Automating Policy Deployment
After modifying configuration settings in the CDO, you must deploy those changes to the affected devices.
In a multidomain deployment, you can schedule policy deployments only for your current domain.
Caution | When you deploy, resource demands may result in a small number of packets dropping without inspection. Additionally, deploying some configurations restarts the Snort process, which interrupts traffic inspection. Whether traffic drops during this interruption or passes without further inspection depends on how the target device handles traffic. See Snort Restart Traffic Behavior and Configurations that Restart the Snort Process When Deployed or Activated.
|
Procedure
Step 1 | Select System (). | ||
Step 2 | Click Add Task. | ||
Step 3 | From Job Type, select Deploy Policies. | ||
Step 4 | Specify how you want to schedule the task, Once or Recurring:
| ||
Step 5 | Type a name in the Job Name field. | ||
Step 6 | In the Device field, select a device where you want to deploy policies. | ||
Step 7 | Select or deselect the Skip deployment for up-to-date devices check box, as required. By default, the Skip deployment for up-to-date devices option is enabled to improve performance during the policy deployment process.
| ||
Step 8 | If you want to comment on the task, type a comment in the Comment field. The comment field displays in the Tasks Details section of the schedule calendar page; keep comments brief. | ||
Step 9 | If you want to email task status messages, type an email address (or multiple email addresses separated by commas) in the Email Status To: field. You must have a valid email relay server configured to send status messages. | ||
Step 10 | Click Save. |