Importing Firewall Policies
Use this page to manually import a firewall policy from the discovered or onboarded sites (next generation firewall sites).
To import a firewall policy:
- Select Configuration > Firewall > Firewall Policy.
The Firewall Policy page appears.
- Click Import.
The Import Firewall Policies page appears displaying a list of discovered devices (next generation firewall devices).
- Select the devices from which you want to import the firewall
policies and click Next.
The Discovered Services tab appears.
- Select the policies that you want to import and click Next.
The Resolve Conflicts tab appears.
- If there are any conflicts with the imported objects,
object conflict resolution(OCR) operation is triggered. The Conflicts
window displays all the conflicts between CSO and the next generation
firewall device. Select an object from the Conflicts window and click
on any of the below option to resolve the object conflict.
The resolution options are:
Rename Object—Rename the imported object. By default, "_1" is added to the object name, or you can specify a new name.
Overwrite with imported value—The object in CSO is replaced with the object from the import operation.
Keep existing object—The object name in CSO is used instead of what is on the next generation firewall device.
- Click Finish.
A summary of the discovered services is listed.
- Review the summary and click OK to import the
The import policy job is created and the firewall policies are imported from next generation firewall device to CSO. You can view the imported policy from the Firewall Policy page.
After importing the firewall policy successfully, you can edit and deploy the policy. See Editing and Deleting Firewall Policies, Editing, Cloning, and Deleting Firewall Policy Intents, and Deploying Firewall Policies.