[isalist] Re: Change to sql 2005 for logging
- From: Steve Moffat <steve@xxxxxxxxxx>
- To: ISA Mailing List <isalist@xxxxxxxxxxxxx>
- Date: Wed, 13 Sep 2006 18:17:51 -0300
http://www.ISAserver.org
-------------------------------------------------------
Are you using standard or enterprise.
Those instructions are for ISA Enterprise Edition.
S
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Michael Ross
Sent: Wednesday, September 13, 2006 5:52 PM
To: ISA Mailing List
Subject: [isalist] Re: Change to sql 2005 for logging
http://www.ISAserver.org
-------------------------------------------------------
Here is the part of the directions I cannot follow cuz I cant find these tabs
>
> In the console tree of ISA Server Management, click Monitoring:
> Expand Microsoft Internet Security and Acceleration Server 2006,
> expand Arrays, expand Array_Name, and then click Monitoring.
> In the details pane, click the Logging tab.
> On the Tasks tab, select the appropriate task:
> Configure Firewall Logging. To configure the Firewall log.
> Configure Web Proxy Logging. To configure the Web Proxy log.
> On the Log tab, select SQL Database.
> Click Options, and then do the following:
> In Server, type the name of the computer running SQL Server to which
> the information will be logged.
> In Port, type the port number to use. The default port of the computer
> running SQL Server is 1433.
> In Database, type the name of the database on the computer running SQL
> Server.
> Select Use Windows authentication (recommended) or Use SQL server
> authentication.
> In User and Password, type the credentials of the account to use to
> authenticate this connection.
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
On Behalf Of Thor (Hammer of God)
Sent: Wednesday, September 13, 2006 2:52 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Change to sql 2005 for logging
http://www.ISAserver.org
-------------------------------------------------------
You've got a configuration problem then... You've got to make sure you follow
those instructions perfectly... You had also better be prepared to support HUGE
log files unless you know your way around SQL pretty well...
Particularly, knowing how to trim fields and such to reduce padding.
t
On 9/13/06 12:42 PM, "Michael Ross" <mross@xxxxxxxxxxx> spoketh to all:
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Everytime I try to set it for SQL logging, it doesn't connect to the
> sql box. When I set it back to MSDE, the firewall service wont
restart.
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Michael Ross
> Sent: Tuesday, September 12, 2006 3:57 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Change to sql 2005 for logging
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> In 2004, I don't see the first section you outline. I don't see where
> I can put the port number in.
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx
> [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Thomas W Shinder
> Sent: Tuesday, September 12, 2006 3:50 PM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Re: Change to sql 2005 for logging
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Same works for 2004 and Standard Edition:
>
> To configure logging to an SQL database For ISA Server 2006 Enterprise
> Edition, do the following:
>
> In the console tree of ISA Server Management, click Monitoring:
> Expand Microsoft Internet Security and Acceleration Server 2006,
> expand Arrays, expand Array_Name, and then click Monitoring.
> In the details pane, click the Logging tab.
> On the Tasks tab, select the appropriate task:
> Configure Firewall Logging. To configure the Firewall log.
> Configure Web Proxy Logging. To configure the Web Proxy log.
> On the Log tab, select SQL Database.
> Click Options, and then do the following:
> In Server, type the name of the computer running SQL Server to which
> the information will be logged.
> In Port, type the port number to use. The default port of the computer
> running SQL Server is 1433.
> In Database, type the name of the database on the computer running SQL
> Server.
> Select Use Windows authentication (recommended) or Use SQL server
> authentication.
> In User and Password, type the credentials of the account to use to
> authenticate this connection.
> For ISA Server 2006 Standard Edition, do the following:
>
> In the console tree of ISA Server Management, click Monitoring:
> Expand Microsoft Internet Security and Acceleration Server 2006,
> expand Server_Name, and then click Monitoring.
> In the details pane, click the Logging tab.
> On the Tasks tab, select the appropriate task:
> Configure Firewall Logging. To configure the location of the Firewall
> log.
> Configure Web Proxy Logging. To configure the location of the Web
> Proxy log.
> On the Log tab, click SQL database.
> Confirm or modify the following parameters:
> ODBC data source name (DSN)
> Table name
> Use this account
> (Optional) If you need to change the user account, click Set Account,
> type the user name in User, and type the password in Password and
> Confirm password.
> Note
>
> To open ISA Server Management, click Start, point to All Programs,
> point to Microsoft ISA Server, and then click ISA Server Management.
> Important
>
> The Remote Logging (SQL) system policy configuration group must be
> enabled to log on to an SQL database.
> For ISA Server 2006 Enterprise Edition, when applicable, we recommend
> that you use Windows authentication. In a workgroup deployment, if you
> configure SQL logging for Windows authentication, you should specify a
> local user account. This account must exist on all array members and
> on the computer running SQL Server. The account should also have
> appropriate logon permissions specified in SQL Server Security.
> For ISA Server 2006 Enterprise Edition, if you use the default SQL
> port, the Allow remote SQL logging from ISA Server to selected servers
> system policy rule is enabled, allowing SQL access from the Local Host
> network to all computers on the Internal network.
> We recommend that you modify the system policy so that this rule
> applies only to the specific computer running SQL Server. For
> instructions, see Edit destinations for a system policy rule.
> For ISA Server 2006 Enterprise Edition, if you specify a non-default
> port in step 5, do the following:
> Create a UDP and a TCP protocol for the specified port. For
> instructions, see Create a protocol.
> Create an access rule from Local Host network to the network on which
> the computer running SQL Server is located, allowing use of the two
> protocols you created. For instructions, see Create an access rule.
> For ISA Server 2006 Standard Edition, if you configure the DSN to use
> Windows authentication, grant appropriate access to the ISA Server
> computer. Note that in this case, credentials configured in the ISA
> Server Management logging properties are ignored for the specific log.
>
> To set up SQL Server for ISA Server logging Set up SQL Server with a
> database file:
> On the computer running SQL Server, start Enterprise Manager.
> Connect to the computer running SQL Server that you want to host the
> database files.
> On the Tools menu, click SQL Query Analyzer.
> On the File menu, click Open and open "ISA CD":\FPC\Program
> Files\Microsoft ISA Server.
> Open one of the following .sql files, based on how you want to log to
> an SQL database:
> For the Microsoft Firewall service, open the Fwsrv.sql file.
> For Web Proxy, open the W3proxy.sql file.
> Create a database.
> Add the following lines to the top of each script:
> Use <database name>
> Go
> On the Query menu, click Execute.
> Set up SQL Server to accept the data connection from the ISA Server
> computer. If ISA Server is not located in the same Windows Server 2003
> domain or Windows 2000 domain, you must set up a SQL Server account:
> Start the SQL Enterprise Manager and connect to the computer running
> SQL Server that you set up to host your databases.
> Click Microsoft SQL Servers, click SQL Server Group, click
> server_name, click Security, and then right-click Logins.
> Click New Login.
> If you are located in the same domain as ISA Server, you can click
> Windows Authentication.
> In Name, type: domainname\isaservername$ On the Database Access tab,
> click the databases that this logon method can access (the databases
> that you created earlier).
> For ISA Server 2006 Enterprise Edition, in an array configuration, a
> separate logon should be created for each array member.
> If you are located on a different domain than ISA Server, you must use
> SQL Server authentication:
> In Name, type a specific name.
> Use a name to describe the logon method.
> Enter a password for this logon method.
> On the Database Access tab, select the databases that this logon
> method can access (the databases that you created earlier).
> Select Change the default database, and then select the database to
> which ISA Server will log data.
> Configure SELECT and INSERT permissions for the table. Configure
> EXECUTE permissions for the sp_batch_insert procedure for ISA Server
> services for logging to this database.
> Notes
>
> For ISA Server 2006 Enterprise Edition, by default, ISA Server uses a
> Secure Sockets Layer (SSL)-encrypted connection to the computer
> running SQL Server, to help secure the sensitive data in the log
> files. To enable this connection, you must install a root
> certification authority
> (CA) certificate on the array members. For more information, see HOW
TO:
> Enable SSL Encryption for SQL Server 2000 with Certificate
> Server(http://www.microsoft.com/).
> For ISA Server 2006 Standard Edition, by default, ISA Server uses a
> Secure Sockets Layer (SSL)-encrypted connection to the computer
> running SQL Server, to help secure the sensitive data in the log
> files. To enable this connection, you must install a root
> certification authority
> (CA) certificate on the ISA Server computer. For more information, see
> HOW TO: Enable SSL Encryption for SQL Server 2000 with Certificate
> Server(http://www.microsoft.com/).
> For ISA Server 2006 Enterprise Edition, for instructions on
> configuring data encryption for ISA Server, see Use data encryption
> when connecting to an SQL database.
> For ISA Server 2006 Enterprise Edition, we recommend that you use
> Ethernet cards for the Peripheral Component Interconnect (PCI) bus
> with transfer rates of 100 megabits per second for communication
> between the array members and the computer running SQL Server.
> For ISA Server 2006 Standard Edition, we recommend that you use
> Ethernet cards for the Peripheral Component Interconnect (PCI) bus
> with transfer rates of 100 megabits per second for communication
> between the ISA Server computer and the computer running SQL Server.
> Related Topics
>
>
>
>
>
> ----------------------------------------------------------------------
> --
> --------
> Get latest ISA Server content at ISA Server
> Guidance(http://www.microsoft.com/).
> Send feedback about this page.
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://blogs.isaserver.org/shinder/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
>
>
>> -----Original Message-----
>> From: isalist-bounce@xxxxxxxxxxxxx
>> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Michael Ross
>> Sent: Tuesday, September 12, 2006 3:46 PM
>> To: isalist@xxxxxxxxxxxxx
>> Subject: [isalist] Change to sql 2005 for logging
>>
>> http://www.ISAserver.org
>> -------------------------------------------------------
>>
>> Anyone have a how to for changing ISA2004 from using the installed
>> MSDE database and instead using a SQL 2005 server?
>> ------------------------------------------------------
>> List Archives: //www.freelists.org/archives/isalist/
>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>> ISA Server Articles and Tutorials:
>> http://www.isaserver.org/articles_tutorials/
>> ISA Server Blogs: http://blogs.isaserver.org/
>> ------------------------------------------------------
>> Visit TechGenix.com for more information about our other sites:
>> http://www.techgenix.com
>> ------------------------------------------------------
>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
>> Report abuse to listadmin@xxxxxxxxxxxxx
>>
>>
>>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials:
http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
