Re: Disable Logging System Policies

For me, I just don't wanna log part of denied requests, for example,
broadcast to 137, 138, DHCP requests/replies.

It seems that I have set up some rules based on those broadcast in order to
let your method work. Anyway, thank you.

Ray

"Adar Greenshpon [MSFT]" <adarg@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:eZ2Y0RyUGHA.2444@xxxxxxxxxxxxxxxxxxxxxxx
Go to the Firewall Policy node in the MMC and from the menu select
view-->system policy rules.
Right click on the exact rule --> properties --> Action Tab --> uncheck
log traffic.
(Please remember that there's a different policy rule for traffic coming
from ISA and to ISA)

Just out of curiosity, how much of these protocols traffic do you see in
the logs?
--
Adar Greenshpon
ISA Server Product Team
adar[dot]greenshpon[at]microsoft[dot]com


This posting is provided "AS IS" with no warranties, and confers no
rights.


"C C" <someone@xxxxxxxxxxxxxxx> wrote in message
news:FeiQf.57799$dW3.52115@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Sorry, I did not make myself clear.

I still want logging of firewall events but only
for selected rules. Unlike the regular firewall
rules, the system rules does not have the
tick box for "Log request matching this rule".

I just want to minimize the size of the firewall
log by not having ISA Server 2004 log events
matching most of the System Policy rules.

Thanks in advance.


"Henk Steunenberg (Ms)" <stjesp@xxxxxxxxxxx> wrote in message
news:uVg8tIDRGHA.5552@xxxxxxxxxxxxxxxxxxxxxxx
Hello,

just go to 'monitoring' --> 'logging' Tab--> select 'configure F/w
Logging'--> in properties for ' F/w Logging' in bottom of the 'Log' Tab
ensure that 'enable F/w Logging' is not selected ! same for the other
Logs

regards,

Henk

"C C" <someone@xxxxxxxxxxxxxxx> wrote in message
news:OPnWb08QGHA.5500@xxxxxxxxxxxxxxxxxxxxxxx
We have ISA Server 2004 and the firewall log is getting big.
How can I disable logging of Kerberos, Netbios, Active
Directory, etc entries?









.

Relevant Pages

  • Re: Network Firewall/Routing Solution
    ... Cisco router w/ Firewall IOS, ... > not working properly at all with multiple network cards. ... > I will need to deal with inbound web and ftp requests from the ... > non-pasv connections. ...
    (comp.security.firewalls)
  • Re: IDS and SSL
    ... invalid requests not just detection. ... In English: attacks against ... The web application firewall ... Quite frankly I wouldn’t put a web server of any worth ...
    (Vuln-Dev)
  • Re: Network Firewall/Routing Solution
    ... >> firewall combo boxes that linksys sells, and I really don't want to run ... >> not working properly at all with multiple network cards. ... >> like Unicode and header information for http requests, ... >> non-pasv connections. ...
    (comp.security.firewalls)
  • Configure Proxy to forward to internal Proxy?!
    ... the following problem: Outgoing proxy requests from internal clients should be forwarded to an internal proxy: ... An internal client requests an address to the isa server, which is located in the internal network. ... I used all 3 possibilities in ISA Server routing rule. ...
    (microsoft.public.isa.configuration)
  • Re: How to tell if a firewall alert is suspicious or not
    ... There exists innocent common connections reported by the firewall ... Is there a site where all the common innocent connections are listed? ... I keep a list of the common contact requests & this isn't one of them. ...
    (comp.security.firewalls)