2 Overview of Oracle Audit Vault and Database Firewall Installation

Learn to install Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

Oracle Audit Vault and Database Firewall Administrator's Guide for general information about secure installation, data protection, and general recommendations for deploying Oracle Audit Vault and Database Firewall in a network and in special configurations.

2.1 Downloading the Latest Version of This Manual

Learn how to download the latest documentation for Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

2.2 Platform Support

Learn about various platforms supported by Oracle AVDF.

2.2.1 Product Compatibility Matrix

See which platforms are supported for installing Oracle Audit Vault and Database Firewall (Oracle AVDF), audit collection, database firewall support, and deploying the Audit Vault Agent and Host Monitor Agent.

Note:

Oracle recommends that you update to the latest supported releases or versions at all times to stay current with security and functionality. Interoperability and functionality with older versions of the targets increases complexity and vulnerability.

Tip:

See Behavior Changes, Deprecated, and Desupported Platforms and Features to see the latest deprecation and desupport notices.
2.2.1.1 Supported Platforms for Oracle Audit Vault and Database Firewall

Oracle Audit Vault and Database Firewall (Oracle AVDF) is delivered as software appliance images that are ready to deploy on physical hardware or in virtualized environments, such as Oracle VM Server or VMware.

Supported Hardware

You can install and run Oracle AVDF on any Intel x86 64-bit hardware platform that is supported by Oracle AVDF's embedded operating system. Oracle AVDF release 20 uses the following Oracle Linux releases:

  • Oracle AVDF 20.1 to 20.5: Oracle Linux version 7.8 with Unbreakable Enterprise Kernel (UEK) release 5
  • Oracle AVDF 20.6 to 20.8: Oracle Linux release 7.9 with UEK release 6
  • Starting with Oracle AVDF 20.9: Oracle Linux release 8.5 with UEK release 6

To determine whether your hardware is certified for Oracle Linux, see Hardware Certification List for Oracle Linux and Oracle VM. All Oracle Linux 7 and Oracle Linux 8 updates are also certified, unless otherwise noted.

Note:

  • Oracle AVDF 20 supports both BIOS and UEFI boot mode. For systems with boot disks that are greater than 2 TB, Oracle AVDF supports booting in UEFI mode only.
  • Oracle AVDF can't be installed on Oracle Exalogic or Exadata appliances.

Supported Virtualization Platforms

  • Oracle VM Server for x86, release 3.2.8, 3.2.9, 3.4.4, and 3.4.6
  • VMWare VSphere, release 6.0, 6.7, and 7.0 (starting with Oracle AVDF 20.7)
  • Oracle VM VirtualBox, release 5.2, 6.0, 6.1, and 7.0 (starting with Oracle AVDF 20.9)
  • Kernel-based virtual machine (KVM)

The installation of Oracle AVDF on a non-Oracle Cloud platform (for example, AWS EC2) is not internally tested and supported by Oracle. You can conduct tests or proof of concept (POC) in your environment. You might be able to install Oracle AVDF on these platforms successfully. However, in case of any issue, Oracle Support will ask you to reproduce the issue on a supported platform of Oracle AVDF if the issue is already not known.

2.2.1.2 Audit Collection and Database Firewall Support for Databases

See which databases and versions are supported for audit collection and database firewall support in Oracle Audit Vault and Database Firewall (Oracle AVDF).

Supported Database Versions Supported Audit Collection Support Database Firewall Support
Oracle Database

(Enterprise and Standard editions)

21c (Starting with Oracle AVDF 20.4)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
Oracle Autonomous Database on Serverless Exadata Infrastructure (ADB-S, ATP-S, ADW-S) Not applicable Yes Yes (Starting with Oracle AVDF 20.8)
Oracle Autonomous Database on Dedicated Exadata Infrastructure (ADB-D, ATP-D, ADW-D) Not applicable Yes (Starting with Oracle AVDF 20.3) Yes (Starting with Oracle AVDF 20.8)
Oracle Exadata Database Service on Dedicated Infrastructure (ExaDB-D) Not applicable Yes Yes (Starting with Oracle AVDF 20.8)
Autonomous Transaction Processing (Dedicated) Not applicable Yes (Starting with Oracle AVDF 20.3) Yes (Starting with Oracle AVDF 20.8)
Oracle Cloud Database Service

21c (Starting with Oracle AVDF 20.4)

19c

Yes Yes (Starting with Oracle AVDF 20.8)
Oracle Database running on Exadata

21c (Starting with Oracle AVDF 20.4)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
Oracle Real Application Clusters (Oracle RAC)

21c (Starting with Oracle AVDF 20.4)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
MySQL (Enterprise Edition)

8.0

5.7

5.6

Yes Yes

Microsoft SQL Server (Windows)

Enterprise Edition

2022 (Starting with Oracle AVDF 20.10)

2019 (Starting with Oracle AVDF 20.3)

2017

2016

2014

2012

Yes Yes

Microsoft SQL Server (Windows)

Standard Edition

2022 (Starting with Oracle AVDF 20.10)

2019 (Starting with Oracle AVDF 20.6)

Yes Yes (Starting with Oracle AVDF 20.8 support for Microsoft SQL Server Standard Edition 2019)
Microsoft SQL Server Cluster (Windows Failover Cluster)

2019 (Starting with Oracle AVDF 20.6)

2017

2016

2014

2012

Yes

Yes (Starting with Oracle AVDF 20.6 support for Microsoft SQL Server Cluster 2019)

Microsoft SQL Server Always On availability group (Starting with Oracle AVDF 20.3)

2017

2016

2014

2012

Yes Yes (Starting with Oracle AVDF 20.11)
MongoDB (By configuring Quick JSON collector)

5.0 (Starting with Oracle AVDF 20.8)

4.4 (Starting with Oracle AVDF 20.4)

4.2

4.0

Yes No
PostgreSQL

15 (Starting with Oracle AVDF 20.10)

14 (Starting with Oracle AVDF 20.10)

13 (Starting with Oracle AVDF 20.8)

12 (Starting with Oracle AVDF 20.8)

9.6 to 11.8

Yes No
IBM Db2

11.5

11.1

10.5

Yes Yes

IBM Db2 Cluster

HADR (High Availability and Disaster Recovery) on OL 7.x

11.1

Yes Yes

IBM Db2 for AIX

7.2 TL1 and above

7.1 TL4 and TL5

11.5

11.1

10.5

Yes

Yes (Starting with Oracle AVDF 20.4)

IBM DB2 Database Partitioning Feature (DPF) on Linux and AIX

11.5

11.1

10.5

Yes No
SAP Sybase ASE

16

15.7

Yes Yes
2.2.1.3 Audit Collection and Database Firewall Support for Operating Systems

See which operating systems and versions are supported for audit collection and database firewall support in Oracle Audit Vault and Database Firewall (Oracle AVDF).

Supported Operating System Versions Supported Audit Collection Support Database Firewall Support
Oracle Solaris (SPARC64)

11.3

11.4

Yes Not applicable
Oracle Solaris (x86-64)

Solaris - x86-64 was deprecated in Oracle AVDF 20.9, and it will be desupported in one of the future releases.

11.3

11.4

Yes Not applicable
Oracle Linux (64 bit)

OL 9 (requires auditd 3.0.7) (Oracle AVDF 20.9 and later)

OL 8.2 and 8.3 (requires auditd 3.0) (Oracle AVDF 20.4 and later)

OL 8 (requires auditd 3.0) (Oracle AVDF 20.3 and later)

OL 7.9 (requires auditd 2.8) (Oracle AVDF 20.4 and later)

OL 7.6-7.8 (requires auditd 2.8) (Oracle AVDF 20.2 and later)

OL 7.4-7.5 (requires auditd 2.7.6)

OL 7.3 (requires auditd 2.6.5)

OL 7.1-7.2 (requires auditd 2.4.1)

OL 7.0 (requires auditd 2.3.3)

OL 6.8-6.9 (requires auditd 2.4.5)

OL 6.6-6.7 (requires auditd 2.3.7)

OL 6.1-6.5 (requires auditd 2.2.2)

OL 6.0 (requires auditd 2.0)

Yes Not applicable
Red Hat Enterprise Linux

RHEL 9 (requires auditd 3.0.7) (Oracle AVDF 20.9 and later)

RHEL 8.2 and 8.3 (requires auditd 3.0) (Oracle AVDF 20.4 and later)

RHEL 8 (requires auditd 3.0) (Oracle AVDF 20.3 and later)

RHEL 7.9 (requires auditd 2.8) (Oracle AVDF 20.4 and later)

RHEL 7.6-7.8 (requires auditd 2.8) (Oracle AVDF 20.2 and later)

RHEL 7.5 (requires auditd 2.7.6)

RHEL 7.4 (requires auditd 2.7.6)

RHEL 7.3 (requires auditd 2.6.5)

RHEL 7.2 (requires auditd 2.4.1)

RHEL 7.1 (requires auditd 2.4.1)

RHEL 7.0 (requires auditd 2.3.3)

RHEL 6.10 (requires auditd 2.4.5)

RHEL 6.9 (requires auditd 2.4.5)

RHEL 6.8 (requires auditd 2.4.5)

RHEL 6.7 (requires auditd 2.3.7)

Yes Not applicable
Microsoft Windows Server (x86-64)

2019 (Oracle AVDF 20.2 and later)

2016

2012 R2

2012

Yes Not applicable
IBM AIX on Power Systems (64-bit)

7.3 (TL0) (Oracle AVDF 20.10 and later)

7.2 (TL2 and above)

7.1 (TL5)

Yes Not applicable
2.2.1.4 Audit Collection and Database Firewall Support for Directory Services

See which directory services and versions are supported for audit collection and database firewall support in Oracle Audit Vault and Database Firewall (Oracle AVDF).

Supported Directory Service Versions Supported Audit Collection Support Database Firewall Support
Microsoft Active Directory

2012 to 2016

Yes Not applicable
2.2.1.5 Audit Collection and Database Firewall Support for File Systems

See which file systems and versions are supported for audit collection and database firewall support in Oracle Audit Vault and Database Firewall (Oracle AVDF).

Supported File System Versions Supported Audit Collection Support Database Firewall Support
Oracle ACFS 12c Yes Not applicable

Note:

Oracle Automatic Storage Management Cluster File System (Oracle ACFS) or Oracle Advanced Cluster File System was deprecated in Oracle AVDF release 20.7 and desupported in 20.8.
2.2.1.6 Supported Operating Systems for Audit Vault Agent and Host Monitor Agent

See which operating systems and versions are supported for deploying the Audit Vault Agent and Host Monitor Agent.

Supported Operating System Versions Supported Audit Vault Agent Deployment Host Monitor Agent Deployment
Oracle Solaris (SPARC64)

11.3

11.4

Yes Yes
Oracle Solaris (x86-64)

Solaris - x86-64 was deprecated in Oracle AVDF 20.9, and it will be desupported in one of the future releases.

11.3

11.4

Yes Yes
Oracle Linux (64 bit)

Oracle Linux 6 was deprecated in Oracle AVDF 20.10, and it will be desupported in one of the future releases.

OL 9 (requires auditd 3.0.7) (Oracle AVDF 20.9 and later)

OL 8.2 and 8.3 (requires auditd 3.0) (Oracle AVDF 20.4 and later)

OL 8 (requires auditd 3.0) (Oracle AVDF 20.3 and later)

OL 7.9 (requires auditd 2.8) (Oracle AVDF 20.4 and later)

OL 7.6-7.8 (requires auditd 2.8) (Oracle AVDF 20.2 and later)

OL 7.4-7.5 (requires auditd 2.7.6)

OL 7.3 (requires auditd 2.6.5)

OL 7.1-7.2 (requires auditd 2.4.1)

OL 7.0 (requires auditd 2.3.3)

OL 6.8-6.9 (requires auditd 2.4.5)

OL 6.6-6.7 (requires auditd 2.3.7)

OL 6.1-6.5 (requires auditd 2.2.2)

OL 6.0 (requires auditd 2.0)

Yes Yes
Oracle Linux (64 bit) Cluster OL 7.x Yes No
Red Hat Enterprise Linux

RHEL 9 (requires auditd 3.0.7) (Oracle AVDF 20.9 and later)

RHEL 8.2 and 8.3 (requires auditd 3.0) (Oracle AVDF 20.4 and later)

RHEL 8 (requires auditd 3.0) (Oracle AVDF 20.3 and later)

RHEL 7.9 (requires auditd 2.8) (Oracle AVDF 20.4 and later)

RHEL 7.6-7.8 (requires auditd 2.8) (Oracle AVDF 20.2 and later)

RHEL 7.5 (requires auditd 2.7.6)

RHEL 7.4 (requires auditd 2.7.6)

RHEL 7.3 (requires auditd 2.6.5)

RHEL 7.2 (requires auditd 2.4.1)

RHEL 7.1 (requires auditd 2.4.1)

RHEL 7.0 (requires auditd 2.3.3)

RHEL 6.10 (requires auditd 2.4.5)

RHEL 6.9 (requires auditd 2.4.5)

RHEL 6.8 (requires auditd 2.4.5)

RHEL 6.7 (requires auditd 2.3.7)

Yes Yes
Red Hat Enterprise Linux Cluster RHEL 7.x Yes No
Microsoft Windows Server (x86-64)

2019 in release 20.2 (20 RU2) and later

2016

2012 R2

2012

Yes Yes
IBM AIX on Power Systems (64-bit)

7.3 (TL0) (Oracle AVDF 20.10 and later)

7.2 (TL2 and above)

7.1 (TL5)

Yes Yes
IBM AIX on Power Systems (64-bit) Cluster

7.3 (TL0) (Oracle AVDF 20.10 and later)

7.2 (TL2 and above)

7.1 (TL5)

Yes No
Linux on IBM Z

RHEL 8 (Oracle AVDF 20.10 and later)

RHEL 9 (Oracle AVDF 20.10 and later)

Yes No
HP-UX on Itanium

HP-UX on Itanium was deprecated in Oracle AVDF 20.9, and it will be desupported in one of the future releases.

11.31 Yes Not applicable
2.2.1.7 Support for Transaction Log Audit Collection Using Oracle GoldenGate

See which versions of Oracle GoldenGate are supported for collecting transaction log audit data from supported database targets.

Minimum Supported Oracle GoldenGate Version Supported Target Databases and Versions Supported Oracle AVDF Release
Oracle GoldenGate 19c (19.1.0.0.4) Oracle Database 11.2 to 19c Oracle AVDF 20.1 to 20.9
Oracle GoldenGate 19c (19.1.0.0.200414) Microsoft SQL Server 2012, 2014, 2016, 2017, 2019 Oracle AVDF 20.9
Oracle GoldenGate 21c (21.4) Microsoft SQL Server 2017, 2019 Oracle AVDF 20.10 and later
Oracle GoldenGate 21c (21.9) Oracle Database 19c Oracle AVDF 20.10 and later
Oracle GoldenGate 21c (21.11) MySQL 8.0 Oracle AVDF 20.11 and later

Note:

To support Oracle Databases before 12.2, Downstream Mining needs to be configured.

2.2.2 Supported Browsers

Learn what browsers are supported with Oracle Audit Vault and Database Firewall (Oracle AVDF).

Oracle Audit Vault and Database Firewall requires a JavaScript-enabled browser and supports the current and prior major release of Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Internet Explorer, and Microsoft Edge.

Note:

  • Ensure that the browser version you are using supports TLS 1.2 protocol.
  • Microsoft Internet Explorer 11 is the prior major release, with Microsoft Edge being the current Microsoft browser. Support for Internet Explorer (IE) 11 is deprecated. Audit Vault Server console does not support Microsoft Internet Explorer 11 (and prior), starting with release 20.6.

2.2.3 Support for External Systems

Learn about external systems supported by Oracle Audit Vault and Database Firewall.

Supported external systems are as follows:

  • Integration offered:

    • Syslog
    • E-mail
  • SAN storage

    • iSCSI: It can be used to extend disk space for storing event data.
  • Archive system

    • SMB
    • SCP
    • NFS

Note:

  • Oracle AVDF 20.1 and later supports archive and retrieve functionality with Network File System (NFS) server which support both versions v3 and v4.
  • Only NFS version v3 is not supported for releases 20.3 and prior. It is supported starting Oracle AVDF release 20.4.
  • If your NFS server supports and permits both v3 and v4 for archive or retrieve, then no action is required.
  • In case you have NFS v4 only in your environment for archive or retrieve, then set the _SHOWMOUNT_DISABLED parameter to TRUE using the following steps:

    1. Log in to the Audit Vault Server through SSH and switch to the root user.

      See Logging In to Oracle AVDF Appliances Through SSH.

    2. Switch to the oracle user.

      su - oracle
    3. Start SQL*Plus as sqlplus /nolog without the user name and password.
    4. In SQL*Plus, run the following command:

      connect super administrator
    5. Enter the password when prompted.
    6. Run the following command:

      exec avsys.adm.add_config_param('_SHOWMOUNT_DISABLED','TRUE');

2.2.4 Audit Vault Agent: Supported and Tested Java Runtime Environment

Learn about the supported and tested Java Runtime Environment (JRE) for the Audit Vault Agent.

Table 2-1 lists supported versions of Java Runtime Environment (JRE).

Table 2-1 JRE Support Matrix

JRE Version Release/Version

1.8

1.8.0_45 and later

11

11.0.3

17

(Starting with Oracle AVDF release 20.8)

17.0.2

Note:

  • JRE version 11 is not supported on AIX platform in Oracle AVDF release 20.7 and earlier. For AIX platform use JRE version 1.8.0_241 (minimum).
  • JRE versions 11 and 17 are supported on AIX platform starting with Oracle AVDF release 20.8.

2.2.5 Compatibility with Oracle Enterprise Manager

Learn about the supported versions of Oracle Enterprise Manager and Oracle Audit Vault Database Firewall.

Oracle Audit Vault and Database Firewall (Oracle AVDF) plug-in provides an interface within Enterprise Manager Cloud Control for administrators to manage and monitor Oracle Audit Vault and Database Firewall components.

Table 2-2 lists supported versions of Oracle Enterprise Manager and Oracle Audit Vault Database Firewall.

Table 2-2 Oracle Enterprise Manager Support Matrix

Oracle Enterprise Manager Release Oracle Audit Vault Database Firewall Release

13.5

20.6 and later

13.4

20.x

  • 13.3
  • 13.2.1

12.2.x

Note:

Oracle Audit Vault and Database Firewall (Oracle AVDF) plug-in is supported only with the above mentioned Enterprise Manager releases.

See Also:

2.3 Learning About Oracle Audit Vault and Database Firewall

Learn more about Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

Oracle Audit Vault and Database Firewall Concepts Guide to understand the features, components, users, and deployment of Oracle Audit Vault and Database Firewall.

2.4 About Oracle Audit Vault and Database Firewall Installation

Understand the process for installing Oracle Audit Vault and Database Firewall (Oracle AVDF).

Here are the steps for installing Oracle AVDF:

  1. Understand the Oracle Audit Vault and Database Firewall components to be installed.
  2. Plan the system configuration that best suits your needs.
  3. Ensure that your system meets the pre-install requirements.
  4. Complete the installation of Audit Vault Server.
  5. Complete the installation of Database Firewall.
  6. Complete the post-install configuration tasks.
  7. Complete the registration of hosts and deployment of Agent.
  8. Complete the registration of targets for audit collection and Database Firewall monitoring.

Note:

The Audit Vault Server and the Database Firewall server are software appliances. You must not make any changes to the Linux operating system through the command line on these servers unless following official Oracle documentation or under guidance from Oracle Support.