Policies
- Assigning or Synchronizing a Common Configuration to NG Firewall Appliances
ETM Dashboard Configuration Templates enable you to replicate a configuration across multiple NG Firewall appliances. This is useful for example if you want to have a standby failover system, or if you manage multiple deployments that use an identical configuration. Configuration replication works in combination with Configuration Backup.
Assigning or Synchronizing a Common Configuration to NG Firewall Appliances
ETM Dashboard Configuration Templates enable you to replicate a configuration across multiple NG Firewall appliances. This is useful for example if you want to have a standby failover system, or if you manage multiple deployments that use an identical configuration. Configuration replication works in combination with Configuration Backup.
NG Firewall configuration replication can include a complete configuration or specific sections of the configuration. You can manage both options in the Appliances > NGFW Policies area of ETM Dashboard.
- To push the complete configuration use Templates. Note that the network configuration is excluded from the template.
- To push specific types of the configuration such as Firewall rules or Captive Portal settings, use the application grouping options along the top of the Policies menu.
Prerequisites
- Appliances must meet the requirements for managing appliances in ETM Dashboard.
- Configuration templates are based on backups. Therefore you must install and enable Configuration Backup.
- Each NG Firewall appliance must be running version 13.2 and above.
Creating Templates
- Navigate to the Appliances > NGFW Policies tab in ETM Dashboard.
- In the menu bar along the top of the table, click Template Configuration.
- Click Add Template to open the template configuration wizard.
- Choose an appliance you want to use as the configuration master and click Next.
- Choose a recent backup and click Next.
- Choose appliances to sync from the master.
- If you want the appliances to synchronize when you make changes to the master, enable Keep in Sync and set a schedule.
-
- Click Next.
- On the final step, click Create Template to apply the configuration template.
Managing Templates
Sorting and Filters
The Template Configuration grid displays your templates and relevant details in sortable and filterable columns. You can manage these options and show or hide columns by clicking the three horizontal lines to the right of any column header to access the menu.
Sync options
Sync Now - You can manually initiate a configuration sync by selecting one or more templates and clicking Sync Now. You can also configure appliances to synchronize automatically.
Keep in Sync - You can set a sync schedule as Immediate, Daily, or Weekly. You can configure the Keep in Sync option when creating a new configuration template, or afterwards by selecting the template and clicking Manage Template.
- If a template is configured for immediate synchronization and the target appliance is offline, the target appliance retries every 12 hours for up to 7 days.
- You can check the status of synchronized appliances in the Audit History of the Event Log.
Target Appliances
Target Appliances inherit the configuration of the Master Appliance based on the sync options. You configure target appliances when creating a new configuration template, or afterwards by selecting the template and clicking Manage Template.
Deleting Templates
To delete one or more templates, select the template and click Delete Templates.