4 Post-Install Configuration Tasks

Learn about the post-installation tasks for Oracle Audit Vault and Database Firewall (Oracle AVDF).

Some of these tasks are mandatory.

4.1 Audit Vault Server Post-Installation Tasks

After installing the Audit Vault Server, there are post-installation tasks that you must do.

You must set the usernames and passwords of its administrator and auditor, and the passwords of its root and support user. You can also set the time and domain name service (DNS) servers of the Audit Vault Server.

Note:

The Audit Vault Server reads the audit log from the target that contains the timestamp of the event. Without this synchronization, events may appear to be archived to the Audit Vault Server before they occur and alerts may appear to be sent before their triggering events occur.

4.1.1 Accessing the Audit Vault Server Post-Install Configuration Page

Access the Audit Vault Server post-installation configuration page.

  1. Using a browser, go to the Audit Vault Server console. Ensure that the browser version you are using supports TLS 1.2 protocol. See Supported Browsers for complete information.
    https://ip_address
    

    For ip_address, use the IP address of the Audit Vault Server. See Installing an Audit Vault Server or Database Firewall.

    If you see a message saying that there is a problem with the Web site security certificate, this is due to a self-signed certificate. Click the Continue to this website (or similar) link. (You can generate a certificate request later to avoid this message. See Oracle Audit Vault and Database Firewall Administrator's Guide.)

    You are prompted to enter the installation passphrase you created during the installation procedure.

  2. Type the installation passphrase that you created in Installing an Audit Vault Server or Database Firewall and click Login.

From this page, you must set the usernames and passwords (required), set up the time, and DNS servers.

4.1.2 Setting the Usernames and Passwords of Audit Vault Server Users (Required)

Set up usernames and passwords for the Oracle Audit Vault and Database Firewall (Oracle AVDF).

In the post-install configuration page, you set up usernames and passwords for the Oracle Audit Vault and Database Firewall administrator, auditor, support, and root users.

See Also:

Oracle Audit Vault and Database Firewall Concepts Guide for a description of each user.

Note:

Do not use the root or support users unless instructed to do so in documentation or by a customer support representative.

4.1.2.1 About Administrator and Auditor User Names

Oracle recommends that you create administrator and auditor user accounts after you install Oracle Audit Vault and Database Firewall (Oracle AVDF).

The administrator and auditor user names must be simple SQL names of 1 to 30 characters, and must follow these rules:

  • The first character is alphabetical.

  • Each remaining character is either alphanumeric or an underscore (_), dollar sign ($), or number sign (#).

Note:

The administrator and auditor user names are upshifted (that is, any lowercase alphabetic characters are replaced by their uppercase equivalents). Also, the Audit Vault Server does not support quoted user names.

See Also:

Oracle Audit Vault and Database Firewall Concepts Guide for a description of each user account.

4.1.2.2 Password Requirements

Set password management guidelines for the Audit Vault and Database Firewall (Oracle AVDF) user accounts.

For example, you may require that users change their passwords on a regular basis, such as every 120 days, and that they create passwords that are not easily guessed.

The following sections describe the minimum password requirements for Oracle Audit Vault and Database Firewall.

Requirements for Passwords Containing Unicode Characters

If your password contains unicode characters (such as non-English characters with accent marks), the password requirement is that it:

  • Be between 8 and 30 characters long.

Requirements for English-Only (ASCII) Passwords

If you are using English-only, ASCII printable characters, Oracle Audit Vault and Database Firewall requires that passwords:

  • Be between 8 and 30 characters long.

  • Contain at least one of each of the following:

    • Lowercase letters: a-z.

    • Uppercase letters: A-Z.

    • Digits: 0-9.

    • Punctuation marks: comma (,), period (.), plus sign (+), colon(:), exclamation mark (!), and underscore (_)

  • Not contain double quotes ("), back space, or control characters.

In addition, Oracle recommends that passwords:

  • Not be the same as the user name.

  • Not be an Oracle reserved word.

  • Not be an obvious word (such as welcome, account, database, and user).

  • Not contain any repeating characters.

See Also:

Oracle Database Security Guide for additional guidelines on how you can strengthen passwords for your site.

4.1.2.3 Setting the Passwords For Audit Vault Server Users

Steps for setting the passwords for the Audit Vault Server users.

To set the passwords of the Audit Vault Server administrator, auditor, root, and support user:

  1. Access the Audit Vault Server Post-Install Configuration page.
  2. Under User Setup:
    • In the Super Administrator field, enter the administrative user name (recommended).

    • Under the Super Administrator field, enter the administrator Super Administrator Password, then confirm it in the Re-enter Password field.

    • Click Validate username.

      The administrator username that you entered is validated. If this name is valid, then you can use it; if not, then you must enter a valid name.

    • In the Super Auditor field, enter the super auditor user name (recommended).

    • Under the Super Auditor, field, enter the auditor Super Auditor Password, then confirm it in the Re-enter Password field.

    • Click Validate username.

      The auditor username that you entered is validated. If this name is valid, then you can use it; if not, then you must enter a valid name.

  3. (New Full Installations Only) Under Repository Encryption, enter the Keystore Password, and then re-enter it.

    On new, full installations of Oracle Audit Vault and Database Firewall 12.2, audit event data in the Audit Vault Server's repository is automatically encrypted using Oracle Database Transparent Data Encryption (TDE). The repository encryption keystore password is required to reset the TDE master key.

  4. Under Root Password, in the fields labeled Root Password and Re-enter New Password, type the password for root.
  5. Under Support User Password, in the fields labeled Support Password and Re-enter New Password, type the password for the support user.

4.1.3 Setting the Audit Vault Server Time (Strongly Recommended)

Steps to set the Audit Vault Server time.

To set the Audit Vault Server time:

  1. Access the Audit Vault Server Post-Install Configuration page.

  2. Expand the Time Setup section.

  3. Select either Set Manually or Use NTP.

    Note:

    Oracle strongly recommends that you select Use NTP. In addition, it is recommended that you also use an NTP service on your secured targets to avoid confusion on timestamps on the alerts raised by the Audit Vault Server.

  4. If in step 3 you selected Use NTP, then for each of the fields Server 1 Address, Server 2 Address, and Server 3 Address:

    1. Type either the IP address or name of a preferred time server.

      If you type a name, the DNS server specified in the System Services page is used for name resolution.

    2. Click Test Server.

      The time from the specified server appears.

  5. If in step 3 you selected Set Manually, then set the Date fields to your current local day and time.

  6. Either click Save or proceed to set the DNS servers for the Audit Vault Server.

4.1.4 Setting the Audit Vault Server DNS Servers (Recommended)

Steps to set the DNS servers for the Audit Vault Server.

The Audit Vault Server DNS servers are used to resolve any host names that Audit Vault Server might use.

Note:

Set Audit Vault Server DNS server values only if the network has DNS servers, otherwise system performance will be impaired.

To set the DNS servers for the Audit Vault Server:

  1. Access the Audit Vault Server Post-Install Configuration page.
  2. Expand the DNS Setup section.
  3. Enter the IP address(es) of up to three DNS servers on the network in the Server 1, Server 2, and Server 3 fields.

    Leave the fields blank if there are no DNS servers.

  4. Click Save (in the upper right corner of the page).

4.2 Database Firewall Post-Installation Tasks

Learn about Database Firewall post-installation tasks.

After you install the Database Firewall, you may set the passwords for support user. This is the Linux operating system user account on the Audit Vault Server.

4.2.1 Accessing the Database Firewall Post-Install Configuration Page

Steps on how to access the Database Firewall Post-Install Configuration page.

To access the Database Firewall Post-Install Configuration page:

  1. Using a browser, go to the Database Firewall console. Ensure that the browser version you are using supports TLS 1.2 protocol. See Supported Browsers for complete information.
    https://ip_address
    

    For ip_address, use the IP address of the Database Firewall. See section Installing an Audit Vault Server or Database Firewall.

  2. You are prompted to enter the installation passphrase. Type the installation passphrase that you created in "Installing an Audit Vault Server or Database Firewall", step 6) and click Login.

From this page, you can set the passwords of the Database Firewall users.

4.2.2 Setting the Passwords of Database Firewall Users (Required)

Learn about and set the Database Firewall users passwords.

4.2.2.1 About Database Firewall User Passwords

Learn about Oracle's recommendations for Database Firewall user passwords.

Passwords need not be unique; however, Oracle recommends that passwords:

  • Have at least one uppercase alphabetic, one alphabetic, one numeric, and one special character (plus sign, comma, period, or underscore).

  • Be between 8 and 30 characters long.

  • Be composed of the following characters:

    • Lowercase letters: a-z.

    • Uppercase letters: A-Z.

    • Digits: 0-9.

    • Punctuation marks: comma (,), period (.), plus sign (+), colon(:), and underscore (_).

  • Not be the same as the user name.

  • Not be an Oracle reserved word.

  • Not be an obvious word (such as welcome, account, database, and user).

  • Not contain any repeating characters.

4.2.2.2 Setting The Passwords For Database Firewall Users

Set the passwords of the Database Firewall administrator, root, and support user.

  1. Under the heading Administration User:

    1. In the field User Name, type the user name of the Database Firewall Administration User.

    2. In the field Password, type the password of the Database Firewall Administration User.

    3. In the field Password Confirmation, retype the password.

    4. In the field Installation Passphrase, type the installation passphrase that you created in "Installing an Audit Vault Server or Database Firewall", step 6.

  2. Under the heading Operating System Password for root, in the fields Password and Password Confirmation, type the password for root.

  3. Under the heading Operating System Password for support, in the fields Password and Password Confirmation, type the password for support user.

  4. Click Save.

See Also:

Oracle Audit Vault and Database Firewall Concepts Guide for a description of each user account.

4.3 Networking Setup And Configuration

Oracle Audit Vault and Database Firewall (Oracle AVDF) can be setup or configured for access through DNS.

In this case the host name must match the FQDN used for access. This regenerates the appliance certificate to match the new host name.