Solved

isa2004 is it ok to disable logging?

Posted on 2012-04-13
5
305 Views
Last Modified: 2012-04-15
firwall service (wspsrv.exe) on isa 2004 is spiking cpu uasage.  in doing my research one option is to change logging from sql to w3c format. I am not oppose to just stopping loggin all together.  I would like to some input from anyone who has insight on this.  Thanks for your time.
0
Comment
Question by:brianpcollins
  • 3
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37844075
It CAN be done but is a crap approach - part of the whole purpose of the firewall is to be able to identify trends, usage etc.

http://support.microsoft.com/kb/838241
0
 

Author Comment

by:brianpcollins
ID: 37847069
thanks for the input.  I know why logging is important, however we are replacing this box and don't care. i was looking for other input prior to doing it, to avoid the server totaly not working.  thanks again.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 37848118
lol - if you don't care then obviously it is a fair approach.

Yes, it is OK to not log using the approach above. From ISA's perspective there is a difference between electing to not log and being unable to log (out of disk space on the logging drive etc).

The inability to log will stop all firewall services - blocking all throughput - until the condition is corrected whereas choosing that state is fine
0
 

Author Closing Comment

by:brianpcollins
ID: 37849151
You were correct, stopped all logging and caching, restarted server , all is ok.  We needed this box to stay alive while we transition to a new method and needed best performance possible. Thanks for your input and time.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 37849409
Welcome :)
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now