Oracle Audit Vault Oracle FLEXCUBE Universal Banking Release 12.0.3.0.0 [April] [2014]



Similar documents
Oracle Banking Digital Experience

Oracle FLEXCUBE Direct Banking Release Help Desk User Manual. Part No. E

Scheduler JAVA JOB Creation Oracle FLEXCUBE Investor Servicing Release [September] [2014]

Oracle Banking Digital Experience

ORACLE 11g RDBMS Features: Oracle Total Recall Oracle FLEXCUBE Enterprise Limits and Collateral Management Release 12.1 [December] [2014]

Oracle Banking Digital Experience

New Features in Primavera Contract Management 14.1

About Contract Management

Oracle Enterprise Manager


Corporate Customer Creation Oracle FLEXCUBE Universal Banking Release [April] [2014] Oracle Part Number E

Oracle Enterprise Manager

Oracle Banking Digital Experience

Oracle Audit Vault Administrator s Guide Oracle Audit Vault Auditor s Guide Oracle Enterprise Manager Cloud Control Administrator s Guide

Review Employee Leave Balances

Oracle FLEXCUBE Direct Banking

Oracle FLEXCUBE Direct Banking Android Tab Client Installation Guide Release

Oracle FLEXCUBE Direct Banking Release Corporate E-Factoring User Manual. Part No. E

SSL Configuration on WebSphere Oracle FLEXCUBE Universal Banking Release [September] [2013] Part No. E

Job Scheduler Oracle FLEXCUBE Universal Banking Release [April] [2014] Oracle Part Number E

Open Interface Servicing (Line of Credit) Oracle Financial Services Lending and Leasing Release Part No. E [October] [2013]

Configuring Internet Explorer Oracle FLEXCUBE Universal Banking Release [April] [2014]

Reviewing Employee History

Oracle Virtual Machine Qualification Note Oracle FLEXCUBE Universal Banking Release [April] [2014]

Vendor Performance Summary Report

Revenue/Expenses Balance by Fund

Oracle Enterprise Manager

Oracle Retail MICROS Stores2 Functional Document Tax Free - Manual Receipt Number Assignment Release September 2015

Introduction to Virtual Datacenter

Oracle Retail MICROS Stores2 Functional Document Sales - Reasons Release September 2015

COPYRIGHT & TRADEMARKS

Oracle Fusion Middleware. 1 Oracle Identity Management Templates

New Features in Primavera P6 Professional 15.1

Oracle Banking Digital Experience

Oracle Enterprise Manager. Introduction to the Oracle Virtual Networking Plug-in. Requirements. Supported Versions

Oracle Enterprise Manager

StorageTek Library Attach for Window Servers

Import LC Issuance Oracle FLEXCUBE Universal Banking Release [April] [2014] Oracle Part Number E

Bank Account Numbers for ACH Payments

Oracle Cloud. Creating a Business Intelligence Cloud Extract E

SSL Configuration on Weblogic Oracle FLEXCUBE Universal Banking Release [August] [2014]

Contents Legal Notices... 2 Preface... 5 Introduction... 7 Installation Instructions... 8

Copyright

Oracle Cloud E

Oracle Cloud E

Management Information System User Guide Oracle FLEXCUBE Universal Banking. Release Part No. E

Siebel Installation Guide for Microsoft Windows. Siebel Innovation Pack 2013 Version 8.1/8.2, Rev. A April 2014

Oracle Fusion Middleware

NetFlow Collection and Processing Cartridge Pack User Guide Release 6.0

Approve or Reject Purchase Requistions, Contracts, and Purchase Orders

Siebel Application Deployment Manager Guide. Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013

Siebel Installation Guide for UNIX. Siebel Innovation Pack 2013 Version 8.1/8.2, Rev. A April 2014

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 Part Number: E April 2016

Oracle Retail MICROS Stores2 Functional Document General - License Control Release September 2015

NEW FEATURES ORACLE ESSBASE STUDIO

Oracle Utilities Integration for Device Operations

Oracle Retail Customer Engagement Cloud Service (Relate) Release Notes Release March 2015

Oracle Communications Network Charging and Control. Release: 4.4

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

Oracle Cloud. What s New for Oracle Compute Cloud Service (IaaS) Topics. July What's New for Oracle Compute Cloud Service (IaaS) Release 16.

Release Notes Oracle VueLink for Documentum Interface for Oracle AutoVue, Client/Server Deployment Oracle Corporation

Oracle WebCenter Content Service for Microsoft Exchange

ORACLE GOLDENGATE BIG DATA ADAPTER FOR HIVE

Oracle Field Service Cloud SmartCollaboration Administration Panel. Release 4.5

Oracle VM. Paravirtual Drivers Installation Guide for Microsoft Windows for Release E May 2012

Oracle WebLogic Server

Crystal Access Guide HCM 9.1 All Sites

Oracle Fusion Middleware

Oracle Enterprise Manager

Oracle Utilities Meter Data Management Business Intelligence

Oracle Enterprise Manager Ops Center. Introduction. Tuning Monitoring Rules and Policies 12c Release 1 ( )

Contents Introduction... 5 Installation Instructions... 6 Uninstall the Unifier File Transfer Utility... 8 For More Information...

Customer Order Portal Created on 9/24/ :45 PM

Oracle JRockit JDK. Supported Configurations R27.6. April 2009

Pre-Installation Instructions

ORACLE GOLDENGATE BIG DATA ADAPTER FOR FLUME

MySQL and Virtualization Guide

JD Edwards EnterpriseOne Tools. 1 Understanding JD Edwards EnterpriseOne Business Intelligence Integration. 1.1 Oracle Business Intelligence

Oracle Enterprise Manager. Description. Versions Supported

P R O V I S I O N I N G O R A C L E H Y P E R I O N F I N A N C I A L M A N A G E M E N T

Introduction. Document Conventions. Administration. In This Section

Report Writer's Guide Release 14.1

Oracle Enterprise Manager. 1 Introduction to SAP Monitoring with Oracle Enterprise Manager Grid Control. 1.1 Overview

2 Software requirements and installation

PeopleSoft Enterprise Campus Solutions 9.0 Enrollment Web Services

Oracle Enterprise Manager. Description. Versions Supported

Note : It may be possible to run Test or Development instances on 32-bit systems with less memory.

Secure Configuration Guide

PeopleSoft Candidate Gateway 9.1 PeopleBook

Oracle Virtual Desktop Infrastructure. VDI Demo (Microsoft Remote Desktop Services) for Version 3.2

Oracle Retail MICROS Stores2 Functional Document Customers - Online Centralized Customer Management Release September 2015

Oracle Fusion Transactional Business Intelligence

Oracle Retail Clearance Optimization Engine. Overview. About Patch Releases. Release Notes Release

Oracle Business Intelligence Publisher. 1 Oracle Business Intelligence Publisher Certification. Certification Information 10g Release 3 (

Oracle Insurance Policy Administration

Oracle Virtual Desktop Client. Release Notes for Release 3.2

JD Edwards World. Database Audit Manager Release A9.3 E

Oracle Utilities Mobile Workforce Management Business Intelligence

Oracle Enterprise Manager. Description. Versions Supported

1 Changes in this release

Transcription:

Oracle Audit Vault Oracle FLEXCUBE Universal Banking Release 12.0.3.0.0 [April] [2014]

Table of Contents 1. INTRODUCTION... 1-1 1.1 SCOPE... 1-1 1.2 INTRODUCTION OF ORACLE AUDIT VAULT... 1-1 1.2.1 Advantages... 1-1 2. REQUIREMENT OR PROBLEM STATEMENT... 2-1 3. PREREQUISITES... 3-1 3.1 SOFTWARE REQUIRED... 3-1 3.2 DATABASE SETTINGS REQUIRED... 3-1 4. ORACLE AUDIT VAULT COMPONENTS... 4-1 4.1 AUDIT VAULT ARCHITECTURE... 4-1 4.2 AUDIT VAULT SEVER... 4-1 4.3 AUDIT VAULT AGENT... 4-2 4.4 AUDIT VAULT SOURCE... 4-3 5. ORACLE AUDIT VAULT FEATURES WITH FLEXCUBE USE CASES... 5-1 5.1 APPROACH... 5-1 5.2 ENVIRONMENT USED... 5-1 5.2.1 Oracle Audit Vault Server... 5-1 5.2.2 Oracle Audit Vault Agent and DB server... 5-1 5.3 COMPARISON MEASUREMENT RESULTS... 5-1

1. Introduction 1.1 Scope This document brings out the feasibility of auditing FLEXCUBE schema using Oracle Audit Vault feature. This document also presents observations made during the test done on FLEXCUBE with auditing operations and thus quantifies the benefits achieved in some of these operations. 1.2 Introduction of Oracle Audit Vault Oracle Audit Vault is an audit solution that consolidates, detects, monitors, alerts, and reports on audit data for security auditing and compliance. Oracle Audit Vault provides mechanisms to collect audit data from various Oracle databases. It provides a means to automatically collect and analyze audit data (who connected, when, what they did, etc.) from multiple systems into a centralized location. Audit Vault can collect data from the Oracle Database audit trail tables, database operating system audit files, and database redo logs to capture before or after value changes. Audit Vault is agent/server architecture having audit vault server is central repository and action console and individual audit vault collection agent are deployed to db/application server to collect the audit data and send to central repository for analysis. To collect DB audit data it is not necessary to have agent install on the source machine(audit db source).to collect the OS audit the agent should be install on the same machine whose OS related data needs to be gathered for analysis. 1.2.1 Advantages Consolidates audit trails by mapping various audit data to a common audit format Secures all audit data across the enterprise Offers centralized audit policy management Enables analysis of audit data, including timely detection of violations Facilitates regulatory compliance 1-1

2. Requirement or Problem Statement The requirement is to enable the auditing feature for Oracle FLEXCUBE application to monitor the DML operations performed by user/application using redo collector of Oracle Audit Vault and observe feasibility, adoptability and the performance impact if any. 2-1

3. Prerequisites 3.1 Software Required 1. Oracle Audit vault Server (10.3.0.0) Download & install the Oracle Audit Vault Server (10.3.0.0) from the below link http://www.oracle.com/technetwork/products/audit-vault/downloads/index.html 2. Oracle Audit Vault Agent Download & install the Oracle Audit Vault Agent (10.3) from the below link http://www.oracle.com/technetwork/products/audit-vault/downloads/index.html 3. Oracle Database server Download & install the Oracle Database server 11g from the below link http://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html 3.2 Database Settings Required Following settings are required to be done on the database servers:- Ensure that the source database has a password file setup and source DB is in archivelog mode. Parameter needs to be change to configure the Redo collector Parameter Name Recommended Value Default Value _job_queue_interval 1 5 _spin_count 5000 2000 undo_retention 3600 900 job_queue_processes 4 1000 global_names true false streams_pool_size 200M 0 3-1

4.1 Audit Vault Architecture 4. Oracle Audit Vault Components Oracle Audit Vault primarily consists of Audit Vault Server, Agent and Source. Following diagram describes the architecture flow of it. 4.2 Audit Vault Sever Audit Vault Server monitors Oracle Database audit trail tables, database operating system audit files, and database redo logs to capture before or after value changes. It can then generates reports and alerts showing where such unusual activity is occurring. Audit Vault Server consists of: OC4J(Oracle container for Web applications) consist of: 4-1

Audit vault console: it is user interface to manage audit vault. Oracle Enterprise Manager Database Control console: it is a user interface to manage audit repository database. Management Framework Sends management commands to the Audit Vault Agent to start or stops agent and collectors Audit Policy System : A service to retrieve and provision audit settings on the source; and a system to create and manage alerts raised by audit events Database Client is Infrastructure to communicate to the audit repository consist of: Oracle Wallet Contains credentials to authenticate Audit Vault users Configuration Files Files used by Audit Vault for networking, preferences Configuration and Management Tools Utilities used to configure and manage Oracle Audit Vault, such as the AVCA, AVCTL, and AVORCLDB command-line utilities. Logs : Informational and error messages for Oracle Audit Vault Audit repository: Oracle database to consolidate and manage audit trail records, consist of Raw audit data store A table space with a single data file where audit records are inserted as rows into a set of partitioned tables Warehouse schema Open schema of normalized audit trail records Job scheduler Database jobs used to populate and manage the warehouse Alerts Queue maintains alerts Apply Process used by the REDO collector to insert before or after values of data 4.3 Audit Vault Agent It does provide run-time support for audit data collection by Audit Vault collectors. An agent loads the collectors, provides them with a connection to the Audit Vault audit service for sending audit data, it also handles calls from the Audit Vault management service and routes them to the appropriate collectors, and sends the Audit Vault management service run-time metrics on the collectors. OC4J(Oracle container for Web applications) consist of: Audit Vault Collector Manager Receives management commands from Audit Vault Server to start and stop collectors Audit Settings Manager Receives commands from Oracle Audit Vault to extract audit settings from a source Database Client: Infrastructure to communicate to the audit repository consist of: Oracle Wallet Contains credentials to authenticate Audit Vault Configuration Files Files used by Audit Vault for networking Configuration and and Management Tools: Utilities used to configure and manage Audit Vault, such as the AVCA, AVCTL, and AVORCLDB command-line utilities Logs: Informational and error messages for Audit Vault Collectors: The type of collectors deployed by the Audit Vault Agents includes: OSAUD Collector to collect audit data from event logs. This collector will collect data from the source where the windows agent and this collector is running DBAUD - Collector to extract audit records from the Oracle Database SYS.AUD$ dictionary table and SYS.FGA_LOG$ dictionary table REDO Collector using Oracle Streams technology to retrieve logical change records from the REDO logs Following chart describes various feature supported by above said collectors. 4-2

4.4 Audit Vault Source It is the db/application whose audit trail tables, database operating system audit files, and database redo logs to capture before or after value changes are being captured. The audit data source consists of Oracle Database audit trails stored in: SYS.AUD$ dictionary table and SYS.FGA_LOG$ dictionary table that are collected by the DBAUD collector Operating system audit trail files stored on Linux and UNIX-based systems and event logs stored on Windows systems that are collected by the OSAUD collector Redo logs containing logical change records of before and after values in which a REDO collector using Oracle Streams technology utilizes a Capture process to read the data and a Propagate process to transmit it. 4-3

5. Oracle Audit Vault Features with FLEXCUBE Use Cases The FLEXCUBE data entry process has been chosen for the Oracle Audit Vault testing. The primary tables which are involved in this DE Upload were enabled with auditing using redo collector method (i.e. accounting table, Customer Account table & DE batch related tables). The use case of this feature could be extended to other application specific area based on customer needs. Test case on the FLEXCUBE schema by enabling Redo collector feature of Oracle Audit Vault is described below 5.1 Approach Enable DML and select operation auditing on FLEXCUBE schema for tables related to DE upload by using redo collector Feature of Oracle Audit vault. Monitor the Audit report generated from Oracle audit Vault server to get the details of the DML and select operations performed by user. Performance measurement was done for 16000 DEUPLOAD records. 5.2 Environment Used 5.2.1 Oracle Audit Vault Server Operating System - Linux x86_64 2.6.18-53.el5 Number of CPU s - 8 Physical Memory - 16GB 5.2.2 Oracle Audit Vault Agent and DB server Operating System - Microsoft Windows XP [Version 5.1.2600] Number of CPU s - 1 Physical Memory - 2GB 5.3 Comparison Measurement Results It is observed that about 22% of performance overhead caused by enablement of audit vault using redo collector to process 16,000 Data Entries with the commit frequency of 300 entries. 5-1

Oracle Audit Vault [April] [2014] Version 12.0.3.0.0 Oracle Financial Services Software Limited Oracle Park Off Western Express Highway Goregaon (East) Mumbai, Maharashtra 400 063 India Worldwide Inquiries: Phone: +91 22 6718 3000 Fax:+91 22 6718 3001 www.oracle.com/financialservices/ Copyright [2007], [2014], Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate failsafe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. This software or hardware and documentation may provide access to or information on content, products and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information