Export and Import Policy Files

From each rule management page on the ESM Console, you can import and export rules. This enables you to:
  • Back up user-defined rules before migrating or upgrading to a new version of the ESM Console.
  • Back up user-defined rules before deploying a policy to multiple independent ESM Consoles.
  • Import user-defined rules from another ESM Console (running the same version).
  • Update your default security policy with the latest recommendations and best practices from Palo Alto Networks.
The ESM Console supports the ability to import both user-defined rules and default security rules.
When you import a policy file that contains multiple types of rules, the ESM Console automatically determines the rule type and distributes the rules to their respective rule management pages. When you export a policy or set of rules, you can only export user-defined rules of the same type. This is because you must select the rules from a single rule management page when you perform the export. When you export rules, the ESM Console saves them to an XML file in the location of your choice.
When you import user-defined rules, the ESM Console appends the rules to the existing policy and assigns each rule a unique ID number. When you install a content update to import the latest default security rules, the ESM Console overwrites the existing rules with the updated policy. When available, you can download the latest default security policy from the Dynamic Updates section of the Support portal.

Related Documentation