Skip to main content

 

 

Cisco Defense Orchestrator

Check for Configuration Changes

Check for Changes to determine if the device's configuration has been changed directly on the device and it is no longer the same as the copy of the configuration stored on CDO.  You will see the this option when the device is in the "Synced" state.

To check changes:

  1. On the navigation bar, click Devices & Services.
  2. Select the device, whose configuration you suspect may have been changed directly on the device.
  3. Click Check for Changes in the Synced pane on the right.
  4. The behavior that follows is slightly different depending on the device: 
  • For FTD, Meraki, and AWS devices if there has been a change to the device's configuration, you will receive the message:

Reading the policy from the device. If there are active deployments on the device, reading will start after they are finished.

  • Click OK to continue. The configuration on the device will overwrite the stored configuration on CDO.
  • Click Cancel to cancel the action. 
  • For ASAs, IOS, and SSH devices:
  1. Compare the two configurations presented to you. Click Continue. The configuration labeled "Last Known Device Configuration" is the configuration stored on CDO. The configuration labeled "Found on Device" is the configuration saved on the ASA.
  2. Select either:
  • Reject the out-of-band changes to keep the "Last Known Device Configuration."
  • Accept the out-of-band changes to overwrite the device's configuration stored in CDO with the configuration found on the device.
  1. Click Continue.

Related Articles

  • Was this article helpful?