2 Overview of Oracle Audit Vault and Database Firewall Installation

Learn to install Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

Oracle Audit Vault and Database Firewall Administrator's Guide for general information about secure installation, data protection, and general recommendations for deploying Oracle Audit Vault and Database Firewall in a network and in special configurations.

2.1 Downloading the Latest Version of This Manual

Learn how to download the latest documentation for Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

2.2 Platform Support

Learn about various platforms supported by Oracle AVDF.

2.2.1 Product Compatibility Matrix

Learn about supported platforms for Audit vault Agent, Host Monitor, audit collection, and Database Firewall protection.

Oracle Audit Vault and Database Firewall is delivered as software appliance images ready to be deployed on physical hardware or on virtualized environments such as Oracle VM Server or VMware. You can install and run Oracle Audit Vault and Database Firewall on the following platforms:

  • Any Intel x86 64-bit hardware platform supported by Oracle Audit Vault and Database Firewall's embedded operating system. Oracle Audit Vault and Database Firewall 20 uses Oracle Linux release 7 with the Unbreakable Enterprise Kernel (UEK) version 5. For a list of compatible hardware, refer to Hardware Certification List for Oracle Linux and Oracle VM. This list contains the minimum version of Oracle Linux certified with the selected hardware. All Oracle Linux updates starting with Oracle Linux release 7 as the minimum are also certified unless otherwise noted.
  • Refer to Oracle Linux documentation for more information on the operating system platform.
  • Oracle VM Server for x86, version 3.2 - 3.4.6
  • VMWare VSphere, version 6.0
  • Oracle VM VirtualBox, version 6.0
  • Oracle Audit Vault and Database Firewall release 20 supports both BIOS and UEFI boot mode. For system with boot disk greater than 2 TB, Oracle AVDF supports booting in UEFI mode only.
  • Oracle Audit Vault Server and Database Firewall cannot be installed on Exalogic or Exadata appliances.

Table 2-1 Audit Collection and Database Firewall Protection

Supported Platform Versions Supported Audit Collection Database Firewall Protection
Database
Oracle Database

(Enterprise and Standard editions)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
Autonomous Data Warehouse (Autonomous Database, serverless) Not applicable Yes Not supported
Autonomous Transaction Processing (Autonomous Database, serverless) Not applicable Yes Not supported
Autonomous Transaction Processing (Autonomous Container Database, dedicated) Not applicable No Not supported

Virtual machine DB system

19.0.0.0 Yes Not supported
Exadata DB system 19.0.0.0 Yes Not supported
Oracle Exadata

19c

18c

12.2

12.1

Yes Yes
Oracle Real Application Clusters

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
MySQL

8.0

5.7

5.6

Yes Yes
Microsoft SQL Server (Windows)

2017

2016

2014

2012

Yes Yes
Microsoft SQL Server Cluster (Windows Failover Cluster)

2017

2016

2014

2012

Yes No
MongoDB (By configuring Quick JSON collector)

3.6 to 4.2

Yes No
PostgreSQL

9.6 to 11.8

Yes No
IBM Db2

11.5

11.1

10.5

Yes Yes

IBM Db2 Cluster

HADR (High Availability and Disaster Recovery) on OL 7.x

11.1

Yes Yes

IBM Db2 for AIX

7.2 TL1 and above

7.1 TL4 and TL5

11.5

11.1

10.5

No Yes
SAP Sybase ASE

16

15.7

Yes Yes
Transaction Log Collector using Oracle GoldenGate 19.1

11.2 to 19c

Yes Not applicable
Operating System
Oracle Solaris (SPARC64)

11.3

11.4

Yes Not applicable
Oracle Solaris (x86-64)

11.3

11.4

Yes Not applicable
Oracle Linux (64 bit)

OL 7.7 (requires auditd 2.8.5)

OL 7.4-7.5 (requires auditd 2.7.6)

OL 7.3 (requires auditd 2.6.5)

OL 7.1-7.2 (requires auditd 2.4.1)

OL 7.0 (requires auditd 2.3.3)

OL 6.8-6.9 (requires auditd 2.4.5)

OL 6.6-6.7 (requires auditd 2.3.7)

OL 6.1-6.5 (requires auditd 2.2.2)

OL 6.0 (requires auditd 2.0)

OL 5.8 (requires auditd 1.8)

Yes Not applicable
Red Hat Enterprise Linux

RHEL 7.7 (requires auditd 2.8.5)

RHEL 7.5 (requires auditd 2.7.6)

RHEL 7.4 (requires auditd 2.7.6)

RHEL 7.3 (requires auditd 2.6.5)

RHEL 7.2 (requires auditd 2.4.1)

RHEL 7.1 (requires auditd 2.4.1)

RHEL 7.0 (requires auditd 2.3.3)

RHEL 6.10 (requires auditd 2.4.5)

RHEL 6.9 (requires auditd 2.4.5)

RHEL 6.8 (requires auditd 2.4.5)

RHEL 6.7 (requires auditd 2.3.7)

Yes Not applicable
Microsoft Windows Server (x86-64)

2016

2012 R2

2012

Yes Not applicable
IBM AIX on Power Systems (64-bit)

7.2 TL2 and above

7.1 TL5

Yes Not applicable
HP-UX on Itanium 11.31 No Not applicable
Directory Service
Microsoft Active Directory

2016

2008

Yes Not applicable
File System
Oracle ACFS

12c

Yes Not applicable

Table 2-2 Supported Platforms for Audit Vault Agent and Host Monitor

Supported Platform Versions Supported Audit Vault Agent Deployment Host Monitor Deployment
Operating System
Oracle Solaris (SPARC64)

11.3

11.4

Yes Yes
Oracle Solaris (x86-64)

11.3

11.4

Yes Yes
Oracle Linux (64 bit)

OL 7.7 (requires auditd 2.8.5)

OL 7.4-7.5 (requires auditd 2.7.6)

OL 7.3 (requires auditd 2.6.5)

OL 7.1-7.2 (requires auditd 2.4.1)

OL 7.0 (requires auditd 2.3.3)

OL 6.8-6.9 (requires auditd 2.4.5)

OL 6.6-6.7 (requires auditd 2.3.7)

OL 6.1-6.5 (requires auditd 2.2.2)

OL 6.0 (requires auditd 2.0)

OL 5.8 (requires auditd 1.8)

Yes Yes
Red Hat Enterprise Linux

RHEL 7.7 (requires auditd 2.8.5)

RHEL 7.5 (requires auditd 2.7.6)

RHEL 7.4 (requires auditd 2.7.6)

RHEL 7.3 (requires auditd 2.6.5)

RHEL 7.2 (requires auditd 2.4.1)

RHEL 7.1 (requires auditd 2.4.1)

RHEL 7.0 (requires auditd 2.3.3)

RHEL 6.10 (requires auditd 2.4.5)

RHEL 6.9 (requires auditd 2.4.5)

RHEL 6.8 (requires auditd 2.4.5)

RHEL 6.7 (requires auditd 2.3.7)

Yes Yes
Microsoft Windows Server (x86-64)

2016

2012 R2

2012

Yes Yes
IBM AIX on Power Systems (64-bit)

7.2 TL2 and above

7.1 TL5

Yes Yes
HP-UX on Itanium 11.31 Yes Not applicable

Table 2-3 Appliance Deployment: Oracle Audit Vault Server and Database Firewall

Name Release/Version

Oracle VM VirtualBox

6.0

5.2

Oracle VM Server for x86

3.4.6

3.2.2 to 3.2.9

VMware vSphere

6.7

6.0

2.2.2 Supported Browsers

Learn what browsers are supported with Oracle Audit Vault and Database Firewall (Oracle AVDF).

Oracle Audit Vault and Database Firewall requires a JavaScript-enabled browser and supports the current and prior major release of Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Internet Explorer, and Microsoft Edge.

Note:

  • Ensure that the browser version you are using supports TLS 1.2 protocol.
  • Microsoft Internet Explorer 11 is the prior major release, with Microsoft Edge being the current Microsoft browser.

2.2.3 Support for External Systems

Learn about external systems supported by Oracle Audit Vault and Database Firewall.

Supported external systems are as follows:

  • Integration offered:

    • Syslog

    • E-mail

  • SAN storage

    • iSCSI: It can be used to extend disk space for storing event data.

  • Archive system

    • SMB

    • SCP

    • NFS

Note:

  • Oracle AVDF 20.1 and later supports Network File System (NFS) versions v3 and v4 for archive or retrieve functionality.

  • NFS v3 only is not supported.

  • If your NFS server supports and permits both v3 and v4 for archive or retrieve, then no action is required.

  • In case you have NFS v4 only in your environment for archive or retrieve, then set the _SHOWMOUNT_DISABLED parameter to TRUE using the following steps:

    1. Log in to the Audit Vault Server as root.
    2. Switch user to oracle: su oracle
    3. Start SQL*Plus connection as sqlplus /nolog without the username or password.
    4. In SQL*Plus execute the command: connect super administrator
    5. Enter the password when prompted. Alternatively, execute the command: connect super administrator/password
    6. Execute the command: exec avsys.adm.add_config_param('_SHOWMOUNT_DISABLED','TRUE');

2.2.4 Audit Vault Agent: Supported and Tested Java Runtime Environment

Learn about the supported and tested Java Runtime Environment (JRE) for the Audit Vault Agent.

Table 2-4 lists supported versions of Java Runtime Environment (JRE).

Table 2-4 JRE Support Matrix

JRE Version Release/Version

1.8

1.8.0_45 and later

11

11.0.3

Note:

JRE version 11 is not supported on AIX platform.

2.2.5 Compatibility with Oracle Enterprise Manager

Learn about the supported versions of Oracle Enterprise Manager and Oracle Audit Vault Database Firewall.

Oracle Audit Vault and Database Firewall (AVDF) plug-in provides an interface within Enterprise Manager Cloud Control for administrators to manage and monitor Audit Vault and Database Firewall components.

Table 2-5 lists supported versions of Oracle Enterprise Manager and Oracle Audit Vault Database Firewall.

Table 2-5 Oracle Enterprise Manager Support Matrix

Oracle Enterprise Manager Release Oracle Audit Vault Database Firewall Release

13.4

20.1

  • 13.3
  • 13.2.1

12.2.x

Note:

Oracle Audit Vault and Database Firewall (AVDF) plug-in is supported only with the above mentioned Enterprise Manager releases.

2.3 Learning About Oracle Audit Vault and Database Firewall

Learn more about Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

Oracle Audit Vault and Database Firewall Concepts Guide to understand the features, components, users, and deployment of Oracle Audit Vault and Database Firewall.

2.4 About Oracle Audit Vault and Database Firewall Installation

Understand the process for installing Oracle Audit Vault and Database Firewall (Oracle AVDF).

Briefly, the steps are:

  1. Understand the Oracle Audit Vault and Database Firewall components to be installed.
  2. Plan the system configuration that best suits your needs.
  3. Ensure that your system meets the pre-install requirements.
  4. Complete the installation of Oracle Audit Vault Server.
  5. Complete the installation of Oracle Database Firewall.
  6. Complete the post-install configuration tasks.
  7. Complete the registration of hosts and deployment of Agent.
  8. Complete the registration of targets for audit collection and Database Firewall monitoring.

Note:

The Audit Vault Server and the Database Firewall server are software appliances. You must not make any changes to the Linux operating system through the command line on these servers unless following official Oracle documentation or under guidance from Oracle Support.

2.5 Supported Targets

Targets are the systems (such as a database or operating system) that you monitor using Oracle Audit Vault and Database Firewall (Oracle AVDF).

Each type of supported target has a corresponding plug-in under Oracle Audit Vault and Database Firewall.

See Also: