Monitoring server resources

  • Article

Updated: April 8, 2010

Applies To: Unified Access Gateway

The performance of the Forefront UAG server can be affected by the performance of resources on the servers. As and when required, you should compare collected performance monitor information against baseline information in order to analyze the performance of the Forefront UAG servers.

Check the following:

  • Performance monitor counters—The Performance monitor can provide ad hoc monitoring information of your Forefront UAG server resources. To fully utilize the performance monitor, you should create a baseline and then use it to assess the status of the Forefront UAG resources. There are many performance monitor counters that you can use to monitor your servers. For more information, see Taking your Server’s Pulse (https://go.microsoft.com/fwlink/?LinkId=183515).

    The following are examples of some of the counters that you should monitor on an on-demand basis. You should configure alerts based on the baselines set for Forefront UAG servers.

    General resource utilization counters

    Counter name Description

    LogicalDisk: % Free Space

    Hard disks drives are a critical component of your Forefront UAG servers. Without sufficient free disk volume, neither the operating system nor Forefront UAG can function correctly. The LogicalDisk: % Free Space counter reports the percentage of unallocated disk space to the total usable space on the logical volume.

    Processor : % Processor Time

    The % Processor counter provides a measure of how much time the processor actually spends working on productive threads and how often it was busy servicing requests. CPU utilization provides information about how busy your CPUs processors are. You can monitor the percentage of your server's CPU utilization.

    Memory : Pages/sec

    The Pages/sec counter is a combination of Pages Input/sec and Pages Output/sec counters. This counter is a general indicator of how often the system is using the hard drive to store or retrieve memory associated data.

    Important Forefront UAG DirectAccess specific counters

    Object name Counter name

    IPSec DOS Protection

    Current State Entries—The number of active state entries in the table. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface.

    IPSec DOS Protection

    Inbound Rate Limit Discarded ICMPv6 Packets/sec—The rate at which ICMPv6 packets are received on a public interface and discarded because they exceeded the rate limit for ICMPv6 packets per second. ICMPv6 Echo request and response packets are used to determine the closest Teredo relay that can be used to communicate with an IPv6 host.

    IPSec DOS Protection

    Inbound Rate Limit Discarded IPv6 IPsec Authenticated Packets/sec—The rate at which authenticated IKEv1, IKEv2, AuthIP, or ESP IPv6 packets, are received on a public interface and discarded because they exceed the rate limit for IPv6 IPsec authenticated packets per second. An authenticated packet is an IPsec packet with an associated state entry.

    IPSec DOS Protection

    Inbound Rate Limit Discarded IPv6 IPsec Unauthenticated Packets/sec—The rate at which unauthenticated packets are received on a public interface and discarded because they exceed the rate limit for IPv6 unauthenticated packets per second. An unauthenticated packet is a packet without an associated state entry.

    Forefront UAG DNS64

    Total Query Average Processing Time—The average total processing time it takes for a DNS64 query to complete.

    Forefront UAG DNS64

    Total Query Dropped—The total number of unsupported queries to the DNS64.

    IPsec AuthIP IPv6

    Failed Main Mode Negotiations per Second—The rate of failed main mode negotiations.

    IPsec AuthIP IPv6

    Failed Extended Mode Negotiations per Second—The rate of failed extended mode negotiations.

    IPsec Driver

    Packets That Failed Replay Detection per Second—The rate of packets that contained an invalid sequence number since the computer was last started. Increases in this counter might indicate a network problem or replay attack.

    IPsec Driver

    Incorrect SPI packets per Second—The rate of packets for which the Security Parameter Index (SPI) was incorrect since the computer was last started. A large number of packets with bad SPIs within a short amount of time might indicate a packet spoofing attack.

    Teredo Server

    In - Teredo Server Total Packets: Success + Error—The total packets received by the Teredo server.

  • Free disk space—It is important to monitor the amount of available storage space on your disks, because programs might fail due to an inability to allocate space. You can also monitor free disk space by using:

    • Windows Explorer, to check for free disk space on drives on the Forefront UAG server.

    • Resource monitor Disk Storage, to see how much disk space is being used.

If System Center Operations Manager 2007 is deployed, you can use the Forefront Unified Access Gateway (UAG) System Center Operations Manager (SCOM) Management Pack (version 4.0.1095.0) to monitor performance on Forefront UAG servers. For more information, see System Center Operations Manager 2007 (https://go.microsoft.com/fwlink/?LinkId=183514).

For more information about the Forefront UAG System Center Operations Manager (SCOM) Management Pack (version 4.0.1095.0), see Using System Center Operations Manager (SCOM).