Conflict Resolution for Duplicate Configurations

Default Resolution Behavior

When you attempt to import a configuration, the Firewall Management Center determines whether a configuration of the same name and type already exists. When an import includes a duplicate configuration, the Firewall Management Center offers resolution options:

• Keep existing

  The Firewall Management Center does not import that configuration.

• Replace existing

  The Firewall Management Center overwrites the current configuration with the configuration selected for import. This option is not available if the duplicate is in ancestor or descendant domain.

• Keep newest

  The Firewall Management Center imports the selected configuration only if its timestamp is more recent than the timestamp on the current configuration. This option is not available if the duplicate is in ancestor or descendant domain.

  Note

  If you import a configuration that contains Microsoft Active Directory users and groups we strongly recommend you download all users and groups after the import to avoid issues in decryption policies, access control policies, and possibly other policies. (Integration > Other Integrations > Realms > Realms, then click Download Now() (Download Now).

• Import as new

  The Firewall Management Center imports the selected duplicate configuration, appending a system-generated number to the name to make it unique. (You can change this name before completing the import process.) The original configuration remains unchanged.

File List Resolution Behavior

When you import an access control policy with a file policy that uses clean or custom detection file lists, and a file list presents a duplicate name conflict, the Firewall Management Center offers conflict resolution options as described, but the action taken varies as described in the table: