Generating a configuration comparison

Before deploying a new configuration on your pool of firewalls, for each firewall, you have the possibility of comparing the last configuration deployed on the firewall in question with the configuration prepared on the SMC server and ready to be deployed on firewalls.

  1. Go to Deployment > Configuration deployment or click on the button Deploy configuration icon in the upper banner of the interface. This button turns orange when changes have been made to the configuration.
  2. In the Deployment column, click on a firewall's Configuration comparison icon icon to display its configuration comparison.
    • The comparison appears in raw format and only shows changes concerning the firewall in question. For clusters, only the active node will be taken into account.

From this window displaying the comparison, you can either download the comparison or download the configuration file in .na (format that can be used on SNS firewalls) or .tgz (configuration files that can be read in a text editor) formats, or deploy the configuration on the firewall.

Once you have viewed the comparison, a status icon can be seen in the Deployment column indicating that:

  • Identical configuration icon : the configuration has not been changed, so deployment is not necessary,
  • Modified configuration icon : the configuration has been changed, and the changes have been listed in the display window. Click on the icon to see the changes that were made to the configuration.
  • Unknown comparison icon : the status is unknown, or the last comparison is no longer valid. Click on the icon to refresh the status.

To view changes to the local configuration on a firewall after it has been deployed, refer to Detecting changes to the local configuration on firewalls.