How do I create a profile using the Director Management Console (DMC)?
I want to use one SG as the source of all my profiles for my SG appliances. How do I do this?
What is the difference between a Overlay file, a Profile, and a Backup of a SG appliance?
When should I use a unique profile for an SG appliance?
How do I turn one of my SG appliances into the Golden configuration ( a profile) that all my SGs can use?
How do I create an extra ad on file to send to my SG appliances, such as a refreshable?
What is a refreshable?
How to I create a backup of my SG appliances files?
How do I troubleshoot a profile?
NOTE: This article assumes you have registered your ProxySG appliances with the Director.
What is the difference between an overlay, a backup, and a profile?
The main difference between these three features of the Java based, Director Management Console (DMC) is their intent.
A profile is a set of configuration commands that is pulled from a optimally configured ProxySG appliance, saved in Director and then applied to on or more target devices. It allows you to replicate the configuration of a ProxySG appliance to one or more ProxySG appliances and is offers one way to standardize on the passwords for all ProxySG appliances throughout your network.
An overlay is a subset of the device configuration and is applied separately or on top of a profile to define additional configuration.It is designed to modify settings defined in a profile or to add device- or group-specific settings that are not included in the profile. When you execute an overlay, the updates or changes are merged into the existing configuration for the device or group of devices.
A back up saves the configuration of the ProxySG appliance and allows you to restore the appliance to a stable configuration, in the event that you face a problem with the managed device. This ProxySG appliance back up , also called a device back up, is stored on Director. By default, Director stores 10 backups for each ProxySG appliance. While a backup has the same contents as a profile, you must create a profile to configure other ProxySG appliances.
Should I use a separate Profile for each model?
There should be no reason to build different profiles for each model type, unless they’re meant to do different things. However,we suggest you use different profiles in these cases:
To create a profile, follow these steps.
1: Login to the Director Management Console ( DMC):
2: To send this profile back to this, and other SG appliances, follow these steps.
Warning: This profile may exclude SSL keyrings and passwords from the source Device. If such security credentials are required, modify the Director connection settings for the source Device to use SSH-RSA and recreate the Profile.
This will overwrite the existing configuration and reload the SG.
Profile execution complete for device "SG402"
To create a backup of a ProxySG appliance, follow these steps.
To create a overlay file, follow these steps:
1: All overlay, profiles, and Backup files are formed in the SGS own Command line syntax, and can be sent to them directly, through a SSH terminal session, using Putty, or something similiar. For example, in the 'sending a profile section above (section 2) , you can cut and past the contents you extracted in step 6, and send it to the SG directly through a SG Putty session, therebv bypassing the Director appliance.
2: Here are three examples of very generic overlay files. One creates BCWF fitler configuration and another creates a FTP ocation for the SG to send an access log two. Either of these overlay files could be cut and pasted into a putty sesion of any SG, thereby bypassing the Director. We suggest using this type of troubleshooting methodoly for Director profiles, overlay files, and backups.
1: Bluecoat webfilter example:
Steps to create the above BCWF setup overlay file.
2: Access logging example:
Steps in creating the above two sections of access log configuration.
3: For information on how to create a SG proxy PAC file, see KB1395
You can use this article in conjuction with the instructions above to standardize on your pac file settings accross your SG network.
Links to other relevant Articles:
For a list of what other CLI commands are sent to the SG while using a Profile, see FAQ1177
For a list of Command Line Interface syntax, see KB4178
For details on how to create a debug dump, an archive, and a overlay file, see KB1441
For details on how to create a overlay file that only contains KEY pair information, without config see KB3204
For details on an a device buffer overlfow error when editing a overlay, see KI380
Rate this Page
Please take a moment to complete this form to help us better serve you.