3 Oracle Audit Vault and Database Firewall Pre-Install Requirements

Learn about the requirements that your system must meet before you can install Oracle Audit Vault and Database Firewall (Oracle AVDF).

3.1 Oracle AVDF Deployment Checklist

Prerequisites or deployment checklist for installing Oracle Audit Vault and Database Firewall.

  1. Ensure to meet the hardware requirements in sections Product Compatibility Matrix and Oracle Audit Vault and Database Firewall Hardware Requirements.
  2. Review and follow the sizing requirements mentioned in MOS Note (Doc ID 2092683.1) to ensure hardware has sufficient capacity. Review the sizing whenever there is increase in scale of targets.
  3. Check and resolve the Pre-upgrade RPM Boot Partition Space Check Warning.
  4. Follow the guidelines in Audit Vault Agent Requirements.
  5. Follow the guidelines in Host Monitor Requirements.
  6. Follow the guidelines in Audit Vault Server Post-Installation Tasks.
  7. Follow the guidelines in Database Firewall Post-Installation Tasks.

3.2 Installing Audit Vault Server on VMware

An important prerequisite for installing Audit Vault Server on VMware.

You must set VMX configuration parameter disk.EnableUUID to TRUE. This must be done to enable proper mounting of disks. Without this setting, the Audit Vault Server installation on VMware will fail.

3.3 Audit Vault Agent Requirements

Learn about the Audit Vault Agent requirements.

Recommended prerequisites for installing Audit Vault Agent:

  1. Ensure to meet the system requirements. See Product Compatibility Matrix.
  2. Ensure to meet the following Java requirements:

  3. The host machine on which the Audit Vault Agent is deployed must have at least 512 MB RAM.
  4. Apply the latest security patches of OpenSSL libraries available from the OS vendor for the specific OS version on the host machine.
  5. The host machine on which the Audit Vault Agent is deployed must have connectivity to the Audit Vault Server. In case of high availability set up, it must have connectivity to both the primary and standby Audit Vault Servers.
  6. The Audit Vault Server uses 2 ports (1521 and 1522 by default) for Agent communication. Ensure to configure the ports appropriately for this communication.
  7. If NAT (Network Address Translation) is used in the network between Audit Vault Server and the host machine where agent is deployed, then ensure the IP address of the host machine is resolvable from Audit Vault Server.
  8. The user must have the required OS permissions to install the Agent. The user must be able to access the audit trail location in case of directory audit trails. See About Deploying the Audit Vault Agent for the OS permissions required for installing the Agent.

3.4 Host Monitor Requirements

Learn about Host Monitor requirements.

Host Monitor enables the Database Firewall to directly monitor SQL traffic in a database.

Prerequisites for installing Host Monitor on Windows platform:

  1. Ensure Audit Vault Agent is running on the host machine.
  2. Verify and allow communication on ports 2050 - 5100 for Database Firewall.
  3. Install Npcap that is available in the avdf20-utility.zip bundle in ARU. It is part of the Oracle Audit Vault and Database Firewall installable files.
  4. Ensure to install Npcap in WinPcap-API-compatible mode.
  5. Install the latest version of OpenSSL (1.1.1g or higher) libraries.
  6. Ensure the Windows target machine has the latest update of Visual C++ Redistributable for Visual Studio 2015 (MSVCRT.dll (*) or later) package from Microsoft installed. This is a must to use Host Monitor on Windows.

Prerequisites for installing Host Monitor on Linux/Unix/AIX/Solaris platforms:

  1. Ensure Audit Vault Agent is running on the host machine.
  2. Host Monitor must be installed by root user.
  3. Ensure Libcap is installed for Linux hosts.
  4. Apply the latest security patches of libraries (LibPcap, OpenSSL) available from the OS vendor for the specific OS version on the host machine.
  5. Ensure gmake is installed. This is needed for linking the Host Monitor executables with LibPcap and OpenSSL libraries.
  6. Check directory permissions. All the directories in the path of the Host Monitor install location should have 755 as the permission bits starting from the root directory. Also, Host Monitor must be installed in a root owned location.
  7. Verify and allow communication on ports 2050 - 5100 for Database Firewall.
  8. Ensure the Input Output Completion Ports (IOCP) is set to available for IBM AIX on Power Systems (64-bit). It is set to defined by default.

See Also:

Enabling and Using Host Monitoring for host monitoring instructions and prerequisites.

3.5 Privileges Required to Install Oracle Audit Vault and Database Firewall

Learn about the privileges required to install Oracle Audit Vault and Database Firewall (Oracle AVDF).

Any user can install Oracle Audit Vault and Database Firewall. You do not need administrative privileges to complete the installation.

3.6 Oracle Audit Vault and Database Firewall Hardware Requirements

Install each Audit Vault Server and each Database Firewall onto its own dedicated x86 64-bit server (or Oracle VM 3.x).

You can use any Intel x86-64-bit hardware platform that is supported by Oracle Audit Vault and Database Firewall's embedded operating system. Oracle Audit Vault and Database Firewall uses Oracle Linux release 7 with the Unbreakable Enterprise Kernel (UEK) version 5. For a list of compatible hardware, refer to Hardware Certification List for Oracle Linux and Oracle VM. This list contains the minimum version of Oracle Linux certified with the selected hardware. All Oracle Linux updates starting with Oracle Linux release 7 as the minimum are also certified unless otherwise noted.

Note:

Do not install Audit Vault Server or Database Firewall on a server (or Oracle VM) that is used for other activities, because the installation process formats the server, deleting any existing data and operating systems.

3.6.1 Memory and Space Requirements

Learn about the minimum memory requirements for Oracle Audit Vault and Database Firewall (Oracle AVDF).

Each x86 64-bit server must have the following minimum memory:

  • Audit Vault Server: 8 GBFoot 1

  • Database Firewall: 8 GB

Memory Layout Information

The installer checks for a number of conditions before allowing the installation or upgrade to be completed. Memory allocation and space checks on specific directories is an important aspect.

A minimum of at least 8 GB of memory is required. You can force the upgrade process to complete if your system has a lower amount of memory (for example 4 GB). However it is not difficult to extend memory for Oracle Audit Vault and Database Firewall installation. Oracle Audit Vault and Database Firewall sends daily reminders to upgrade your system's memory.

The space checks mentioned here are a bare minimum, below which the upgrade is likely to fail.

File System Space Check

/home

100 MB

/usr/local/dbfw

200 MB

/usr/local/dbfw/tmp

7.5 GB

/var/lib/oracle

5.5 GB for Audit Vault Server

/

2 GB

/tmp

1.4 GB

/var/dbfw

100 MB

/var/log

100 MB

/var/tmp

5 GB

3.6.2 Disk Space Requirements

Learn about the minimum disk space requirements for Oracle Audit Vault and Database Firewall (Oracle AVDF).

Each x86 64-bit server must have a single hard drive with a minimum of the following disk space:

  • Audit Vault Server: 220 GB

  • Database Firewall: 220 GB

Note:

  • Oracle Audit Vault and Database Firewall release 20 supports both BIOS and UEFI boot mode. For system with boot disk greater than 2 TB, Oracle AVDF supports booting in UEFI mode only.
  • Provisioning disks greater than 4PB each for fresh installation is not optimal. The disks equal to or under 4PB, ensure that only one disk partition is allocated per disk group on each physical disk.
  • For appliance hardware specification, refer to Oracle Audit Vault and Database Firewall Sizing Advice (MOS Doc ID 2223771.1).

3.6.3 Network Interface Cards

Learn about the recommended number of network interface cards (NICs) for each x86 64-bit server.

Oracle recommends the following number of network interface cards (NICs) for each x86 64-bit server on which you install the following components:

  • 1 NIC for the Audit Vault Server

  • At least 1 NIC for a Database Firewall operating as a proxy with no network separation

  • At least 2 NICs for a Database Firewall deployed in Monitoring (Out-of-Band) or Monitoring (Host Monitor) mode

  • 2 NICs for Database Firewall deployed in Monitoring / Blocking (Proxy) mode with network separation.

  • At least 3 NICs for a Database Firewall deployed in Monitoring / Blocking (Proxy) mode. These 3 NICs are required for network separation, 1 NIC for management, 2 NICs for client and database network connections.

3.6.4 Fiber Channel Based Multipath in Oracle AVDF

Learn about support for multipath in Oracle AVDF.

Oracle Audit Vault and Database Firewall 20.1 and later supports fiber channel based storage with multipath. The redundant paths in multipath can enhance performance and utilize features like dynamic load balancing, traffic shaping, automatic path management, and dynamic reconfiguration. The connection to the disk can be made through two fiber channel ports.

Here are some important aspects of multipath in Oracle AVDF:

  • It is not supported with ISCSI storage.
  • It does not support the device xvd*.
  • Multipath is supported only for Audit Vault Server installation.
  • Multipath is not supported for Database Firewall installation.
  • It does not support removable block devices. Check for removable block devices in the system as they can lead to installation failure.

Note:

In case there are removable block devices in the system, the following error may be encountered during Audit Vault Server installation:

ERROR: Failed to check if the disk is in multipath
Traceback (most recent call last):
  File "/run/install/repo/partitions.py", line 386, in <module>
    main()
  File "/run/install/repo/partitions.py", line 372, in main
    write_partition_table( None )
  File "/run/install/repo/partitions.py", line 322, in write_partition_table
    part_table = generate_partition_table_data(dev_list)
  File "/run/install/repo/partitions.py", line 243, in generate_partition_table_data
    raise RuntimeError("No disks detected")
RuntimeError: No disks detected

3.7 Oracle Audit Vault and Database Firewall Software Requirements

Learn about the software requirements for Oracle Audit Vault and Database Firewall.

3.7.1 Java SE Requirement

The AVCLI command line utility that the Audit Vault Server administrator uses and the avpack utility (which is part of the software development kit) require Java SE version 8 or 11.

3.7.2 Browser Requirements

Learn about the browser requirements for Oracle Audit Vault and Database Firewall (Oracle AVDF).

Note:

See section Supported Browsers for more information on the supported browsers.

3.7.3 Target Requirements

For targets that are on Oracle Solaris running the LDoms Manager service, svc:/ldoms/ldmd:default, ensure that the target is using LDoms version 3.2.0.1 or later.



Footnote Legend

Footnote 1:

In this guide, 1 GB represents 2 to the 30th power bytes or in decimal notation 1,073,741,824 bytes.