) - must have at least one

  • Space

  • At least one of the following:

    • Comma (,)

    • Period (.)

    • Colon (:)

    • Plus sign (+)

    • Underscore (_)

If you have created an installation passphrase for a component but not yet completed the post-install configuration tasks, then you can change the passphrase. To do so, select Change Installation Passphrase in the Audit Vault Server menu or Database Firewall menu, shown in the later steps of installation.

3.4 Installing an Audit Vault Server or Database Firewall

To install an Audit Vault Server or Database Firewall:

  1. Insert either installer disk 1 for the Audit Vault Server or the single installer disk for the Database Firewall in the disk drive, and then reboot the system.

    The system is booted from the disk, and the initial splash screen appears, similar to the following:

    Your splash screen will indicate the release number you are installing.

  2. Select install, and then press the Enter key.

    The installation proceeds.

  3. (Audit Vault Server Only) Insert disk 2 when prompted, select OK, and then press Enter.

    After a time, the installer asks you to insert disk 3.

  4. Insert disk 3 when prompted, select OK, and then press Enter.

    After a time, the installer asks you to insert disk 1 again.

  5. (Audit Vault Server Only) Insert disk 1 again when prompted, select OK, and then press Enter.
  6. Type the installation passphrase, press Enter, and then confirm the passphrase.

    The screen displays this message:

    Installation passphrase was successfully configured

  7. Press Enter.

    The Select Management Interface screen appears for Database Firewall, or for the Audit Vault Server, the Select Network Interface screen appears.

    For example, for the Select Network Interface screen:

  8. If more than one interface is available, select the interface that you want to be the management interface.

    This interface is the network interface used by the Audit Vault Server or the Database Firewall.

  9. Press the key Enter.

    For a Database Firewall, a screen appears with this option selected:

    Use Use this device as the management port

    For the Audit Vault Server, a screen appears with this option selected:

    Use Use this device as the network interface

  10. Press Enter.

    For the Database Firewall, the Please enter management interface IP setting screen appears. For the Audit Vault Server, the Please enter network interface IP setting screen appears. Both screens contain the following fields:

    • IP Address

    • Network Mask

    • Gateway

  11. In the field IP Address, enter the IP address of the network interface and then press Tab.

    The cursor moves to the field Network Mask.

  12. In the field Network Mask, enter the network mask for the management interface and then press Tab.

    The cursor moves to the field Gateway.

  13. In the field Gateway, enter the gateway IP address for the management interface and then press Tab.

    The cursor moves to Reboot to complete installation.

  14. Press Enter.

    The computer restarts. This may take a long time. When the restart has finished, the system displays the menu settings.

  15. Press Enter.

    The network settings appear.

    At this point, the installation of either the Audit Vault Server or the Database Firewall is complete. You will set user passwords as part of the next step.

  16. Perform the appropriate post-install configuration tasks.

    For these tasks, you need the passphrase that you created in step 6 and the IP address that you provided in step 11.

Note:

The Audit Vault Server and the Database Firewall server are software appliances. You must not make any changes to the Linux operating system through the command line on these servers unless following official Oracle documentation or under guidance from Oracle Support.