[isalist] Re: my experience with surf control 5.5
- From: "Ball, Dan" <DBall@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Fri, 12 Jan 2007 14:11:34 -0500
I ran into a very similar problem with SurfControl this afternoon. All traffic
through the ISA server slowed to a crawl, then stopped completely. I rebooted
the server, and waited about a half-hour for it to come back up, but it never
did. Suspecting SurfControl, I brought it up in Safe Mode and disabled that
service, then the server came up immediately.
Contacting tech support shows that it is not an entirely unknown problem, and
there is a hotfix for version 5.5 available that addresses high CPU
utilization…
http://kb.surfcontrol.com/display/1/articleDirect/index.asp?aid=2064&r=0.3462793
I installed that hotfix, and so far so good, I have my fingers crossed…
________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Ara Avvali
Sent: Thursday, January 11, 2007 11:26 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: my experience with surf control 5.5
Second post, No idea why characters are messed up but I thought it is worth the
share. Sorry for duplicate
I said let’s reboot the server one more time and see what happens. Web
filter didn’t start automatically again and I got this error on email
notifications: The connection between the SurfControl Web Filter and the ISA
server has been lost.
Oops that's not good and I didn't want to end up with a crashed server as you
said. So I took your advice to go the way of reinstalling everything.
Downloaded the new version of SQL express posted on their site. Then I
uninstalled SC and remove the msde too. Rebooted and went to the program files
folder and deleted SC and any sql server folder except the one for ISA (msfw).
Rebooted again and ISA came up fine with no error also the SC filter was
unregistered from add-in section. So this time I stopped ISA server control
service which stops the firewall, routing and remote access and job scheduler
service. Did the SQL installation (2005) and no problem. Installed SC and no
error as mentioned in previous emails when installation fails to stop the
firewall service. Then I stated services in opposite direction (server control
service, firewall, routing and remote access and job scheduler). Then I
rebooted the server and this time web filter stated automatically as it should.
Recreating rules for me was easy because I only have 2 rules. Denied categories
first and then allowed. No exception for any individual.
Thanks for giving me the warning otherwise I may have been down the same road.
________________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Ball, Dan
Sent: Thursday, January 11, 2007 12:18 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: my experience with surf control 5.5
This was pretty much my experience, except that I also upgraded ISA at the same
time…
I backed up all configurations, then ran did the upgrade to ISA2006. I then
upgraded the SurfControl program to version 5.5, and ran into the same scenario
that you showed below. The install gave me an error message (same one below),
but kept running after I clicked OK. Realizing that it wanted the Firewall
Service stopped (and probably hadn’t installed the ISA plug-in correctly), I
stopped the Firewall Service and did a repair install of SurfControl. I
rebooted the server, and found that the SurfControl service was set to manual.
I started the service manually, and it seemed to start up fine, appearing to
work they way it should. I didn’t pay too much attention as to why it was
set to start manually…
I found out a couple of weeks later that the rules database was corrupt. When
I made a change to the rules database, it knocked the whole server down in a
matter of seconds. That was an extremely painful experience, took me awhile to
figure out what was wrong. What made it exceedingly difficult was that the
entire server was rendered useless, I couldn’t even log in via the local
console.
My suggestion: Re-install SurfControl as soon as you can, there is probably a
lingering issue there that you don’t want to find out about the hard way.
Backup all your configurations for SurfControl, uninstall it completely (delete
anything left over), then re-install and restore your configuration.
Apparently files are stored in a different location in version 5.5, which
“might” be part of the problem. Once you get it back up and running, go
through your rules (in every possible area) and look for any entries that say
ERROR in the title. If you have any of those, delete all rules that are
referencing those entries, delete the offending customization, and re-create
it.
________________________________________
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Ara Avvali
Sent: Thursday, January 11, 2007 2:10 PM
To: undisclosed-recipients
Subject: [isalist] my experience with surf control 5.5
Ok
So I just want to share the story. I did re-image the server on another machine
and logged in to it. Then I did an in-place upgrade from 5.1 to 5.5. It went
smoothly telling me that it is going to upgrade rules and settings. Rebooted
the server and registered filter for ISA was upgraded to 5.5. So I let it run
for couple hours and checked on event logs and service status and everything
was cool.
Then I went ahead and did it on live server. This time damn thing gave me the
error which is attached during installation. Then it was installed and
rebooted. Upon reboot web filter service did not start automatically and I had
to it manually but everything seems to be working fine and no nasty event so
far. If I remember it correctly this error is related to the fact that SF can
not stop the firewall service on its own so you should stop it manually before
attempting the upgrade. I will post again for those who are interested. Just
have to figure it out why the web filter service does not start automatically
☹
Other related posts:
