Skip to main content

 

 

Cisco Defense Orchestrator

Shared Objects

About Shared Objects

Cisco Defense Orchestrator (CDO) calls objects on multiple devices with the same name and same contents, shared objects. Shared objects are identified by this icon badge_shared.png on the Objects page. Shared objects make it easy to maintain policies because you can modify an object in one place and that change will affect all the other policies that use that object. Without shared objects, you would need to modify all the policies individually that require the same change.

When looking at a shared object, CDO shows you the contents of the object in the object table. Shared objects have exactly the same contents. CDO shows you a combined or "flattened" view of the elements of the object in the details pane. Notice that in the details pane, the network elements are flattened into a simple list and not directly associated with a named object.

shared_objects_cropped.png

 

Editing Shared Objects

When you edit a shared object, your change is propagated to all the devices that use that object; however, you can also limit a change to a single device.

Edit a Shared Object Across All Devices

To edit a shared object for all devices that use it, follow this procedure:

  1. Open the Objects page.
  2. Check the Shared objects filter and and enter information in the objects search field to find the object you want to change.
  3. Select that object and click the edit icon.
  4. Edit the object and click Save.
  5. Review the affected devices and policies and click Confirm
  6. Return to the Devices & Services page and select the device affected by this object change, notice that the device is not synced.
  7. If you are ready, click Write Changes Manually... in the Not Synced box to write these changes to the device. 

Edit a Shared Object on a Single Device

Editing a shared object on a single produces an inconsistency between its use on the one device and its use on all the other devices that share it. You may want to do this for some reason only relevant to a particular network segment.

  1. Open the Devices & Services page.
  2. Filter the list of devices to find the device you want to change.
  3. Select that device and click View Objects in the Actions pane. CDO directs you to the Objects page and adds your device to the objects device filter.
  4. Check the Shared objects filter and and enter information in the objects search field to find the object you want to change.
  5. Select that object and click the edit icon.
  6. Edit the object and click Save.
  7. Review the affected devices and policies and click Confirm
  8. (Optional) By changing a shared object on a single device, you have created an inconsistent object. See Resolve Duplicate, Inconsistent, and Unused Object Issues for instructions on how to resolve the inconsistent object issue. 
  9. Return to the Devices & Services page and select the device affected by this object change, notice that the device is not synced.
  10. If you are ready, click Write Changes Manually... in the Not Synced box to write these changes to the device. 
  • Was this article helpful?