Oracle Audit Vault and Database Firewall (AVDF) 20.7 - Part 1

 

Installation of Oracle AVDF 20.7 Installation on Oracle Virtual Box

Oracle Audit Vault and Database Firewall (AVDF) is a complete Database Activity Monitoring (DAM) solution that combines native audit data with network-based SQL traffic capture. AVDF includes an enterprise quality audit data warehouse, host-based audit data collection agents, powerful reporting and analysis tools, alert framework, audit dashboard, and a multi-stage Database Firewall. The Database Firewall uses a sophisticated grammar analysis engine to inspect SQL statements before they reach the database and determines with high accuracy whether to allow, log, alert, substitute, or block the incoming SQL. AVDF comes with collectors for Oracle Database, Oracle MySQL, Microsoft SQL Server, PostgreSQL, IBM Db2 (on LUW), SAP Sybase, Oracle Key Vault, Microsoft Active Directory, Linux, Windows, AIX, Solaris, and HPUX. A Quick-JSON collector simplifies ingesting audit data from databases like MongoDB. In addition to the provided collectors, AVDF's extensible framework allows simple configuration-based audit collection from JDBC-accessible databases and REST, JSON, or XML sources, making collection from most other systems easy. A full featured Java SDK allows creation of collectors for applications or databases that don't use a standard technology to record their audit trail [https://www.oracle.com/].

Features:

1.    Fine-Grained, Customizable Reporting, and Alerting
2.    Enterprise Audit Data Consolidation and Lifecycle Management
3.    Deployment Flexibility and Scalability

Figure AVDF Architecture (https://docs.oracle.com)

LAB Environment:

OS: OE Linux 7.9

Virtual Box: 6.1.36

Note: For newer versions, the installation screen may change.

Step#1: Media selection from Oracle (https://edelivery.oracle.com/) 

**Valid CSI-based account required

Type AVDF 20.7 and Press Search

Step#2: VM (AVDF appliance) Creation in Virtual BOX

Recommendations 450 GB disk space

8GB RAM

*** if above storage and memory not available, installation will not continue.

AVDF ISO image selection from downloaded media, and Press Ok

Step#3: AVDF Installation

Note: It will take approximately 3+ hours, on local desktop/laptop machine

AVDF Appliance installation screen and Press ENTER

No input required, Just watch and see

Step#4: Root Password and IP address requirement

Important Screen, verify the information before proceeding

Press Ok, no input required for next few screens

Almost last step, Installation successfully completed, Congratulation!

Enter root password entered previously

Verify OS level Services

ASM and DB instance

First-time logon as Root user

Step#5: Password change for Superuser

Enter the password for various users, and note their password it will be required later on in AVDF administration.

In the next blog, we will discuss agent installation and configurations.

Credit goes to below URLs:

URLs:

https://docs.oracle.com/en/database/oracle/audit-vault-database-firewall/20/sigig/install.html#GUID-A295ABF9-E2D5-4E52-BB4E-A7B68119B065

https://christian-gohmann.de/2020/12/21/installation-of-database-firewall-20-1/

https://asktom.oracle.com/pls/apex/f?p=100:551::::551:P551_CLASS_ID,P551_INVITED:17425,N&cs=16B63BD8CBB6E642C1CA65A1829F3ED7F

https://www.youtube.com/watch?v=dFeyVmfAu78

https://gavinsoorma.com.au/knowledge-base/oracle-audit-vault-database-firewall-20-4-part-1

https://eclipsys.ca/oracle-audit-vault-20-4-part-1-installation/