8-67
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter8 Managing Deployment
Rolling Back Configurations
Roll back configurations only in extreme circumstances. Before rolling back configurations, carefully
read these topics:
Understanding Configuration Rollback, page 8-59
Understanding Rollback for Devices in Multiple Context Mode, page8-61
Understanding Rollback for Failover Devices, page8-61
Understanding Rollback for Catalyst 6500/7600 Devices, page 8-61
Understanding Rollback for IPS and IOS IPS, page 8-62
Commands that Can Cause Conflicts after Rollback, page 8-64
Commands to Recover from Failover Misconfiguration after Rollback, page8-65
Related Topics
Rolling Back Configurations to Devices Using the Deployment Manager, page8-65
Adding Configuration Versions from a Device to the Configuration Archive, page8-55
Chapter 8, “Managing Deployment”
Viewing and Comparing Archived Configuration Versions, page8-56
Step 1 Select Manage > Configuration Archive to open the Configuration Archive (see Configuration Archive
Window, page8-2 4).
Step 2 In the Device selector, select the device for which you want to roll back to a different configuration
version. The archived configurations appear in the right pane.
Step 3 Select the configuration version to which you want to roll back. You can roll back only to a configuration
that was deployed to the device or that originated from the device. You cannot roll back to a
configuration that was deployed to a file.
Tip To view the configuration version before rollback, click View.
Step 4 Click Rollback to deploy the selected configuration version to the device. A progress box appears,
followed by a notification message when the configuration version is successfully deployed.
Step 5 (Optional) To make the configuration defined in Security Manager consistent with the one running on
the device, rediscover the device policies as described in Discovering Policies on Devices Already in
Security Manager, page 5-15.
However, it is usually better to correct the policies for the device and to then redeploy the updated
configuration. This preserves your changes and shared-policy configuration for the device, which would
otherwise be removed if you rediscover policies.
Performing Rollback When Deploying to a File
You cannot directly perform rollback when deploying to a file instead of to a device. Use this procedure
to revert to a previously stored configuration when deploying to file.
Related Topics
Understanding Configuration Rollback, page 8-59