Thomas Shinder Blog RSS

All Blogs  »  Thomas Shinder Blog  »  ISA Central  »  Blog article: Fun Facts About the Session Tab in 2006 ISA Firewall Monitoring

Fun Facts About the Session Tab in 2006 ISA Firewall Monitoring

From: http://www.microsoft.com/technet/isa/2006/monitori...g.mspx

===============================

  • ISA Server 2006 does not separate session counters for all clients.
  • Web Proxy client sessions have a corresponding SecureNAT session. There is one SecureNAT session for all Web Proxy client sessions from a particular computer.
  • Firewall clients have a corresponding SecureNAT session. For a computer with Firewall Client installed, there will be a SecureNAT session, as well as a Firewall client session, for that computer.
  • If a computer has both Web Proxy and Firewall client sessions, there will be only one SecureNAT session for it, because it is defined per computer.
  • A connection between two computers through the firewall can only belong to one session. This design affects how server publishing rule connections are displayed in the sessions list. A session is shown between the published server and the ISA Server computer. Client connections to this published server are associated with the session between the published server and ISA Server, and do not show as separate sessions.
  • When ISA Server does not require authentication, all traffic from the same IP address is considered to be a single session. For example, if a Web browser opens more than one TCP connection to the same IP address, ISA Server considers the connections to be a single session.
  • Web Proxy client sessions indicate the last minute of Web browser activity, even if the client is not currently browsing.
  • When IP routing is disabled, traffic from users and IP addresses is listed on the Sessions tab. When IP routing is enabled, only sessions from traffic that passes using an application filter are listed. (I have no idea what this means, since sessions not related to app filters do appear in the console)

A summary of the sessions for each client type, and the total sessions, is displayed on the Dashboard.

===============================

And when you use the Firewall client, you’ll see this info — your “hardware” firewall doesn’t give you this info!

HTH,

Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: tshinder@isaserver.org
MVP — Microsoft Firewalls (ISA)

This entry was posted on Monday, June 4th, 2007 at 11:28 am and is filed under ISA Central. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Fun Facts About the Session Tab in 2006 ISA Firewall Monitoring”

  1. Tarek Majdalani Says:

    June 15th, 2007 at 2:57 am

    This blog entry will surely answer some specific questions, the most common is ” i am using firewall client, why do i see a securenat session as well ? ”

    Thanks for pointing this to us Tom,

    Tarek

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 5 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a




Receive all the latest articles by email!

Receive Real-Time & Monthly ISAserver.org article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become an ISAserver.org member!

Discuss your ISA Server issues with thousands of other ISA Server experts. Click here to join!

Solution Center