Guidelines for Import/Export

Supported Configurations

  • Access control policies and the policies they invoke: prefilter, network analysis, intrusion, SSL, file, Service Policy.

  • When exporting policy configuration with dynamic ISE-SGT (Security Group Tag) attributes, ensure that the target Cloud-Delivered Firewall Management Center has the same ISE server configuration. Otherwise, export may lead to object corruption or policy misconfiguration on the target.

  • Intrusion policies, independently of access control

  • NAT policies

  • FlexConfig policies. However, the contents of any secret key variables are cleared when you export the policy. You must manually edit the values of all secret keys after importing a FlexConfig policy that uses secret keys.

  • Platform settings

  • Health policies

  • Alert responses

  • Application detectors (both user-defined and those provided by Cisco Professional Services)

  • Dashboards

  • Custom tables

  • Custom workflows

  • Saved searches

  • Custom user roles

  • Report templates

  • Third-party product and vulnerability mappings

  • Users and groups for user control