Import and Export Orchestrated Policies

Starting in software version 5.11.00, you can import and export an orchestrated policy in YAML format. This allows you to bulk deploy the policies.

The following are the advantages of importing and exporting policies:

  • Retrieve a policy that was deleted unintentionally.
  • Deploy the policy in another device.
  • Re-deploy a policy in the device after GigaVUE-FM is upgraded to a new version (in case of issues in the existing solution).

The YAML file contains the following information:

  • Policy
  • Sources
  • Rules
  • Packet Transformation
  • Destination

The below is the Import and Export Policy sample template of a YAML file. You can use the following sample template as a reference while building a policy in YAML format.

name: <PolicyExample>
priority: false
deployed: false
source leader in a bidirectional clock relationship (formerly master):
- <IP address of the device>:<Port Number>
- <Network Name>
- ruleName: <Rule Name>
tags: chicago
type: pass
highPriorityDrop: false
- criteria1:
- type: ipSrc
- <IP address of the device>
- <IP address of the device>
- type: portSrc
addresses: 5
- type: ipVer
addresses: 4
- criteriaWithBinding
- type: dedup
action: drop
timer: 50000
ipTclass: include
vlan: ignore
tcpSeq: include
ipTos: include
- Slicing-gsApp
- Tool1
# it is practical to have all the tool bindings separate from the policy body in order to leave the policy body as an abstract policy template
- toolName: Tool1
# in the future we may have also metadata receivers
receiverType: packets
groupingType: replicate
- type: port
- Generic2:22/3/x1
# possibly more tool bindings...
- sourceName: ChicagoServers
# in the future we will have various types including types that reflect tunnelling arrangements
- type: port
clusterName: <ClusterName>
- cluster1:22/2/x12
- cluster2:22/2/x11
- criteriaName: CriteriaWithBinding
- type: ipDest
- <IP address of the device>
- <IP address of the device>
- type: port
- 5

Rules and Notes

Refer to the following rules and notes:

  • You can export policies that either deployed or undeployed. However, when you import a policy, it will be in undeployed status. You must manually deploy the imported policy.
  • You cannot import or export the egress port filters in a policy. You must manually apply them.
  • When you export a policy that has GigaStream , port groups and other such groups, you must ensure that those groupings exist when you import the same policy. This also applies to tools that were created through the tool wizard.
  • Port types involved in a policy that is exported must not be changed when trying to import the same policy.
  • If templates were used to create a policy that was exported, then those templates must remain when importing a policy.
  • You can import and export several policies in one operation.

Import and Export Orchestrated Configuration

To export a policy:

  1. In the Policies page, select the policy that must be exported.
  2. Select Actions and click Export Policy. The policy is downloaded as an YAML file.
  3. Save the file to the required location.

To import a policy:

  • In the Policies page, select Actions and click Import Policy.
  • Browse to the folder that has the required policy file in YAML format.
  • Select the file and click Open. The Import button gets activated.
  • Click Import and refresh the page.