Selective Policy Deployment
The management center allows you to select a specific policy within the list of all the changes on the device that are due for deployment and deploy only the selected policy. Selective deployment is available only for the following policies:
-
Access control policies
-
Intrusion policies
-
Malware and file policies
-
DNS policies
-
Identity policies
-
SSL policies
-
QoS policies
-
Prefilter policies
-
Network discovery
-
NAT policies
-
Routing policies
-
VPN policies
There are certain limitations to selectively deploying policies. Follow the contents in the table below to understand when selective policy deployment can be used.
Type |
Description |
Scenarios |
---|---|---|
Full deployment |
Full deployment is necessary for specific deploy scenarios, and the management center does not support selective deployment in such scenarios. If you encounter an error in such scenarios, you may choose to proceed by selecting all the changes for deployment on the device. |
Scenarios wherein a full deployment is required are:
|
Associated policy deployment |
The management center identifies interdependent policies which are interlinked. When one of the interlinked policies is selected, the remaining interlinked policies are automatically selected. |
Scenarios wherein an associated policy is automatically selected:
Scenarios wherein multiple policies are automatically selected:
|
Interdependent policy changes (shown using color-coded tags) |
The management center dynamically detects dependencies in-between policies, and between the shared objects and the policies. The interdependency of the objects or policies is shown using color-coded tags. |
Scenarios wherein color-coded interdependent policies or objects are automatically selected:
|
Access Policy Group specifications |
Access Policy Group policies are listed together in the preview window under Access Policy Group when you click View (). |
The scenarios and the expected behavior for Access Policy Group policies are:
|