When Application Control is enabled in IWSVA 6.5, this causes the network to slow down.
The appd process used by Application Control analyzes a packet data through IWSVA and then uses it for reports and logs.
Appd checks the packet data before the virus scan or the URL filtering HTTP service. This means that when appd is enabled, IWSVA takes more time than when it is disabled. Therefore, Trend Micro recommends to stop the appd process or (only if it is not needed by the company policies) to disable application control.
There are two ways to resolve the issue:
By stopping the whole application control:
This method stops the whole application control.
- Log in to the IWSVA WebUI.
- Go to Application Control > Policies.
- Uncheck Enabled Application Control.
- Go to the Bandwidth Control > Policies.
- Uncheck Enabled Bandwidth Control.
By stopping only the appd daemon:
This method only stops the appd process. The Application Control policy still works even if appd is disabled.This requires IWSVA 6.5 SP2 Patch 1 (build 1707) or later.
Create a backup copy of intscan.ini.
# cp -ip /etc/iscan/intscan.ini /etc/iscan/intscan.ini.bak
# vi /etc/iscan/intscan.ini
Change enable_appd_daemon key under [app-control] section from "yes" to "no".
- Save intscan.ini.
Restart the appd daemon.
# /etc/iscan/S99ISappd restart
When Application Control is disabled:
- Application Control Policy does not perform Allow or Block actions.
When Application Control is disabled or appd is stopped:
The following data will not appear on the web console.
- System Status > Concurrent Connection > Application Connections
- System Status > Bandwidth Control - Downstream
- System Status > Bandwidth Control - Upstream
- Dashboard > Application Bandwidth
- Dashboard > Top Blocked Applications
- Dashboard > Top Allowed Applications
- Dashboard > Top Policy Enforcement - Application Control
- Log > Log Analysis > Application bandwidth
- Reports > Internet Access > Top N Applications Visited
- Reports > Bandwidth > Top N Application by Bandwidth
- Reports > Bandwidth > Top N Users by Bandwidth
- Reports > Bandwidth > Top N Groups by Bandwidth
- Reports > Policy Enforcement > Top N Applications Blocked
- Reports > Policy Enforcement > Most Violation for Application Control Policy