FDM-Managed Device Templates

About FDM-Managed Device Templates

Cisco Defense Orchestrator allows you to create a FDM-managed device template of an onboarded FDM-managed device's configuration. When you are creating the template, select the parts (objects, policies, settings, interfaces, and NAT) that you want to include in your FDM-managed device template. You can then modify that template and use it to configure other FDM-managed devices you manage. FDM-managed device templates are a way to promote policy consistency between your FDM-managed devices.

When creating the FDM-managed device template, you can opt to either create a complete or custom template:

  • A complete template includes all parts of the FDM-managed device configuration and applies everything on other FDM-managed devices.

  • A custom template includes only one or more parts of the FDM-managed device configuration that you select and applies only that part and its associated entities on other FDM-managed devices.

Important

The FDM-managed device template will not include certificate, Radius, AD, and RA VPN Objects.

How You Could Use FDM-Managed Device Templates

Here are some ways that you could use FDM-managed device templates:

  • Configure one FDM-managed device by applying another FDM-managed device's configuration template to it. The template you apply may represent a "best practice" configuration that you want to use on all your FDM-managed devices.

  • Use the template as a method to make the device configuration changes and simulate them in a lab environment to test its functionality before applying those changes to a live FDM-managed device.

  • Parameterize the attributes of the interfaces and sub-interfaces when creating a template. You can change the parameterized values of interfaces and subinterfaces at the time of applying the template.

What You Will See in the Change Log

When you apply a template to a device, you overwrite the entire configuration of that device. The CDO change log records every change that gets made as a result. So, change log entries will be very long after applying a template to a device.