Installation of Oracle Audit Vault and Database Firewall (AVDF) 12.2.0.4 comprises of installing Audit Vault Server first and then Database Firewall. Oracle Audit Vault and Database Firewall come in different installation media. This post deals with the installation of Audit Vault Server only. In coming posts, I will discuss installing a database firewall and integrating Oracle Audit Vault and Database Firewall.
Briefly, the Oracle Audit Vault and Database Firewall installation steps are:
Download media from Oracle Edelivery.
Briefly, the Oracle Audit Vault and Database Firewall installation steps are:
- Understand the Oracle Audit Vault and Database Firewall components to be installed.
- Plan the system configuration that best suits your needs.
- Ensure that your system meets the pre-install requirements.
- Install the Oracle Audit Vault and Database Firewall software.
- Do the post-install configuration tasks.
NOTE!!
The Audit Vault Server and Database Firewall server are software appliances. You must not make any changes to the Linux operating system through the command line on these servers unless following official Oracle documentation or under guidance from Oracle Support.
Audit Vault and Database Firewall Architecture
The following are top-level steps needed for installing Oracle Audit Vault Server 12.2.0.4:
- Media Download
- Prerequisites
- Installation
- Post Installation
A. Download Media
Download media from Oracle Edelivery.
- Login to edelivery.
- Search required media ( Oracle Audit Vault and Database Firewall 12.2.0.4 )
- Download media ( Total media size approximately 12.6G )
B. Prerequisites
Laptop/PC
- Latest and fast processors
- At least 8GB memory
- Windows/Linux 64 bit
- At least 100GB free HDD (Hard Disk Drive)
- Oracle VirtualBox pre-installed.
- Host machine should be able to access the guest machine.
Guest Machine (AV Server):
IP Address: 192.168.56.68
Subnet Mask: 255.255.255.0
Gateway: 192.168.56.1
C. Installation
Setup Virtual Machine for Audit Vault Server Installation:
- Create a new virtual machine for Audit Vault Server.
- Give a name for Oracle Audit Vault Server.
Select Type as "Linux"
Select Version as "Oracle (64 Bit)
Click on the "Next" button to continue
- Specify memory size for the Virtual Machine.
For testing purpose, 2 GB memory should work.
Enter the required memory. Since I have 12 GB RAM on my laptop so I have allocated 3072MB memory.
Click on the "Next" button to continue.
- Add Virtual Hard Disk Drive.
Select "Create a virtual hard drive now" option.
Click on the "Create" button.
- Select Hard Drive File Type
Select "VMDK (Virtual Machine Disk)".
Click on the "Next" button to continue.
This file type allows splitting files into a size of less than 2GB. A number of files will be automatically created by Virtual Box based on the size of Hard Drive that we specify in coming steps.
- Storage on Physical Hard Drive
Select "Dynamically Allocated" option.
Select "Split into files of less than 2GB" checkbox. If this check box is selected then single Hard Disk file will be split into smaller files of less than 2GB each.
Click on the "Next" button to continue.
- File Location and Size.
Review the file location.
Enter "220 GB" as the size of the file.
Click on the "Create" button to create the Virtual Hard Disk File.
NOTE!!! If the size of the virtual hard disk is less than 220 GB the installation will terminate
- Virtual Machine Details.
The screen below shows details of the virtual machine just created. Review the details and modify if necessary. Use Settings icon to modify any settings.
- Choose Virtual Optical Disk file.
Select Disk 1 of Audit Vault ISO image file "V840182-01".
- Set Network Adapter.
Select Attached to as "Host-only Adapter".
Click on the "OK" button.
- Start installation of Oracle Audit Vault.
Click on Start button to start the installation of Oracle Audit Vault Server.
Select install in the fash screen and press the <Enter> key
- The installation proceeds
- Insert Disk 2 ("V840183-01.iso") when prompted, select OK, and then press <Enter>
- Insert Disk 1 ("V840182-01.iso") again when prompted, select OK, and then press enter
- Type the installation passphrase, press <Enter>, and then confirm the passphrase.
PassPhrase: Temp237_4O
Note: Enter a strong passphrase. The passphrase should be 8 characters or more and contains an uppercase, lowercase, digit and punctuation.
This passphrase will be used later to change other system passwords. It is recommended to note the password securely for future reference.
- Confirm Installation Passphrase
Re-enter the installation passphrase for confirmation.
Press "<Enter>" key to go to next screen.
- Oracle Audit Vault Installation Successful.
Congratulations if you get a screen like below screenshot. Installation of Oracle Audit Vault is now completed successfully.
Press the "<Enter>" button to go to the next screen.
The server will automatically refresh the link state and redirect to next screen.
- Select Management Interface
Select one of the available interfaces as Management Interface. This will be used to connect to the audit vault server through terminals like ssh, putty e.t.c. for maintenance operations.
Press "<Enter>" key to make the selection and go to the next screen.
Select an available ethernet device.
Press "<Enter>" key to go to next screen.
- Specify IP address
- Enter IP address, subnet mask and gateway for the management interface.
- Press "<Enter>" key to complete the installation and reboot the server.
AV Server:
IP Address : 192.168.56.68
Subnet Mask : 255.255.255.0
Gateway : 192.168.56.1
- First Reboot
The first reboot of the server could take up to an hour depending upon the configuration of the machine that is being used. There is nothing much to do here other than wait until the installation completes.
Audit Vault Server Installation Complete
The screenshot below shows the final screen after the installation of Oracle Audit Vault server is completed. Use Up/Down arrow keys and press "<Enter>" key to make the appropriate selection.
D. Post Installation
Login to Database Vault Web Console
To access the Audit Vault Server Post-install configuration Page:
- Using a browser, go to the Audit Vault Server console
Open a web browser in your host machine and enter the following URL in the address bar https://192.168.56.68
Click on "Add Exception...." button.
Confirm Security.
- Enter Installation Passphrase
Type the installation passphrase that you created during installation.
Click on "Login" button.
- Set the Usernames and Passwords of Audit Vault Server Users (Required)
Set the passwords of the Audit Vault Server administrator, auditor, root and support user:
Username requirements:
- The first character is alphabetical.
- Each remaining character is either alphanumeric or an underscore (_), dollar sign ($), or number sign (#).
Password requirements:
If your password contains Unicode character (such as non-English characters with accent marks), the password requirement is that it:
- Be between 8 and 30 characters long.
If you are using English-only, ASCII printable characters, Oracle Audit Vault and Database Firewall require that passwords:
- Be between 8 and 30 characters long.
- Contain at least one of each of the following:
- Lowercase letters: a-z
- Uppercase letters: A-Z
- Digits: 0-9
- Punctuation marks: comma (,), period (.), plus sign (+), colon (:), exclamation mark (!), and underscore (_)
- Not contain double quotes ("), backspace, or control characters.
In addition, Oracle recommends that passwords:
- Not be the same as the user name.
- Not be an Oracle reserved word
- Not be an obvious word
- Not contain any repeating characters.
Under User Setup:
- In the Super Administrator field, enter the administrator user name (recommended)
- Under the Super Administrator field, enter the Super Administrator Password, then confirm it in the Re-enter Password field.
- Click Validate username.
The administrator username that you entered is validated. If this name is valid, then you can use it; if not, then you must enter a valid name.
- In the Super Auditor filed, enter the Super auditor username (recommended)
- Under the Super Auditor, field, enter the auditor Super Auditor Password, then confirm it in the Re-enter Password filed.
- Click Validate username.
Under Repository Encryption, enter the Keystore Password.
Audit event data in the Audit Vault Server’s repository is automatically encrypted using Oracle Database Transparent Data Encryption (TDE). The repository encryption keystore password is required to reset the TDE master key.
Under Root Password
In the fields labelled Root Password Re-enter New Password, type the password for root
Under Support User Password
In the fields labelled Support Password and Re-enter New Password, type the password for the support user.
- Set the Audit Vault Server Time( Strongly Recommended)
Time Setup: Select Set Manually
Note!! DNS Setup: [ Set Audit Vault Server DNS server values only if the network has DNS servers, otherwise system performance will be impaired. ] I will not use DNS in this setup.
Click on the "Save" button at the upper right corner.
- Login to Audit Vault Server console
After the "Save" button is clicked, the server will automatically redirect to Login page.
Provide the username and password.
Click on "Login" button.
- Audit Vault Home page
After a successful login, the server redirects to Audit Vault Server console home page. Congratulations.......! Audit Vault Server 12.2.0.4.0 installation completed successfully.
Hope this helps!!
References:
- Oracle Audit Vault and Database Firewall Installation Guide 12.2
- Oracle Audit Vault and Database Firewall Administrator's Guide 12.2
- Oracle Audit Vault and Database Firewall Concepts Guide 12.2
Caution: Any information or materials on this blog is provided for educational purposes only. It has been tested internally, however, we do not guarantee that it will work for you. Ensure that you run it in your test environment before using.
This blog post exceeded my expectations! Thank you for going above and beyond to provide such valuable information on firewall audit.
ReplyDelete