My Oracle Support Banner

Migration of Oracle Database Firewall 5.1 Configuration to Oracle Audit Vault and Database Firewall (AVDF) (Doc ID 2005019.1)

Last updated on MAY 07, 2020

Applies to:

Oracle Database Firewall
Oracle Audit Vault and Database Firewall
Information in this document applies to any platform.
Oracle Database Firewall - Version 5.1 and later
Oracle Audit Vault and Database Firewall - Version 12.1.2 and later
Information in this document applies to any platform.


There are a significant number of changes between Database Firewal version 5.1 and Audit Vault Database Firewall version 12.1.2 that make migrating from the former to the latter a non trivial task. Oracle has developed tools that alleviate the difficulty but the user must be warned that there is no direct migration path for some components of Database Firewall 5.1.


Process overview

The migration process has 5 main steps:

  1. Stop active monitoring of each Database Firewall
  2. Backup
  3. Migrate
  4. Manual steps - preliminary
  5. Run scripts
  6. Manual steps - final


Due to the complexity of the migration process it is important that each step is followed and that any pre or post conditions are met at each step. Failure to follow the instructions will lead to a misconfigured system and could be very time consuming to debug. In the worst case scenario it may be necessary to re-install the broken system and start from scratch.


Backing up

Ensure that all Database Firewall version 5.1 appliances are backed up before starting. This includes the Database Firewall Management Servers and Database Firewalls.



Certain privileges will be required in order to complete the migration of the configuration:


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Process overview
 Backing up
 Migration Process
 Backup Database Firewall appliances
 Backup Database Firewall management servers
 For each Database Firewall Management Server, install an Audit Vault Server
 For each Database Firewall, install an Audit Vault Database Firewall
 For each Database Firewall, configure the network interfaces
 For each Database Firewall, apply the Audit Vault Server certificate(s)
 Copy the 'secerno.sbk' file to the Audit Vault Server
 Create the migration scripts
 Check the configuration migration script (migration.av) for errors
 Execute the configuration migration script
 Execute the policy migration script
 Execute the policy assignment script
 Configure remaining Audit Vault Server Settings
 Enter passwords
 Set data retention policy
 Report scheduling

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.