• Network Security Manager 2.4.0
• Network Security Manager Overview
  • About Network Security Manager
  • Related Documents
  • API Support
  • Legal Information
  • Conventions
    • Guide Conventions
    • UI Conventions
• Dashboard
  • Summary
  • Network
  • Threat
• Firewalls
  • Device Inventory
    • Device Status
      • Management Status
      • System Details
      • License Details
      • Zero Touch Status
      • Template and Firmware Versions
    • Managing Devices
      • Editing Device Settings
      • Multi-device Firmware Upgrade
      • Upgrading Firmware
      • Synchronizing Firewall Configuration with NSM
      • Creating Backup of Device Configuration
      • Manual Firewall Acquisition
    • Firewall View
  • Device Groups
    • Working with Device Groups
      • Creating Device Groups
      • Editing Device Groups
      • Creating Backup of Device-Group Configuration
      • Deleting Device Groups
  • Device Backups
    • Scheduling Backups
    • Archiving TSR
    • Archiving EXP
• Templates and Variables
  • Templates
    • Templates Inventory
    • Creating Templates
    • Editing Templates
    • Viewing Template Configuration
    • Creating Duplicate Template
    • Modifying Template Attributes
    • Applying Templates
    • View Template Status
    • Deleting Templates
  • Golden Template
  • Variable Data
    • Template Variables Overview
    • Add Variable
    • Edit Variable
    • Resolve Variable
    • Delete Variable
    • Using Template Variables
    • Creating Variables within Templates
• SonicWall Switch Configuration in Template
  • Add Switch
  • Edit Port
  • Switches
    • Network
    • Users
    • Static routes
    • 802.1x
    • Radius server
    • ARP
• Certificates
  • Navigating Certificates
  • New Signing Request
  • Commit and Deploy Certificate(s)
  • Configuring SCEP
  • Importing Certificates
  • Deleting Certificates
• Configuration Management
  • Approval Groups
    • Approval Workflow Settings
  • Approval Group Management
    • Searching the Approval Groups
    • Adding a New Approval Group
    • Editing an Approval Group
    • Deleting an Approval Group
    • Setting the Default Approval Group
  • Configuration Management Workflow
    • Committing and Deploying the Updates
      • Committing and Deploying Updates in the Firewall View
      • Committing and Deploying Updates to Device(s) in the Manager View
    • Viewing Pending Configuration Updates
    • Discarding Pending Configurations
    • Monitoring Commits
    • Managing Commits
      • Editing Commits
      • Redeploying Commits
      • Rescheduling Commits
      • Deleting Commits
    • Auditing Configuration Changes
• Tenants
• VPN Topology
  • IPsec VPN Topology
    • Topologies
      • Hub and Spoke Topology
      • Full Mesh Topology
      • Point to Point Topology
    • Security Associations
  • IPsec Monitor
  • Global Settings
• SD-WAN Topology
  • Configuring SD-WAN
  • Basic Information
  • Rules and Devices
    • Service Rule
    • Application Rule
    • Device Selection
• CSC Users
  • CSC User Status
  • Users
    • Sorting and Filtering
    • Editing CSC Users
  • Support Portal Users
  • Roles and Permissions
  • Authentication Servers
• Scheduled Reports
  • Managing the Schedules
    • Creating Scheduled Reports
    • Editing Schedule
    • Running Reports Manually
    • Setting the Report Date Range
  • Archived Reports
    • Downloading Archived Reports
• System Events
  • Configuring Log Settings
  • Alerts and Notifications
  • Configuring Twilio Setting for SMS
  • Viewing System Events
• SonicWall Support
  • About This Document

Golden Template

Golden configuration template can be used to increase the operational efficiency and minimize configuration errors. Customers with large no of tenants and firewalls (Distributed enterprises and MSSPs) can convert a gold standard device configuration into a template which could be applied to the new devices. The administrator can select a device from the firewall inventory page and export its configuration as a golden template.

• Preparing the Firewall
• Exporting the Firewall Configuration into Template
• Editing Golden Template
• Applying Template to Device Groups or Devices
• Committing and Deploying the Updates

Preparing the Firewall

Before exporting the firewall configuration into the golden template you must ensure the following prerequisites:

• The source and target device model must be running on the same operating system for successful deployments:

  • If you are exporting a template from Gen6 device, then it is not supported to Gen7 device.

  • If you are exporting a template from SonicOS, then it is not supported to SonicOSX.

• Licenses on both source and target firewalls are same.

• The target firewalls are factory reset.

• Create device group structure as per the requirement of the organization.

• Add unassigned devices to the corresponding groups on which the template is going to be applied.

• Ensure that the source firewalls and target firewalls are in Managed state in NSM. If not, then you need to synchronize the firewall before exporting, using the Action column.

  It is recommended that you force synchronize the source firewalls which will be exported after upgrading or using a new NSM release. Otherwise, the bug fixes and improvements on the firewall management inside NSM will not be reflected.

Exporting the Firewall Configuration into Template

To export firewall configuration into golden template

1. Navigate to Manage View > Firewalls > Inventory.

2. Choose a firewall and click on Export to Template.

   

3. On the Export to Template dialog page, enter the Template Name.

   

4. To enable automated deployment of the template configuration to Zero-Touch devices when the template is applied to target group(s) or device(s), enable or disable Zero Touch Provisioning option. Offline devices will be updated once they come online.

5. Enter a valid Description. This is an optional requirement.

6. Click Save to successfully export the firewall configuration into the golden template.

   Only the custom objects are exported to the template configuration. This helps you to exclude default configurations and successfully deploy other essential custom objects to factory default firewalls.

   The following configurations will not be exported to the template:

   • Time

   • VLAN Translation

   • Routing

Editing Golden Template

After successfully exporting the firewall configuration into the golden template you will be automatically directed to the Template page.

To edit golden template

1. Click the new template name or select Edit Template in the Action field to open the Template View.

2. Navigate to other options in Template View: Device, Network, Object, or Policy.

3. Manually make changes to the exported configuration and add variables for device specific values as needed.

   It is recommended that you do not delete the configurations from View Template Configuration as it breaks dependencies.

   Since physical WAN interfaces are not exported, edit physical WAN interface settings under Network > Interfaces in template.

4. After you update the template, click View Templates Details to view the exported configurations and new edits.

   

Applying Template to Device Groups or Devices

You need to apply a template to review any apply errors and edit the template if needed to fix the errors.

NSM identifies and groups dependent configurations automatically before committing it to unapplied firewalls.

To apply a template

1. Click on the Apply Template button on the Template View. You can apply template on the Manager View using on the Action column next to the template that you want to apply.

   

2. Select the device group(s) or devices within any group (s) to apply the template.

3. Click Save.

Committing and Deploying the Updates

1. Click on Commit & Deploy wizard from the Manager View.

   

2. Review devices and changes for deployment.

3. Create commit and deploy immediately or schedule for deployment later.

4. Once deployment is complete, review errors and make changes as needed.