Forefront TMG Cache Test

Forefront Threat Management Gateway (TMG), when deployed as a web proxy server, can be configured to cache frequently requested web objects in memory and on disk in order to improve web browsing performance and to reduce bandwidth utilization. Web content caching is available for both forward and reverse proxy scenarios. Content caching brings with it different benefits in each of these deployment scenarios.

With content caching enabled, when the TMG firewall receives a web proxy request the firewall will first attempt to fulfill the request from the cache. If the requested content does not exist in the cache, it will make the request of the origin server as normal. When the web server responds, TMG will return the content to the client, and then store any cacheable content in the cache. Subsequent requests for the same content will be served directly from the cache and returned to the client at LAN speeds, eliminating the need to make a trip to the origin server to retrieve the content. This improves page loading speeds for end users and reduces bandwidth consumption on Internet links.

Therefore, if end users complain of slowness when browsing, it would be good practice to check on cache usage first, as an improperly sized cache or an ineffectively utilized cache is a key contributor to poor web browsing experience. Such imperative cache usage checks can be performed using the Forefront TMG Cache test. This test monitors how well Forefront TMG utilizes its content cache, promptly captures poor cache usage trends, and indicates whether/not these disturbing trends are owing to insufficient space in the cache. This way, administrators can be forewarned of deficiencies in the caching mechanism of the Forefront TMG, accurately identify where the bottleneck is, and rapidly fix it, to ensure peak web browsing performance.

Target of the test : A Forefront TMG Server

Agent deploying the test : An internal agent

Outputs of the test : One set of results for the Forefront TMG being monitored.

Configurable parameters for the test
Parameter Description

Test Period

How often should the test be executed.

Host

The IP address of the host for which this test is to be configured.

Port

The port at which the specified host listens to. By default, this is 1745.

IsPassive

If this parameter is set to Yes, then it means that, by default, all the Forefront TMG servers being monitored by the eG system are the passive servers of a Forefront TMG cluster. No alerts will be generated if the servers are not running. Measures will be reported as “Not applicable” by the agent if the servers are not up.

Measurements made by the test
Measurement Description Measurement Unit Interpretation

Data from disk cache

Indicates the rate at which data is retrieved from the disk drive that is allocated for content caching in this firewall.

KB/Sec

A high value is desired for these measures. A steep drop in these values is a cause for concern, as it could indicate low cache hits.

Data from memory cache

Indicates the rate at which data is retrieved from the memory that is allocated for content caching in this firewall.

KB/Sec

Disk failure rate

Indicates the rate at which I/O operations failed on the disk that is enabled for content caching since the start of the firewall service.

Failure/Sec

An I/O failure occurs when the Forefront TMG fails to read from or write to the disk. A low value is desired for this measure. A steady increase in this value could indicate that the disk does not have enough space to provide caching services – i.e., to service read/write requests. This in turn may cause many requests to the routed to the origin server, thus increasing bandwidth consumption and delaying web access. If this is to be avoided, you need to make sure that the disk cache is properly sized. 

Disk write rate

Indicates the rate at which data is written to the disk that is allocated for content caching.

KB/sec

A high value is desired for this measure.

Total disk failures

Indicates the number of times the Forefront TMG failed to read from/write to the disk since the start of the firewall service.

Number

A low value is desired for this measure. . A steady increase in this value could indicate that the disk does not have enough space to provide caching services – i.e., to service read/write requests. This in turn may cause many requests to the routed to the origin server, thus increasing bandwidth consumption and delaying web access. If this is to be avoided, you need to make sure that the disk cache is properly sized.  

URL commit rate

Indicates the rate at which the URLs are stored in the disk that is allocated for content caching.

Urls/sec

 

URL retrieve rate from disk cache

Indicates the rate at which the URLs were retrieved from the disk.

Urls/sec

A high value is desired for this measure.

URL retrieve rate from memory cache

Indicates the rate at which the URLs were retrieved from the memory.

Urls/sec

A high value is desired for this measure.

Space used for disk cache

Indicates the amount of space that is allocated for content caching in the disk.

KB

 

Space used for memory cache

Indicates the amount of space that is allocated for content caching in the memory.

KB

 

Memory usage ratio

Indicates the ratio of fetches from the memory to the total fetches from the overall cache, expressed as percent.

Percent

This measure indicates how well the memory has been utilized for content caching.

Stored URLs

Indicates the number of URLs that are currently stored in the cache.

Number

A high value is desired for this measure. A low value can end up increasing cache misses and degrading overall performance. If the value is consistently low, it could indicate that the cache does not have enough space to store many URLs. You may then want to increase cache size.