Applies To:Show Versions
BIG-IQ Centralized Management
BIG-IQ® Security uses snapshots to protect the working-configuration set of the Security module. Thus, at any time, you can back up, restore, and deploy the BIG-IQ working configuration to a specific configuration state, or deploy a specific set of working configuration edits back to a BIG-IP® device. You can also compare one snapshot to another, or compare a snapshot to the BIG-IQ working configuration.
The Snapshots panel displays a list of imported snapshots. The system uses a naming convention that begins with Import and is followed by the self IP address or the management IP address, depending on how the device was discovered. You can also add snapshots through the New Snapshot panel and name the snapshot according to your own convention.
To display only those objects related to a specific snapshot, hover over the snapshot and when the gear icon appears, click it. Then, you can select Properties to display properties or Show Only Related Objects to filter by snapshot.
- Navigate to Snapshots.
- Hover in the Snapshots banner and click the + icon to display the New Snapshot screen.
Complete the property fields as required.
Option Description Name Type a name for the snapshot. Description Type a description (optional) that will assist in remembering the reason for the snapshot.
- Navigate to Snapshots.
- Select a snapshot, and click the gear icon to expand and display the specific snapshot's screen.
- Click Compare.
Indicate what you want to compare:
- Select Working Configuration to compare the selected snapshot to the BIG-IQ Security working configuration.
- Select Snapshot to compare the selected snapshot to a different snapshot.
To compare a snapshot with the selected snapshot:
- Drag-and-drop that snapshot from the Snapshots panel to this area, or click the Select Snapshot link.
- From the Select From Available Snapshots popup screen, select a snapshot and click Select.
Click Evaluate to start the comparison.
The Differences popup screen opens.
To display the JSON for each difference found, click a row in the table.
Textual JSON appears for each difference found; snapshot on the left and working configuration, or second snapshot on the right.
Differences are listed by: name (name of the shared object), type (type of object), change (added, modified, deleted), and device (blank unless the type is firewall).
Restoring the working configuration from a snapshot
You can restore the working configuration using a selected snapshot as input. This process does not delete any shared objects that might have been added since the snapshot was taken.
- Navigate to Snapshots.
- Hover over the snapshot containing the configuration you want to restore to, click the gear icon, and then click Properties.
In the expanded screen, click Restore.
You can also click the Compare tab to compare the selected snapshot against the working configuration or another snapshot before performing the restore.
- Working Configuration
- If you select Working Configuration and click Evaluate, a popup screen displays the differences in the JSON between the snapshot (at left in the table) and the working configuration (at right in the table). Click any row to view the JSON for the two objects. Differences are listed by: name (name of the shared object), type (type of object), change (added, modified, deleted), and device (blank unless the type is firewall). Click any row to view the JSON for the two objects.
- If you select Snapshot, specify the snapshot selected by clicking Select Snapshot or by dragging-and-dropping a snapshot to the Compare against field. Then, click Evaluate to view the differences in the JSON between the two snapshots. Differences are listed by: name (name of the shared object), type (type of object), change (added, modified, deleted), and device (blank unless the type is firewall). Click any row to view the JSON for the two objects.
In the popup screen, click OK to confirm that you want
This popup screen explains that this operation will restore the BIG-IQ Security configuration with the contents of this snapshot and remove all active locks. Once the process starts, you will be blocked from performing any other tasks or interacting with the UI in any way until the process is completed or canceled. If the operation is canceled, all configuration settings are rolled back to their state before the restore started.
- Navigate to the Snapshots panel.
Hover over the Snapshots header and click the + icon,
then click Delete Snapshots.
The Snapshots panel expands to show the All Snapshots screen which displays all Network Security snapshots, including their name, creation date, and the account used to create the snapshot.
Select the check box to the left of the one or more snapshots to delete and
click Remove. The Confirm Delete dialog box opens and
asks for confirmation; click Confirm to proceed with the
To select all snapshots for deletion, click the top most check box.The one or more snapshots are removed.
About snapshots in high-availability configurations
Snapshots require special consideration in high-availability (HA) configurations. For example, a scenario can occur where both peers think they are in the active state due to a disruption in communication or some other error condition.
If you take a snapshot when the system is in this condition, the snapshot Properties screen will display a message saying that the snapshot was taken when the peer device was unreachable.
When the peers are re-paired and re-synched, the snapshot will appear on both peers and both Properties screens will display the error message.
We recommend that you not attempt to restore such snapshots. The restore will likely fail and if it does not, the resulting configuration is unpredictable.