Importing Srx Series Devices That Contain Inactive Policies; Exporting Policies - Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual

Importing SRX Series Devices That Contain Inactive Policies

Exporting Policies

Copyright © 2010, Juniper Networks, Inc.
When NSM imports an SRX Series device that contains an inactive policy, the inactive
policy configuration is imported into the NSM device configuration table (device obj), as
occurs in the case of in-device policy management. In addition, the inactive policies are
not displayed on the UI when the device is in central policy manager mode. All shared
objects that are used in the inactive policies are imported into their respective shared
objects table. Consequently, if the shared object (that is used in the inactive policy) is
edited or deleted, the changes are updated to the device on next update.
NOTE: Re-importing an SRX Series device that contains inactive policies does not
create duplicates of the shared objects that are included in the inactive policies in NSM.
You can export a security policy rulebase to an HTML file.
To export a security policy, select File > Export Policy. (You can also use the button or
Alt-E.) In the
Export Policy
Select all rulebases
Expand rule groups
Show expanded view
Print filter condition
Link all shared object details
Run in background
Click the button to select a default export directory for all future exports. Click
Browse
to export the file. You can choose to export the policy as a background process
Export
by selecting the Run in background
and view the completed percentage in a dialog
Export Policy Status
Each export creates a new directory. The default directory name is
<policyname>_YYMMDD_HHMMSS. The export process puts each rulebase in a separate
HTML file in that directory.
Use an HTML browser to view the exported file. Expanded views may make the output
too wide for a standard printer. Shared objects like Address, Service, Install on, Attack
columns and so on, appear as links. Click on a link to view details about the selected
object in a new HTML page.
To export an expanded view of the Zone based Firewall Rules from a security policy,
select a policy from Policies.
dialog box, select Zone based Firewall Rules. Select Show Expanded View. Browse to
an export directory and click Select Export Directory. Click Export.
dialog box, select from the following options:
option. To check progress during a policy export, click
Then select File > Export Policy from the menu bar. In the
Chapter 9: Configuring Security Policies
513