Infrastructure at your Service

Grégory Steulet

Oracle Audit Vault and Database Firewall (AVDF) 12.1 – installation on VirtualBox

This blog explains how to install Oracle Audit Vault and Database Firewall (AVDF) 12.1.1.1.0 on VirtualBox step-by-step. The configuration will be covered in a second blog.

Download AVDF Binaries

First of all, download the binaries on support.oracle.com:

https://support.oracle.com/epmos/faces/ui/patch/PatchDetail.jspx?_afrLoop=140865428570210&patchId=16965974&_afrWindowMode=0&_adf.ctrl-state=1a5l4hvifo_4

Patch 16965974: 12.1.1.1.0 FULL INSTALL IMAGES FOR ORACLE AUDIT VAULT AND DATABASE FIREWALL

There are three files:
1. Audit Vault Server
2. Database Firewall
3. Documentation
You can find the Audit Vault and Database Firewall documentation online here: http://www.oracle.com/pls/topic/lookup?ctx=avdf121

VirtualBox network configuration

In order to be able to start the AVDF installation, it is mandatory to have a correct network configuration with three host-only networks. Audit Vault Server will require one network adaptaters and Database Firewall will require three network adaptaters.

The netwok setup will be the following one:

000

Follow the steps below in order to create these networks.

001

You have to add three Host-only networks as described below:
002

You can find the configuration of vboxnet1 and vboxnet2 below:

003
004

Oracle Audit Vault Server Installation

Virtual Machine prerequisites

Minimum memory: 2GB
Minimum disk space: 128 GB
Only one NIC
Configure network as described below:

005

006

Oracle Audit Vault Installation

Enter “install” on boot.

007

008

009

010

Enter your passphrase:

011

012

013

014

Network configuration:

015

016

Oracle Audit Vault startup

017

018

019

020

021

Postinstallation tasks

Go to https://10.200.11.11 and enter your passphrase.

022

Enter the password for AVADMIN and AVAUDITOR:

023

Log in with the AVADMIN account:

024

025

Oracle Database Firewall installation

Virtual Machine requirements

Minimum memory: 2GB
Minimum disk space: 128 GB
Three NICs
Configure network as described below:
026
027
027
029

Oracle Dartabase Firewall installation

Enter “install” on boot.

030

031

032

033

Network configuration:

035

Oracle Database Firewall startup:

036

037

Postinstallation tasks

Go on https://10.200.11.25 and enter your passphrase.

038

039

Fill-in the post-installation information:

040

Now you can login on Oracle Database Firewall using the “admin” username configured before

041

042

Well done! You have successfuly installed Oracle Audit Vault and Database Firewall.

Conclusion

Oracle Audit Vault and Database Firewall installation is a straigthforward process. The only challenge in this setup is probably the network configuration.
Indeed, the Audit Vault and Database Firewall offers several network configuration possibilities (bridge, proxy).
Compared to previous Oracle Vault versions, this version is really easy to install and configure. As I said in the introduction, the configuration steps will be covered in a second blog.

 

13 Comments

  • Jona says:

    Thanks!Really very informative!
    Do you have any plan to post the configuration part as well?

     
  • Mustafa says:

    Thanks!
    I of x based on the operating system that you want to connect to.
    However, I could not connect with PuTTY program.
    How can I connect to the operating system?

     
  • Mustafa says:

    I of x based on the operating system that you want to connect to.
    However, I could not connect with PuTTY program.
    How can I connect to the operating system?

     
  • pierre sicot says:

    Hi Mustafa,

    In my configuration I have ssh enabled on AVDF, by the way I could not connect directly with the root user with putty. But when you install Database Firewall, you create a support login and I can connect with this support login with putty and then run sudo su – to be connected as root.
    Regards
    Pierre

     
  • pierre sicot says:

    Hello Mustafa,

    In the /etc/ssh/sshd_config you can see that only the support login is allowed:

    # PDP 06/08/07 – Allow ssh connections for user “support” only
    AllowUsers support

    Regards
    Pierre

     
  • Donald Wani says:

    What you need to do is :
    1. Open your putty program and select the audit vault server connection.
    2. At the login prompt, type username: support then password.
    3. Once you login to support then issue : su – root and password.
    it will connect.
    You can’t connect directly from putty as Pierre Sicot has written above.. you try to enable the ssh connections on /etc/ssh/sshd_config to connect directly from putty.
    THanks
    Donald Wani

     
  • Jud Williford says:

    Thanks, Gregory, this is very promising. I went to the SOUG site and couldn’t access your newsletter article with the config details. Can you provide a link to it?

     
  • Silvere says:

    Thanks,I have installed AV server successfully but agent deployment failed on windows2008 OS. After starting the agent, it’s impossible to insert activation key.
    Agent version is 12.1.2

     
  • Thilina says:

    Hi goog article can we install avdf firewall with flat network if it’s possible please let me know ?

     
  • Indra says:

    Hi Gregory,
    Thank you very much for this article.
    I have setup DB Firewall in Proxy Mode + DPE and In-Line Mode + DPE ( as suggested on db firewall documentation ).

    In proxy mode, I can block IP address, but still failed to block IP Address in In-Line Mode.

    Is there any special configuration in In-Line mode to block IP address ? ( like enable port mirroring or something )

    Thanks

     
  • Vijay Kumar says:

    Hi

    After installation of AVDF server. I got the Audit vault server window “display system info”. but i am not getting GUI/Browser on that server where the AVDF is installed. How can i launch Browser to get into post installation steps.

    Thanks
    Vijay Kumar

     
  • Grégory Steulet says:

    Hi Jona,

    For the moment nothing is planned, however an article will be published in the january edition of the Swiss Oracle User Group (SOUG). Which part of the configuration would be interesting for you?

     
  • Grégory Steulet says:

    Hi Mustafa,

    You can find how to proceed to connect through ssh to AVDF on the following URL: http://docs.oracle.com/cd/E37100_01/doc.121/e27776/sigma_server.htm#SIGAD40805

    Have a look on the chapter: “Configuring or Changing the Audit Vault Server Services”

     

Leave a Reply


three + = 10

Grégory Steulet
Grégory Steulet

Chief Financial Officer (CFO)