Hide Navigation Pane
Show Navigation Pane
Download
SHA1
Pushing Security Policy Updates to an IDP Device (NSM Procedure)
You must run a device configuration update job (also called pushing an update) in the following cases:
- After you have revised the security policy assigned to an IDP device. The configuration changes you make in NSM do not affect the IDP device until you have successfully pushed the configuration to the IDP device.
- If you have deleted the device from NSM and reinstall it. In these cases, the IDP device does not retain the previous security policy assignment.
- If you use the NSM Device Manager to change IDP device settings.
To push configuration updates to multiple IDP devices:
- Select Devices > Configuration > Update Device Config to display the Update Devices Options dialog box.
- Select the devices that you want to push configuration updates to and to set update job options on. Table 56 describes devices update job options.
- Click OK.
Table 56: Devices Update Job Options
Tab
Description
General
Run Summarize Delta Config–—Summarizes and runs the delta change in the configuration.
Netconf
Lock configuration during update—Locks configuration while updating device configuration.
Update to candidate config first before commit to running config—Updates the configuration before committing.
Use confirmed commit—Enables commit confirmed.
Rollback candidate config to running config in error—Rollbacks when there is error generated during the configuration.
Discard uncommitted changes when exclusive lock is available—Discards any uncommitted changes during exclusive lock.
ScreenOS and IDP
Show unconnected devices—Lists all devices that are not connected.
Update when device connects—Updates configuration when the devices are connected.
Firewall Device Options—Not applicable.
Standalone IDP device options—Includes the following option:
- Restart IDP Profiler after Device Update—Restarts the Profiler.
ISG Device Options—Not applicable.
To push an update to a specific, single device:
- In Device Manager, right-click the device that you want to push the update to and select Update Device to display the Update Device Options dialog box.
- Set update job options using Table 57.
- Click OK.
Table 57: Device Update Job Options
Option
Description
Update When Device Connects
Updates the device whenever there exist a connection between the devices.
Restart IDP Profiler After Device Update
Restarts the profiler when the device gets updated.
Update IDP Rulebase Only
Updates IDP rulebase only.
Don’t Show This Dialog
Does not allow this dialog box to appear again.
For more information, see the IDP Concepts & Examples Guide.
