Preview provides a snapshot of all the policy and object changes to be deployed on the device. The policy changes include
the new policies, changes in the existing policies, and the deleted policies. The object changes include the added and modified
objects which are used in policies. The unused object changes are not displayed because they are not deployed on the device.
On the Deployment page, the Preview column provides a Preview () icon for each listed device. On clicking the preview icon, the management center displays a UI page listing all the policy and object changes. The left pane on the preview page lists all the different policy
types that have changed on the device, organized in a tree structure.
The Filter icon () provided on the Preview page provides an option to filter the policies at the user level and policy level. Click the Filter icon (). Select the policy or user name, or both, and then click Apply to restrict the displayed listing to only the selected items. To view all the pending deployments, ensure that you click
the Filter icon () and select Reset.
The right pane lists all the additions, changes, or deletions in the policy, or the
object selected in the left pane. The two columns on the right pane provide the last
deployed configuration settings (in the Deployed Version column)
versus the changes that are due for deployment (in the Version on Firewall
Management Center column). The last deployed configuration settings are
derived from a snapshot of the last saved deployment in the management center and not from the device. The background colors of the settings are color-coded as per
the legend available on the top-right of the page.
The Modified By column lists the users who have modified, or added the configuration settings. At the policy level, the management center displays all the users who have modified the policy, and at the rule level, the management center displays only the last user who has modified the rule.
Deployment preview of changes to Security Intelligence, Geolocation, Sinkhole, and File List objects is supported. For an
explanation of these and other reusable objects supported in the management center, see Object Management.
You can download a copy of the change log by clicking the Download as PDF button.
Note
|
-
To preview the deploy changes, you require access from the REST API to the management center. To enable the REST API access, follow the steps in Enabling REST API Access in the Cisco Secure Firewall Management
Center Administration Guide.
-
The preview does not show the reordering of rules across policies.
For DNS policies, reordered rules appear in the preview list as rule additions and deletions. For example, moving a rule from
position 1 to position 3 in the rule order is displayed as if the rule was deleted from position 1 and added as a new rule
in position 3. Similarly, when a rule is deleted, the rules under it are listed as edited rules as they have changed their
positions. The changes are displayed in the final order in which they appear in the policy.
-
The preview shows all the default values, even when they are not altered, along with the other configured settings when an
interface or a platform settings policy is added for the first time. Similarly, the high availability-related policies and
default values for settings are shown, even when they are not altered, in the first preview after a high availability pair
is configured or disrupted.
-
Preview is not supported for some objects.
-
Object additions and attribute changes are displayed in the preview only if the objects are associated with any device or
interface. Object deletions are not displayed.
-
Preview is not supported for the following policies:
-
High availability
-
Network discovery
-
Network analysis
-
Device settings
-
User information at rule level is not available for intrusion policies.
-
The management center displays the username as system for the following
operations:
-
If you change the management center name in System (), the deployment preview does not specify this change, yet it requires deploy.
-
To view changes due to an auto rollback, see Edit Deployment Settings.
|