Migration of Oracle Database Firewall 5.1 Configuration to Oracle Audit Vault and Database Firewall (AVDF) 12.1.2.0.0 (Doc ID 2005019.1)

Last updated on MAY 07, 2020

Applies to:

Oracle Database Firewall
Oracle Audit Vault and Database Firewall
Information in this document applies to any platform.
Oracle Database Firewall - Version 5.1 and later
Oracle Audit Vault and Database Firewall - Version 12.1.2 and later
Information in this document applies to any platform.

Purpose

There are a significant number of changes between Database Firewal version 5.1 and Audit Vault Database Firewall version 12.1.2 that make migrating from the former to the latter a non trivial task. Oracle has developed tools that alleviate the difficulty but the user must be warned that there is no direct migration path for some components of Database Firewall 5.1.

Scope

Process overview

The migration process has 5 main steps:

Stop active monitoring of each Database Firewall
Backup
Migrate
Manual steps - preliminary
Run scripts
Manual steps - final

Caution

Due to the complexity of the migration process it is important that each step is followed and that any pre or post conditions are met at each step. Failure to follow the instructions will lead to a misconfigured system and could be very time consuming to debug. In the worst case scenario it may be necessary to re-install the broken system and start from scratch.

Backing up

Ensure that all Database Firewall version 5.1 appliances are backed up before starting. This includes the Database Firewall Management Servers and Database Firewalls.

Privileges

Certain privileges will be required in order to complete the migration of the configuration:

'root' access to the system in order to run the migration scripts.
'AVAUDITOR' user access to the database in order to insert the migrated policies and assign the policies to the correct enforcement points.