Policy Versions
Each version of a policy has an associated version number. Edited policies automatically generate historical version numbers. Version numbering is implemented through the administration GUI using the edit subcommand of ssadm.
When a particular policy is superseded by a new version of that policy, the older version includes specific information and the actual content of the common object registry instead of just a reference. An older policy version can become invalid because of changes that have occurred in the network topology and hardware.
The types of polices are:
-
Policies that use the current set of common objects - These are the regular policies that share common objects with other regular policies.
-
Policies with a version number - A policy with a version number contains a snapshot of the current common objects that is embedded in the saved policy and the name of the policy then contains a dot followed by an incremental number. The higher the number, the later the version.
-
Currently Active Policy - This policy is extracted from the active policy. The currently active policy cannot be modified. You can save the common objects in the registry to a new version.
You can then make the common objects embedded in this version of the policy the current common objects, overwriting the existing set of common objects.
This approach enables you to save only the rules part of the versioned policy so that:
-
These rules become the current rule for this policy, for example the rules for policy Intial.10 can be made the rules for the current version of Initial.
-
You can copy the rule to a new name.
Note -The rules created in this way are used with the current set of common objects. On verifying this policy, you may have to fix any inconsistencies.
- © 2010, Oracle Corporation and/or its affiliates