      Hi Guys,



      I installed an oracle AVDF demostrate environment on vmware virtual machines with One VM for AV, One for DF, and One hosts the SQL Server 2012,


      I deployed both the audit vault agent and database firewall policy for the SQL Server secured target, enable the sql server buildin audit feathures.


      The AV UI report the firewall is in normal status, but I can only find trace data gathered by the agent in activity reports.


      How can I verify that the firewall is actually function?



      Thanks in advance.

          Harm Joris ten Napel-Oracle



          I suggest to install another VM that can act as a client, use two separate private networks inside VMWare, make

          sure FW has at least 3 NICs, one for the management interface and the other two you put into the two private

          networks respectively, then make a bridge in the firewall and configure it so it bridges those 2 NICs on those two

          separate private networks, the client and server host must each be placed into  those separate private networks,

          I suggest to give them another network card so you can make direct connections and also via the bridge,

          you can use IP addresses on the same subnet for client and server (of course the IP's differ but they are on the

          same subnet, the bridge IP must also be in that subnet), then make sure to open the bridge and when you

          connect from the client VM to the server the traffic can be configured to go through the bridge, you can then verify this

          with the capture tool and also to see if you can monitor sql with the firewall. This is known to work using virtualbox

          and oracle client / server and I don't see how this cannot be done with vmware and a sql server database,




          Harm ten Napel