Guidelines for Import/Export

Supported Configurations

  • Access control policies and the policies they invoke: prefilter, network analysis, intrusion, SSL, file, Service Policy.

  • When exporting policy configuration with dynamic ISE-SGT (Security Group Tag) attributes, ensure that the target Firewall Management Center has the same ISE server configuration. Otherwise, export may lead to object corruption or policy misconfiguration on the target.

  • Intrusion policies, independently of access control

  • NAT policies

  • FlexConfig policies. However, the contents of any secret key variables are cleared when you export the policy. You must manually edit the values of all secret keys after importing a FlexConfig policy that uses secret keys.

  • Platform settings

  • Health policies

  • Alert responses

  • Application detectors (both user-defined and those provided by Cisco Professional Services)

  • Dashboards

  • Custom tables

  • Custom workflows

  • Saved searches

  • Custom user roles

  • Report templates

  • Third-party product and vulnerability mappings

  • Users and groups for user control