Oracle has just released a new major Release of its Oracle Audit Vault and Database Firewall. The new release is immediately available on Oracle’s Software Delivery Cloud. But the OTN website have not been updated. Beside the upgrade of the OS and embedded Oracle Database to 220.127.116.11, Oracle added a bunch of Enterprise-Grade Features. Starting with this Release all new installation will have Oracle Transparent Data Encryption enabled for the audit data.
A few first impressions:
- The AVDF Documentation has been improved. Beside more detailed setup and configuration information, there is now a concepts guide. The concept guide should be read definitely when planning a new AVDF deployment.
- The Hardware requirements are slightly increased. A minimum of 220GB disk space is a bit more than for the last release. This will definitely a challenge for my VM setup on my notebook.
- There are multiple ISO files to download. eg. for the AV Server, FW Server, Utility Files and a ISO with RPM’s for upgrading existing AVDF installations. I will analyze more closely how existing deployments can be upgraded.
Oracle Audit Vault and Database Firewall 12.2 New Features
According to the Release Notes, the following features are available as of 12.2:
- A backup and restore utility for the Audit Vault Server has been integrated into the product.
- Audit trails will automatically start when the Audit Vault Agent is restarted or when Oracle AVDF is upgraded.
- The AVCLI command line utility can be used non-interactively by storing an administrator’s credentials in the AVCLI wallet.
- You can adjust the number of Audit Vault Agent processing threads on a host to optimize performance.
- You can configure Oracle Database In-Memory to speed up reports.
- New (full) installations of Oracle AVDF 12.2 will have all audit data encrypted using Oracle Database Transparent Data Encryption (TDE).
- When new audit trails collect data that is older than limits set in the retention (archiving) policy, that data will be automatically archived according to the policy.
- You can change the certificate for the Audit Vault Server and Database Firewall Web UIs.
- You can register hosts with a host name or a domain name.
- You can change the logging levels of system components from the Web UI.
- You can unlock user accounts from the Web UI.
- New reports have been added including: the Oracle Database Vault report, summary reports, IRS compliance reports, and reports that correlate database audit events with OS users that used su or sudo to execute commands.
- In the Administrator’s Web UI, the Hosts tab has new Host Monitor details, and added Audit Vault Agent details.
- The Audit Vault Server’s high availability pairing UI has been improved for usability.
- Support for IBM AIX secured targets has been added.
- The Oracle AVDF auditor can create an alert syslog template.
- The Oracle AVDF auditor can set a schedule for retrieval of audit data and entitlements from Oracle Database.
- We have added Oracle Audit Vault and Database Firewall Concepts Guide to the documentation library.
Some links related to this post.
- Oracle Audit Vault and Database Firewall Documentation
- Oracle Audit Vault and Database Firewall
- Oracle Audit Vault and Database Firewall Release Notes
I’ll start to do some test with the new release of AVDF after the christmas time. So stay tuned…