Learn about the post-installation tasks for Oracle Audit Vault and Database Firewall (Oracle AVDF).
Some of these tasks are mandatory.
After installing the Audit Vault Server, there are post-installation tasks that you must do.
You must set the usernames and passwords of its administrator and auditor, and the passwords of its root and support user. You can also set the time and domain name service (DNS) servers of the Audit Vault Server.
Apply the deprecated ciphers patch (Deprecated-Cipher-Removal.zip
) to remove old ciphers, post AVS install or upgrade. Apply this patch on Audit Vault Server after installation or upgrade to 12.2.0.13.0 (or later). Before applying the patch, make sure that all the Audit Vault Agents and Host Monitor Agents are upgraded to 12.2.0.13.0.
Note:
The Audit Vault Server reads the audit log from the target that contains the timestamp of the event. Without this synchronization, events may appear to be archived to the Audit Vault Server before they occur and alerts may appear to be sent before their triggering events occur.Parent topic: Post-Install Configuration Tasks
Access the Audit Vault Server post-installation configuration page.
From this page, you must set the usernames and passwords (required), set up the time, and DNS servers.
Parent topic: Audit Vault Server Post-Installation Tasks
Set up usernames and passwords for the Oracle Audit Vault and Database Firewall (Oracle AVDF).
In the post-install configuration page, you set up usernames and passwords for the Oracle Audit Vault and Database Firewall administrator, auditor, support, and root users.
See Also:
Oracle Audit Vault and Database Firewall Concepts Guide for a description of each user.
Note:
Do not use the root or support users unless instructed to do so in documentation or by a customer support representative.
Parent topic: Audit Vault Server Post-Installation Tasks
Oracle recommends that you create administrator and auditor user accounts after you install Oracle Audit Vault and Database Firewall (Oracle AVDF).
The administrator and auditor user names must be simple SQL names of 1 to 30 characters, and must follow these rules:
The first character is alphabetical.
Each remaining character is either alphanumeric or an underscore (_), dollar sign ($), or number sign (#).
Note:
The administrator and auditor user names are upshifted (that is, any lowercase alphabetic characters are replaced by their uppercase equivalents). Also, the Audit Vault Server does not support quoted user names.
See Also:
Oracle Audit Vault and Database Firewall Concepts Guide for a description of each user account.
Set password management guidelines for the Audit Vault and Database Firewall (Oracle AVDF) user accounts.
For example, you may require that users change their passwords on a regular basis, such as every 120 days, and that they create passwords that are not easily guessed.
The following sections describe the minimum password requirements for Oracle Audit Vault and Database Firewall.
Requirements for Passwords Containing Unicode Characters
If your password contains unicode characters (such as non-English characters with accent marks), the password requirement is that it:
Be between 8 and 30 characters long.
Requirements for English-Only (ASCII) Passwords
If you are using English-only, ASCII printable characters, Oracle Audit Vault and Database Firewall requires that passwords:
Be between 8 and 30 characters long.
Contain at least one of each of the following:
Lowercase letters: a-z.
Uppercase letters: A-Z.
Digits: 0-9.
Punctuation marks: comma (,), period (.), plus sign (+), colon(:), exclamation mark (!), and underscore (_)
Not contain double quotes ("), back space, or control characters.
In addition, Oracle recommends that passwords:
Not be the same as the user name.
Not be an Oracle reserved word.
Not be an obvious word (such as welcome, account, database, and user).
Not contain any repeating characters.
See Also:
Oracle Database Security Guide for additional guidelines on how you can strengthen passwords for your site.
Steps to set the Audit Vault Server time.
To set the Audit Vault Server time:
Access the Audit Vault Server Post-Install Configuration page.
Expand the Time Setup section.
Select either Set Manually or Use NTP.
Note:
Oracle strongly recommends that you select Use NTP. In addition, it is recommended that you also use an NTP service on your secured targets to avoid confusion on timestamps on the alerts raised by the Audit Vault Server.
If in step 3 you selected Use NTP, then for each of the fields Server 1 Address, Server 2 Address, and Server 3 Address:
Type either the IP address or name of a preferred time server.
If you type a name, the DNS server specified in the System Services page is used for name resolution.
Click Test Server.
The time from the specified server appears.
If in step 3 you selected Set Manually, then set the Date fields to your current local day and time.
Either click Save or proceed to set the DNS servers for the Audit Vault Server.
Parent topic: Audit Vault Server Post-Installation Tasks
Steps to set the DNS servers for the Audit Vault Server.
The Audit Vault Server DNS servers are used to resolve any host names that Audit Vault Server might use.
Note:
Set Audit Vault Server DNS server values only if the network has DNS servers, otherwise system performance will be impaired.To set the DNS servers for the Audit Vault Server:
Parent topic: Audit Vault Server Post-Installation Tasks
Learn about Database Firewall post-installation tasks.
After you install the Database Firewall, you may set the passwords for support
user. This is the Linux operating system user account on the Audit Vault Server.
Parent topic: Post-Install Configuration Tasks
Steps on how to access the Database Firewall Post-Install Configuration page.
To access the Database Firewall Post-Install Configuration page:
From this page, you can set the passwords of the Database Firewall users.
Parent topic: Database Firewall Post-Installation Tasks
Learn about and set the Database Firewall users passwords.
Parent topic: Database Firewall Post-Installation Tasks
Learn about Oracle's recommendations for Database Firewall user passwords.
Passwords need not be unique; however, Oracle recommends that passwords:
Have at least one uppercase alphabetic, one alphabetic, one numeric, and one special character (plus sign, comma, period, or underscore).
Be between 8 and 30 characters long.
Be composed of the following characters:
Lowercase letters: a-z.
Uppercase letters: A-Z.
Digits: 0-9.
Punctuation marks: comma (,), period (.), plus sign (+), colon(:), and underscore (_).
Not be the same as the user name.
Not be an Oracle reserved word.
Not be an obvious word (such as welcome, account, database, and user).
Not contain any repeating characters.
Set the passwords of the Database Firewall administrator, root, and support user.
Under the heading Administration User:
In the field User Name, type the user name of the Database Firewall Administration User.
In the field Password, type the password of the Database Firewall Administration User.
In the field Password Confirmation, retype the password.
In the field Installation Passphrase, type the installation passphrase that you created in "Installing an Audit Vault Server or Database Firewall", step 6.
Under the heading Operating System Password for root, in the fields Password and Password Confirmation, type the password for root.
Under the heading Operating System Password for support, in the fields Password and Password Confirmation, type the password for support user.
Click Save.
See Also:
Oracle Audit Vault and Database Firewall Concepts Guide for a description of each user account.