Thursday, January 2, 2014

Register the Database Firewall in the Audit Vault Server 12.1.1.1

I have already discussed on installation of Oracle Audit Vault and Database Firewall 12.1.1.1 in my earlier posts. This post discusses on integrating Audit Vault and Database Firewall.

You must associate each Database Firewall with an Audit Vault Server by specifying the server's certificate and IP address, so that the Audit Vault Server can manage the firewall. If you are using a resilient pair of Audit Vault Servers for high availability, you must associate the firewall to both servers.

Note: You must specify the Audit Vault Server certificate and IP address to the Database Firewall 
before you register the firewall in the Audit Vault Server.

Registering database firewall in audit vault server requires 2 steps. They are:

A.      Specify the Audit Vault Server certificate and IP address in Database Firewall
B.      Register the Database Firewall in the Audit Vault Server

A.      To specify the Audit Vault Server certificate and IP address in Database Firewall
1.       Log in to the Audit Vault Server as AVADMIN.

Fig. AVDF-121110-REG-01.png

2.       Copy Audit Vault Server certificate.
·         Click the Settings tab.
·         In the Security menu, click Certificate. The server’s certificate is displayed.
·         Copy the server’s certificate into your clipboard or into a text file (if you use a text file it must be securely deleted afterwards). Make sure you also copy the header and footer (-----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)

Fig. AVDF-121110-REG-02.png


Audit Vault Sample certificate:
-----BEGIN CERTIFICATE-----
MIIFlzCCA3+gAwIBAgIJAKFkOZQ+oe1uMA0GCSqGSIb3DQEBBQUAMDsxOTA3BgNV
BAMMMEFWU19DQV9DZXJ0LTk5N2UyNTMzLTVlM2YtNGFhNS1iMzljLTUwN2JiMDEx
ZGNhNzAeFw0xMzEyMTEwNjU1MTFaFw0yMzEyMDkwNjU1MTFaMDsxOTA3BgNVBAMM
MEFWU19DQV9DZXJ0LTk5N2UyNTMzLTVlM2YtNGFhNS1iMzljLTUwN2JiMDExZGNh
NzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAPY7mvB/Cb7Hs0BxWR7e
tI/V6Z10jCyLO0Nlq4LjNUZKY0VuhEFk9nIRFKt2pAhhk2/HkWbU+7DX4v6q71JS
lk/B44wi2pOTS4snDdY+/pTLB21c3z0CowiAYymS1D1/IvOLG2PPdjJIX/1iuidC
SoXqSvY6IJspGawESNWmgkGkdOsFUnwIovXr+LKYxclgXTGMOWKVPstCvgSlX3wl
EiSroyVsPFCpIOqnfyWlAP8O9NYiHzcVhl9xbs/GZ7XQBhJSAmGEID4cElDBLlDu
h89HnrrYiorZ7l7AArxr7a6O+Z4MRSeK53nKNBDAE7gwUOc4ru9sRnnCfOwl+RoH
nfqPvinoPeILRAI13ZTQWuQuamloqOhaLm3Uf4jz0dblxGeBPC9ZD1dukpuXTVpd
RoRizvnrzM+JjRrNauHzoiEbazx8It7mWyT1nRc5hBWRDeoRygs49UBDDXepJJFn
aoBcMqXPpR1hA+ra1B7f5RixDwQELijSndF7AnGyIK0B/rb7OXsJJifId4BsaGrk
j9rIDZTedudKt2uVWv7mGWGfjbf8sbpWoMK7arjojeyGnRcDdteSAdshwjS9JKst
i8a2/s0HB2gFr6z6fK6enLo2zmrJLh3IlG4DKX0AyR/kN4+Ud7gu1060z4mpIxN9
7ByfAEaVwwAhCi9D5L0ZeaF7AgMBAAGjgZ0wgZowHQYDVR0OBBYEFBWbPS559nJE
13IVLXQKTAqm2sXNMGsGA1UdIwRkMGKAFBWbPS559nJE13IVLXQKTAqm2sXNoT+k
PTA7MTkwNwYDVQQDDDBBVlNfQ0FfQ2VydC05OTdlMjUzMy01ZTNmLTRhYTUtYjM5
Yy01MDdiYjAxMWRjYTeCCQChZDmUPqHtbjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4ICAQAC6mVjmmNyLg35bsRc2EorBMN8SI5lbfedowAYyAbhO5jnV/vZ
6nqmEbyNuZVM8CQ2Zx8AJBluZK1p1H1kxesghJTT66PAne8SESizvECPP55OAyN2
dU+9PGy3vCHSNhNxJzLtUHHLV2NTXZ5DKbsQWx2KSllrZTV0/fWgoC/5KHWny5P1
nNdUQoGf+yxagHdE/iQWwOPc0zN1LbMxw0CrvmOR9COr5hBYETV06dBeLRhEhotL
Crv+U125wHv07WdPu7bKIx/SJaO/zlCSiDB0mRyWbvH8tKD1+6EaxGNCSA98lK43
vfzvd2EBvdGOPZXtOWFo6BTdR5DAvq3hpFKxvBs0A4GnZx+7kEW9nVtZuMHOYPgg
d/xsivYdon7fE2JZ5NJbXtDIEhiEM2joqUa00nleE5wEdc+70Ig6/hUVo6uqm+aM
iqWsybM0RLx/7rcT7WMpB8YvagMEpLJU02a7adxnKSV4sZP/D0U7bss8Q7+rNkZs
PQbJk2CJTbxaJvO2EYz7LbYLyFlpFe2nhW5zlpDNxXX07AjUDQHr3Sz/7MsEhlil
NQrk5M/x6dMw9HNi6vtKvK81MoTjNpY+guXZwSqds/7praF9y0GBZ6/Y2s0sr00j
QXZWQGWIlJKE6+syYH2KsFqJSXh9qKbXghrCA0EFtoqHaYhj+T6o0aC6Jg==
-----END CERTIFICATE-----

3.       Log in to the Database Firewall administration console.

Fig. AVDF-121110-REG-03.png



4.       In the System menu, click Audit Vault Server.
            ·         Enter the IP Address of the Audit Vault Server: 192.168.169.21
            ·         Paste the Audit Vault Server’s Certificate in the next field.
            ·         Click on "Apply" button.

Fig. AVDF-121110-REG-04.png


NOTE: If you are using a resilient pair of Audit Vault Servers, select the Add Second Audit Vault Server check box, and enter the IP address and certificate of the secondary Audit Vault Server.


Fig. AVDF-121110-REG-05.png

B.     Register the Database Firewall in the Audit Vault Server
You must register the Database Firewall in the Audit Vault Server in order to enable communication between the two. To register a Database Firewall in the Audit Vault Server:

1.       Log in to the Audit Vault Server as an administrator (AVADMIN)


Fig. AVDF-121110-REG-06.png


2.       Register Database Firewall in Audit Vault Server
·         Click on "Firewall" tab.
·         Click on "Register" button. This will open new page.

Fig. AVDF-121110-REG-07.png


3.       Save Registration
·         Enter name of the Database Firewall in the "Name" field.
·         Enter IP Address of the Database Firewall in the "Address" field. It is preferred to use the actual hostname for the firewall that you had set earlier. It makes it easier to keep track of servers in production environment.
·         Click on "Save" button.

Fig. AVDF-121110-REG-08.png


4.       Registered Firewalls
·         You will see screen like in below screenshot if you have successfully completed above steps.

 Fig. AVDF-121110-REG-09.png

5.       Test Database Firewall Diagnostics
·         Click on "Settings => Status => Test Diagnostics" to ensure that everything is running correctly.
·         Everything should have a green "OK" next to it like in the next screenshot.

Fig. AVDF-121110-REG-10.png


Fig. AVDF-121110-REG-11.png


6.       Check Database Firewall Status
·         Click on Home, and check the firewall status.
·         If the status is "GREEN" then all set up correctly.
·         If there is an error message that indicates that there is a problem with the certificate, check that the date and time are the same on the Audit Vault server and the Database Firewall Appliance.

Fig. AVDF-121110-REG-12.png

 Hope this helps ... 

References:

Oracle® Audit Vault and Database Firewall Installation Guide
Release 12.1.1
E27778-08

Oracle® Audit Vault and Database Firewall Administrator's Guide
Release 12.1.1

E27776-13

Oracle Audit Vault and Database Firewall

Oracle Audit Vault and Database Firewall Data Sheet

No comments:

Post a Comment