Compare Policies

To review policy changes for compliance with your organization's standards or to optimize system performance, you can examine the differences between two policies or between a saved policy and the running configuration.

You can compare the following policy types:

  • DNS

  • File

  • Health

  • Identity

  • Intrusion (Only Snort 2 policies)

  • Network Analysis

  • SSL

The comparison view displays both policies in a side-by-side format. Differences between the two policies are highlighted:

  • Blue indicates that the highlighted setting is different in the two policies, and the difference is noted in red text.

  • Green indicates that the highlighted setting appears in one policy but not the other.

Before you begin

You can compare policies only if you have access rights and any required licenses for the specific policy, and you are in the correct domain for configuring the policy.

Procedure

Step 1

Access the management page for the policy you want to compare:

  • DNS—Policies > Access Control > DNS
  • File—Policies > Access Control > Malware & File
  • Health—System (system gear icon) > Health > Policy
  • Identity—Policies > Access Control > Identity
  • Intrusion—Policies > Access Control > Intrusion
    Note

    You can compare only Snort 2 policies.

  • Network Analysis—Policies > Access Control, then click Network Analysis Policy or Policies > Access Control > Intrusion, then click Network Analysis Policies
    Note

    If your custom user role limits access to the first path listed here, use the second path to access the policy.

  • SSL—Policies > Access Control > Decryption

Step 2

Click Compare Policies.

Step 3

From the Compare Against drop-down list, choose the type of comparison you want to make:

  • To compare two different policies, choose Other Policy.
  • To compare two revisions of the same policy, choose Other Revision.
  • To compare another policy to the currently active policy, choose Running Configuration.

Step 4

Depending on the comparison type you choose, you have the following choices:

  • If you are comparing two different policies, choose the policies you want to compare from the Policy A and Policy B drop-down lists.
  • If you are comparing the running configuration to another policy, choose the second policy from the Policy B drop-down list.

Step 5

Click OK.

Step 6

Review the comparison results:

  • Comparison Viewer—To use the comparison viewer to navigate individually through policy differences, click Previous or Next above the title bar.

  • Comparison Report—To generate a PDF report that lists the differences between the two policies, click Comparison Report.