-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
NSM – Template Dos and Don'ts
06/03/2024 
32 People found this article helpful
114,342 Views
Description
Templates allows to effectively deploy and manage common configurations across firewalls within NSM Tenant. Templates in NSM have following behaviors:
Things to note:
1. Template records every activity for each change included and performs those steps in order when applied onto Firewalls. It’s recommended to check ‘View Template Details’ of Template and verify the steps before applying to the Firewall/s or Group.
For Ex: Adding an address object named ‘Google DNS’ and then renaming that to ‘Public DNS’ and finally deleting it from template.
This address object is no more visible in the template UI and should’t be applied but when template is applied to a firewall/s, above steps will be performed in the same sequence: creating the address object, renaming it, deleting it. Which at times leads to failed commits or setting mismatch.
2. Currently there are no validation checks in Template and it may lead to error/ issues when applying specific changes to firewalls.
For Ex: An address object called ‘Google DNS’ is created and is used in an Access Rule. Later changed the name to ‘Public DNS’. The Access Rule loses its association with the ‘Google DNS’ and replaced it default ‘any’.
3. Template can be deleted from NSM but once a template is applied to a NSM group, changes stay on the group, even if the template is deleted and no more exists in NSM. Previous changes through that Template still applied to the group and underneath firewalls.
4. Interfaces in SonicWall firewall are stored as array. Let’s say X0 has been configured with following:
- 192.168.1.254/255.255.0.0, default gateway 192.168.7.1, with HTTPS disable, SNMP enabled
To change the interface IP from 192.168.1.254 to 192.168.1.1 using template, It will push the IP address along with default settings of the X0 interface like below:
192.168.1.1/255.255.255.0, default gateway 0.0.0.0, HTTPS enabled, SNMP disabled, etc
Note: The JSON actions of Template can be viewed by clicking on ‘View Template Details’.
5. It’s recommended to create a new Template instead of using existing Template with pre-existing configuration. That will help avoid any unwanted changes pushed to firewalls.
6. Instead of using a large template, its recommended to create multiple templates with small set of changes with a specific setting as needed.
Refer to below technical document for more information:
https://www.sonicwall.com/support/technical-documentation/docs/nsm-administration/Content/topics/Templates/new-features-templates.htm/
Related Articles
- Understanding Zero touch and Zero touch status (NSM)
- How to export CSC Users based on Tenants
- How to Expand the Hard Drive of a GMS Virtual Appliance
YES
NO