6 Uninstalling Oracle Audit Vault and Database Firewall

This chapter provides information on how to uninstall or remove Oracle Audit Vault and Database Firewall.

6.1 Uninstalling Audit Vault Agents Deployed on Target Host Machines

Uninstall the Audit Vault Server and the Database Firewall appliances, and the Audit Vault Agents, that are deployed on target host machines.

To remove the Audit Vault Agents from target host machines:

  1. In the Audit Vault Server, stop all audit trails for the target host.
  2. If the target host has Host Monitor installed, uninstall it.
  3. Verify the Audit Vault Agent is in STOPPED state.
  4. In the Audit Vault Server, deactivate the Audit Vault Agent for the target host.
  5. In the Audit Vault Server, delete the target host.
  6. In the target host, delete the Audit Vault Agent install directory.

    Note:

    To uninstall the Audit Vault Server or Database Firewall, turn off the computers on which they are installed, and follow the procedures for safely decomissioning the hardware.

6.2 Reimage Oracle Database Firewall and Restore from Audit Vault Server

About reimaging Oracle Database Firewall and restoring from Audit Vault Server.

Use this procedure to reimage the Oracle Database Firewall appliance and restore the configuration from the Audit Vault Server console.

  1. Reinstall Database Firewall.
  2. Configure the Database Firewall instance.

    Note:

    • Keep the same number of Network Interface Cards that were available in the previous instance and in the same order. However, there is no need to configure them manually except the Management Interface which is configured during installation. This task is accomplished by the reset Firewall operation.
    • Similarly, the proxy ports need not be created manually. This task is accomplished by the reset Firewall operation.
    • In case the Network Interface Cards or the proxy ports are created manually using the Audit Vault Server console, then the reset Firewall operation may not succeed and the state of the Firewall instance may not be same as before.
    • Do not execute CONFIG-NIC and CONFIG-PROXY commands to configure NIC and proxy ports.
  3. Log in to the Audit Vault Server console as an administrator. Specify the Audit Vault Server certificate and IP address on the new Database Firewall instance.
  4. Click on Database Firewalls tab. A list of Database Firewall instances configured are displayed on the main page.
  5. The Status of the newly installed Database Firewall instance is Down with a red indicator. Click the name of the specific Database Firewall instance. The details of the specific Database Firewall instance is displayed on the main page.
  6. Click Update Certificate button, and wait for the page to load. The status of the Database Firewall instance is Up or green.
  7. Click Reset Firewall button. Confirm the operation by selecting OK in the dialog.
  8. Check the status of this operation by navigating to the Jobs dialog. For this, click the Settings tab, and then click the System tab in the left navigation menu. Click the Jobs link under the Monitoring section.
  9. The Jobs dialog contains a list of ongoing jobs. The Job Type is Reset Firewall. Click the Job Details page icon in the extreme left. The Job Status Details dialog contains current status. If the job has failed, then an appropriate message is displayed. If the job is successful, then it displays the completion time.
  10. Check the overall health status of the Database Firewall instance. Navigate back to the Database Firewalls tab, and click on the specific instance. Click Health Indicators link, under Diagnostics section.
  11. Expand the Certificates block. There is a message pertaining to certificate validation failure in the list, and take appropriate action.
  12. Expand the Database Firewall Monitoring section and ensure everything is green. Click the Close button in the bottom right corner of the dialog.