When policies has changed (multiple times) and you need to deploy a Policy.
How can you verify the Difference / how can you compare the
- Policy to deploy - with the - Policy deployed?
before you kick of the task?
Accordingly to the Firepower Management Center 6.2.3 here is no options to compare Access Policies:
To review policy changes for compliance with your organization's standards or to optimize system performance, you can examine the differences between two policies or between a saved policy and the running configuration.
Are we the onlyone on the whole world needing this? I mean, CSM Cisco Security Manager has been able to do this since the last 10 years.....
Any Help/Hacks would be apriciated.
The feature is on the roadmap so that you have it under access control policy.
That said, currently, we have ways of checking what are the changes made in sections:
1. File Policy has an independent option available to compare file policy between revisions and between different file policy itself.
2. Intrusion policy also supports the same.
3. SSL supports the same.
4. DNS policies also have the same option.
In addition to it if the requirement is to determine the changes done within the access control policy you can follow the instructions in the document:
Hope this helps
The same feature is presently available for health policy as well as network analysis policy too.