2 Overview of Oracle Audit Vault and Database Firewall Installation

Learn to install Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

Oracle Audit Vault and Database Firewall Administrator's Guide for general information about secure installation, data protection, and general recommendations for deploying Oracle Audit Vault and Database Firewall in a network and in special configurations.

2.1 Downloading the Latest Version of This Manual

Learn how to download the latest documentation for Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

2.2 Platform Support

Learn about various platforms supported by Oracle AVDF.

2.2.1 Product Compatibility Matrix

Learn about supported platforms for Audit Vault Agent, Host Monitor, audit collection, and Database Firewall monitoring or protection.

Oracle Audit Vault and Database Firewall is delivered as software appliance images ready to be deployed on physical hardware or on virtualized environments such as Oracle VM Server or VMware. You can install and run Oracle Audit Vault and Database Firewall on the following platforms:

  • Any Intel x86 64-bit hardware platform supported by Oracle Audit Vault and Database Firewall's embedded operating system. Oracle Audit Vault and Database Firewall 20 uses Oracle Linux release 7 with the Unbreakable Enterprise Kernel (UEK) version 5. For a list of compatible hardware, refer to Hardware Certification List for Oracle Linux and Oracle VM. This list contains the minimum version of Oracle Linux certified with the selected hardware. All Oracle Linux updates starting with Oracle Linux release 7 as the minimum are also certified unless otherwise noted.
  • Refer to Oracle Linux documentation for more information on the operating system platform.
  • Oracle VM Server for x86, versions 3.2.8, 3.2.9, 3.4.4, and 3.4.6.
  • VMWare VSphere, version 6.0 and 6.7. Version 7.0 is supported starting with Oracle AVDF release 20.7.
  • Oracle VM VirtualBox, version 6.0
  • Oracle Audit Vault and Database Firewall release 20 supports both BIOS and UEFI boot mode. For system with boot disk greater than 2 TB, Oracle AVDF supports booting in UEFI mode only.
  • Audit Vault Server and Database Firewall cannot be installed on Exalogic or Exadata appliances.
  • Oracle AVDF 20.1 to 20.4 is built on Oracle Linux version 7.8. Oracle AVDF 20.5 is built on Oracle Linux version 7.9.
  • Audit Vault Server and Database Firewall on Kernel-based Virtual Machine (KVM)

Table 2-1 Audit Collection and Database Firewall Support

Supported Platform Versions Supported Audit Collection Database Firewall Support
Database
Oracle Database

(Enterprise and Standard editions)

21c (Starting Oracle AVDF 20.4)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
Oracle Autonomous Database on Shared Exadata Infrastructure (ADB-S, ATP-S, ADW-S) Not applicable Yes Yes (Starting Oracle AVDF 20.8)
Oracle Autonomous Database on Dedicated Exadata Infrastructure (ADB-D, ATP-D, ADW-D) Not applicable Yes (Starting Oracle AVDF 20.3) Yes (Starting Oracle AVDF 20.8)
Oracle Exadata Database Service on Dedicated Infrastructure (ExaDB-D) Not applicable Yes Yes (Starting Oracle AVDF 20.8)
Autonomous Transaction Processing (Dedicated) Not applicable Yes (Starting Oracle AVDF 20.3) Yes (Starting Oracle AVDF 20.8)
Oracle Cloud Database Service

21c (Starting Oracle AVDF 20.4)

19c

Yes Not supported
Oracle Database running on Exadata

21c (Starting Oracle AVDF 20.4)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
Oracle Real Application Clusters

21c (Starting Oracle AVDF 20.4)

19c

18c

12.2

12.1

11.2.0.4

Yes Yes
MySQL (Enterprise Edition)

8.0

5.7

5.6

Yes Yes

Microsoft SQL Server (Windows)

Enterprise Edition

2019 (Starting Oracle AVDF 20.3)

2017

2016

2014

2012

Yes Yes

Microsoft SQL Server (Windows)

Standard Edition

2019 (Starting Oracle AVDF 20.6)

Yes Yes (Starting Oracle AVDF 20.8)
Microsoft SQL Server Cluster (Windows Failover Cluster)

2019 (Starting Oracle AVDF 20.6)

2017

2016

2014

2012

Yes

Yes (Starting Oracle AVDF 20.6)

Microsoft SQL Server Always On availability group (Starting with Oracle AVDF release 20.3)

2017

2016

2014

2012

Yes No
MongoDB (By configuring Quick JSON collector)

5.0 (Starting Oracle AVDF 20.8)

4.4 (Starting Oracle AVDF 20.4)

4.2

4.0

Yes No
PostgreSQL

13 (Starting Oracle AVDF 20.8)

12 (Starting Oracle AVDF 20.8)

9.6 to 11.8

Yes No
IBM Db2

11.5

11.1

10.5

Yes Yes

IBM Db2 Cluster

HADR (High Availability and Disaster Recovery) on OL 7.x

11.1

Yes Yes

IBM Db2 for AIX

7.2 TL1 and above

7.1 TL4 and TL5

11.5

11.1

10.5

Yes

Yes (Starting Oracle AVDF 20.4)

IBM DB2 Database Partitioning Feature (DPF) on Linux and AIX

11.5

11.1

10.5

Yes No
SAP Sybase ASE

16

15.7

Yes Yes
Transaction Log Collector using Oracle GoldenGate 19.1

11.2 to 19c

Yes Not applicable
Operating System
Oracle Solaris (SPARC64)

11.3

11.4

Yes Not applicable
Oracle Solaris (x86-64)

11.3

11.4

Yes Not applicable
Oracle Linux (64 bit)

OL 8.2 and 8.3 (requires auditd 3.0) (Starting Oracle AVDF 20.4)

OL 8 (requires auditd 3.0) (Starting Oracle AVDF 20.3)

OL 7.9 (requires auditd 2.8) (Starting Oracle AVDF 20.4)

OL 7.6-7.8 (requires auditd 2.8) (Starting Oracle AVDF 20.2)

OL 7.4-7.5 (requires auditd 2.7.6)

OL 7.3 (requires auditd 2.6.5)

OL 7.1-7.2 (requires auditd 2.4.1)

OL 7.0 (requires auditd 2.3.3)

OL 6.8-6.9 (requires auditd 2.4.5)

OL 6.6-6.7 (requires auditd 2.3.7)

OL 6.1-6.5 (requires auditd 2.2.2)

OL 6.0 (requires auditd 2.0)

Yes Not applicable
Red Hat Enterprise Linux

RHEL 8.2 and 8.3 (requires auditd 3.0) (Starting Oracle AVDF 20.4)

RHEL 8 (requires auditd 3.0) (Starting Oracle AVDF 20.3)

RHEL 7.9 (requires auditd 2.8) (Starting Oracle AVDF 20.4)

RHEL 7.6-7.8 (requires auditd 2.8) (Starting Oracle AVDF 20.2)

RHEL 7.5 (requires auditd 2.7.6)

RHEL 7.4 (requires auditd 2.7.6)

RHEL 7.3 (requires auditd 2.6.5)

RHEL 7.2 (requires auditd 2.4.1)

RHEL 7.1 (requires auditd 2.4.1)

RHEL 7.0 (requires auditd 2.3.3)

RHEL 6.10 (requires auditd 2.4.5)

RHEL 6.9 (requires auditd 2.4.5)

RHEL 6.8 (requires auditd 2.4.5)

RHEL 6.7 (requires auditd 2.3.7)

Yes Not applicable
Microsoft Windows Server (x86-64)

2019 in release 20.2 (20 RU2) and later

2016

2012 R2

2012

Yes Not applicable
IBM AIX on Power Systems (64-bit)

7.2 TL2 and above

7.1 TL5

Yes Not applicable
Directory Service
Microsoft Active Directory

2016

2008

Yes Not applicable
File System

Oracle ACFS

12c

Yes Not applicable

Note:

Oracle Automatic Storage Management Cluster File System (Oracle ACFS) or Oracle Advanced Cluster File System was deprecated in Oracle AVDF release 20.7 and is desupported in 20.8.

Table 2-2 Supported Platforms for Audit Vault Agent and Host Monitor

Supported Platform Versions Supported Audit Vault Agent Deployment Host Monitor Deployment
Operating System
Oracle Solaris (SPARC64)

11.3

11.4

Yes Yes
Oracle Solaris (x86-64)

11.3

11.4

Yes Yes
Oracle Linux (64 bit)

OL 8.2 and 8.3 (requires auditd 3.0) (Starting Oracle AVDF 20.4)

OL 8 (requires auditd 3.0) (Starting Oracle AVDF 20.3)

OL 7.9 (requires auditd 2.8) (Starting Oracle AVDF 20.4)

OL 7.6-7.8 (requires auditd 2.8) (Starting Oracle AVDF 20.2)

OL 7.4-7.5 (requires auditd 2.7.6)

OL 7.3 (requires auditd 2.6.5)

OL 7.1-7.2 (requires auditd 2.4.1)

OL 7.0 (requires auditd 2.3.3)

OL 6.8-6.9 (requires auditd 2.4.5)

OL 6.6-6.7 (requires auditd 2.3.7)

OL 6.1-6.5 (requires auditd 2.2.2)

OL 6.0 (requires auditd 2.0)

Yes Yes
Oracle Linux (64 bit) Cluster OL 7.x Yes No
Red Hat Enterprise Linux

RHEL 8.2 and 8.3 (requires auditd 3.0) (Starting Oracle AVDF 20.4)

RHEL 8 (requires auditd 3.0) (Starting Oracle AVDF 20.3)

RHEL 7.9 (requires auditd 2.8) (Starting Oracle AVDF 20.4)

RHEL 7.6-7.8 (requires auditd 2.8) (Starting Oracle AVDF 20.2)

RHEL 7.5 (requires auditd 2.7.6)

RHEL 7.4 (requires auditd 2.7.6)

RHEL 7.3 (requires auditd 2.6.5)

RHEL 7.2 (requires auditd 2.4.1)

RHEL 7.1 (requires auditd 2.4.1)

RHEL 7.0 (requires auditd 2.3.3)

RHEL 6.10 (requires auditd 2.4.5)

RHEL 6.9 (requires auditd 2.4.5)

RHEL 6.8 (requires auditd 2.4.5)

RHEL 6.7 (requires auditd 2.3.7)

Yes Yes
Red Hat Enterprise Linux Cluster RHEL 7.x Yes No
Microsoft Windows Server (x86-64)

2019 in release 20.2 (20 RU2) and later

2016

2012 R2

2012

Yes Yes
IBM AIX on Power Systems (64-bit)

7.2 TL2 and above

7.1 TL5

Yes Yes
IBM AIX on Power Systems (64-bit) Cluster

7.2 TL2 and above

7.1 TL5

Yes No
HP-UX on Itanium 11.31 Yes Not applicable

Note:

Oracle AVDF encourages you to upgrade to the latest supported versions at all times to stay current with security and functionality. Interoperability and functionality with older versions of the targets increases complexity and vulnerability.

Table 2-3 Appliance Deployment: Audit Vault Server and Database Firewall

Name Release/Version

Oracle VM VirtualBox

6.0

5.2

Oracle VM Server for x86

  • 3.2.8
  • 3.2.9
  • 3.4.4
  • 3.4.6

VMware vSphere

7.0 (Starting with Oracle AVDF release 20.7)

6.7

6.0

2.2.2 Supported Browsers

Learn what browsers are supported with Oracle Audit Vault and Database Firewall (Oracle AVDF).

Oracle Audit Vault and Database Firewall requires a JavaScript-enabled browser and supports the current and prior major release of Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Internet Explorer, and Microsoft Edge.

Note:

  • Ensure that the browser version you are using supports TLS 1.2 protocol.
  • Microsoft Internet Explorer 11 is the prior major release, with Microsoft Edge being the current Microsoft browser. Support for Internet Explorer (IE) 11 is deprecated. Audit Vault Server console does not support Microsoft Internet Explorer 11 (and prior), starting with release 20.6.

2.2.3 Support for External Systems

Learn about external systems supported by Oracle Audit Vault and Database Firewall.

Supported external systems are as follows:

  • Integration offered:

    • Syslog

    • E-mail

  • SAN storage

    • iSCSI: It can be used to extend disk space for storing event data.

  • Archive system

    • SMB

    • SCP

    • NFS

Note:

  • Oracle AVDF 20.1 and later supports archive and retrieve functionality with Network File System (NFS) server which support both versions v3 and v4.

  • Only NFS version v3 is not supported for releases 20.3 and prior. It is supported starting Oracle AVDF release 20.4.

  • If your NFS server supports and permits both v3 and v4 for archive or retrieve, then no action is required.

  • In case you have NFS v4 only in your environment for archive or retrieve, then set the _SHOWMOUNT_DISABLED parameter to TRUE using the following steps:

    1. Log in to the Audit Vault Server as root.
    2. Switch user to oracle: su - oracle
    3. Start SQL*Plus connection as sqlplus /nolog without the username or password.
    4. In SQL*Plus execute the command: connect super administrator
    5. Enter the password when prompted. Alternatively, execute the command: connect super administrator/password
    6. Execute the command: exec avsys.adm.add_config_param('_SHOWMOUNT_DISABLED','TRUE');

2.2.4 Audit Vault Agent: Supported and Tested Java Runtime Environment

Learn about the supported and tested Java Runtime Environment (JRE) for the Audit Vault Agent.

Table 2-4 lists supported versions of Java Runtime Environment (JRE).

Table 2-4 JRE Support Matrix

JRE Version Release/Version

1.8

1.8.0_45 and later

11

11.0.3

17

(Starting with Oracle AVDF release 20.8)

17.0.2

Note:

  • JRE version 11 is not supported on AIX platform in Oracle AVDF release 20.7 and earlier. For AIX platform use JRE version 1.8.0_241 (minimum).
  • JRE versions 11 and 17 are supported on AIX platform starting with Oracle AVDF release 20.8.

2.2.5 Compatibility with Oracle Enterprise Manager

Learn about the supported versions of Oracle Enterprise Manager and Oracle Audit Vault Database Firewall.

Oracle Audit Vault and Database Firewall (Oracle AVDF) plug-in provides an interface within Enterprise Manager Cloud Control for administrators to manage and monitor Oracle Audit Vault and Database Firewall components.

Table 2-5 lists supported versions of Oracle Enterprise Manager and Oracle Audit Vault Database Firewall.

Table 2-5 Oracle Enterprise Manager Support Matrix

Oracle Enterprise Manager Release Oracle Audit Vault Database Firewall Release

13.5

20.6 and later

13.4

20.x

  • 13.3
  • 13.2.1

12.2.x

Note:

Oracle Audit Vault and Database Firewall (Oracle AVDF) plug-in is supported only with the above mentioned Enterprise Manager releases.

See Also:

2.3 Learning About Oracle Audit Vault and Database Firewall

Learn more about Oracle Audit Vault and Database Firewall (Oracle AVDF).

See Also:

Oracle Audit Vault and Database Firewall Concepts Guide to understand the features, components, users, and deployment of Oracle Audit Vault and Database Firewall.

2.4 About Oracle Audit Vault and Database Firewall Installation

Understand the process for installing Oracle Audit Vault and Database Firewall (Oracle AVDF).

Here are the steps for installing Oracle AVDF:

  1. Understand the Oracle Audit Vault and Database Firewall components to be installed.
  2. Plan the system configuration that best suits your needs.
  3. Ensure that your system meets the pre-install requirements.
  4. Complete the installation of Audit Vault Server.
  5. Complete the installation of Database Firewall.
  6. Complete the post-install configuration tasks.
  7. Complete the registration of hosts and deployment of Agent.
  8. Complete the registration of targets for audit collection and Database Firewall monitoring.

Note:

The Audit Vault Server and the Database Firewall server are software appliances. You must not make any changes to the Linux operating system through the command line on these servers unless following official Oracle documentation or under guidance from Oracle Support.