Improvements to the ASA Shared Policy Model

In the former ASA shared policy model, an implicit policy sharing approach was used. This required manually configuring the same policy on multiple ASA devices individually. Security Cloud Control would then automatically detect these identical policies across devices and consolidate them into a single shared policy. For instance, if the same policy was created on fifty ASA devices, Security Cloud Control would recognize this and consolidate the fifty policies into one shared policy across those devices.

Conversely, the new ASA shared policy model employs an explicit policy approach. This requires creating and sharing an access control list by assigning it to the ASA devices. For example, you can create one access control list, define rules within it, and share it with fifty ASA devices by assigning it to them.

ASAs Onboarded Before the New Shared Policy Model

If your ASA was onboarded prior to the introduction of the new shared policy model, any shared access policy will revert to individual policies upon opening them in the new model. To maintain the shared policy structure, you must manually open each policy and explicitly share it with the desired devices. Deployment is not required if the policy was already shared before the transition.