Detailed Course Outline
Introduction
- Course Objectives and Schedule
- Course Practices and Additional Information
Using Unified Audit
- Auditing Overview
- Unified Audit Management
- Specific Audit Situations
Using Fine-Grained Audit
- Comparison with Unified Auditing
- Overview
- FGA Implementation
Introduction to Oracle Audit Vault and Database Firewall (AVDF)
- Oracle Audit Vault and Database Firewall Features
- Oracle Audit Vault and Database Firewall Components
- Oracle Audit Vault and Database Firewall Architecture
- Supported Secured Targets
- Integrating Oracle AVDF with Third-party Products
- Oracle AVDF Administrator Tasks
- Oracle AVDF Auditor Tasks
Planning the Oracle Audit Vault and Database Firewall Implementation
- Evaluating Oracle AVDF Configuration Requirements
- Configuring Oracle AVDF and Deploying the Audit Vault Agent
- Configuring Oracle AVDF and Deploying the Database Firewall
Installing the Audit Vault Server
- Requirements for Installation of Oracle AVDF
- Network Interface Card Requirements
- Installing an Audit Vault Server
- Performing Audit Vault Server Post-Installation Tasks
Configuring the Audit Vault Server
- Specifying the Server Date and Time
- Setting or Changing the Audit Vault Server Network Settings
- Configuring or Changing the Audit Vault Server Service
- Configuring the Audit Vault Server Syslog Destinations
- Defining Datafile Archiving Locations
- Creating Archiving Policies
- Configuring the Email Notification Service
- Configuring Administrative Accounts for the Audit Vault Server
Configuring Oracle AVDF and Deploying the Audit Vault Agent
- Understanding Network Requirements for AV Server and AV Agent
- Registering Hosts in the Audit Vault Server
- Deploying and Activating the Audit Vault Agent on Host Computers
- Registering the Audit Vault Agent as a Windows Service
- Creating User Accounts for Oracle AVDF
- Registering Secured Targets
- Configuring Audit Trails for Secured Targets
- Configuring Stored Procedure Auditing
Networking and Oracle AVDF
- Overview of the OSI 7-level Network Model
- Overview of IPv4 Addressing and Routing
- Overview of MAC Addressing
- Overview of Virtual LANs (VLANs)
- Overview of Spanning Tree Protocol (STP)
- Oracle AVDF Deployment Models (inline, out of band, and proxy)
- Best Practices for Database Policy Enforcement (DPE) and Database Activity Monitoring (DAM) Modes
Installing a Database Firewall
- Requirements for Installation of a Database Firewall
- Network Interface Card (NIC) Requirements
- Installing a Database Firewall
- Performing Database Firewall Post-Installation Tasks
Configuring Oracle AVDF and Deploying Database Firewall
- Configuring Basic Settings for Database Firewall
- Configuring a Database Firewall on Your Network
- Associating a Database Firewall with the Audit Vault Server
- Registering Secured Targets
- Configuring Enforcement Points
- Configuring and Using Database Interrogation
- Configuring and Using Database Response Monitoring
Using Host Monitoring
- Overview of Host Monitoring
- Installing and Enabling Host Monitoring
- Checking the Status of the Host Monitor
- Stopping the Host Monitor
Configuring High Availability
- Overview of Oracle AVDF High Availability Architecture (resilient pairs)
- Configuring a Resilient Pair of Audit Vault Servers
- Configuring a Resilient Pair of Database Firewalls
Creating Custom Collection Plug-ins
- Overview of Audit Collection Plug-ins
- General Procedure for Writing Audit Collection Plug-ins
- Setting Up Your Development Environment (downloading the SDK)
- Creating Audit Collection Plug-ins
- Packaging Audit Collection Plug-ins
Managing the Audit Vault Server
- Starting an Archive Job
- Restoring Audit Data
- Monitoring Jobs
Managing the Database Firewalls
- Viewing and Capturing Network Traffic in a Database Firewall
- Viewing the Status and Diagnostics Report for a Database Firewall
- Removing a Database Firewall from the Audit Vault Server
Overview of the Auditing and Reporting Features
- Overview of Database Firewall Policies
- Overview of Oracle Database Audit Policies
- Overview of Reports and Report Schedules
- Overview of Oracle Database Entitlement Auditing
- Overview of Oracle Database Stored Procedure Auditing
- Overview of Alerts and Email Notifications
Performing Administrative Tasks
- Viewing a List of Audit Trails and Audit Trail Status
- Viewing a List of Enforcement Points and Enforcement Point Status
- Specifying a Data Retention Policy
- Creating Secured Target Groups
- Assigning a Secured Target to a Compliance Group
- Managing User Accounts and Access
- Creating Templates and Distribution Lists for Email Notifications
- Monitoring Jobs
Creating Audit Policies for Oracle Databases
- Overview of Audit Policies and Audit Data Collection
- Overview of Oracle Database Auditing
- Recommended Audit Settings
- Creating Audit Polices for Oracle Database (overview)
- Retrieving and Modifying Audit Settings from an Oracle Database
- Creating Additional Audit Policy Settings for an Oracle Database
Creating Database Firewall Policies
- Overview of Database Firewall Policies
- Creating a Firewall Policy
- Defining Firewall Policy Rules and Settings
- Using Profiles to Customize a Firewall Policy
- Publishing Firewall Policies
- Deploying Firewall Policies to Secured Targets
Oracle AVDF Reports
- Using the Built-in Reports
- Managing Reports
- Customizing Built-in Reports
- Creating Custom Reports
Managing Entitlements
- Overview of Entitlement Data (what is it?)
- Retrieving Entitlement Data from an Oracle Database (creating a snapshot)
- Creating Labels for Snapshots
- Assigning Labels to Snapshots
- Using Entitlement Reports