Install policies
After creating or editing a policy, you must install or refresh the policy on the engine.
Policy installation transfers any new engine configuration information in addition to the policy. Whenever you update the engine’s configuration, you must reload the policy on the engine so that the changes take effect. These changes include, for example, changes in the routing configuration, the VPN configuration, and the properties of the NGFW Engine element itself. You must reload the policy even if the changes are not directly related to the rules in the policy.
If the policy installation fails, the system automatically rolls back to the previously installed configuration. By default, a rollback also occurs if the system detects that the new policy or related configuration (such as routing configuration) does not allow the Management Server to connect to the engines. This safety feature prevents you from inadvertently installing a configuration that would cause the critical management connections to fail.
You can only install Policy elements. Template Policy and Sub-Policy rules are installed as part of the main Policy. A Policy Snapshot is automatically created each time you install or refresh a policy. You can install a policy through the Policy element or through the engine element. The following procedure explains the first method.
For more details about the product and how to configure features, click Help or press F1.