8-66
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 8 Managing Deployment
Rolling Back Configurations
Before You Begin
When you roll back a configuration, the action is not done as part of an activity or configuration session,
which means the device is not locked. Thus, it is possible that two users might roll back configurations
simultaneously on a device, which can generate unexpected problems. Before rolling back a
configuration, ensure that there are no active deployment jobs for the device listed in the Deployment
Manager window.
Related Topics
Viewing Deployment Status and History for Jobs and Schedules, page8-27
Job States in Non-Workflow Mode, page 8-4
Job States in Workflow Mode, page8-6
Step 1 Click the Deployment Manager button in the Main toolbar. Click the Deployment Jobs tab if it is not
active.
Step 2 Select the deployment job (which must be in the Deployed or Failed states) and click Rollback.
The Rollback a Job dialog box opens. The dialog box lists all of the devices included in the job, including
the name of the device, the deployment method (file or device), the status of the previous deployment,
and the name of the deployment job that last updated the device.
Step 3 Select the devices for which you want to roll back configurations by checking the check box in the
Selection column. You can select only devices that used the deploy to device method. By default, all the
devices with the status Succeeded are selected.
You can view the configuration that will be deployed to a device by highlighting the row for a device and
clicking the Preview Config button. You can compare it to the last deployed configuration or the current
running configuration. For more information, see Previewing Configurations, page 8-45.
Step 4 Click OK. You are asked to confirm the action.
Step 5 (Optional) To make the configuration defined in Security Manager consistent with the one running on
the device, rediscover the device policies as described in Discovering Policies on Devices Already in
Security Manager, page 5-15.
Using Rollback to Deploy Archived Configurations
You can roll back any configuration version from Configuration Archive to the device for which it is
archived, provided that the configuration was deployed to the device or originated from the device. The
rolled-back configuration then becomes another archived version in the list for that device. For
information on how to roll back a configuration that was deployed to a file, see Performing Rollback
When Deploying to a File, page 8-67.
Before You Begin
Tip When you roll back a configuration, the action is not done as part of an activity or configuration session,
which means the device is not locked. Thus, it is possible that two users might roll back configurations
simultaneously on a device, which can generate unexpected problems. Before rolling back a
configuration, check the Deployment Manager to ensure that there are no active deployment jobs for the
device (select Manage > Deployments).