If reverting to an older revision of the Global Database, and a Global Policy is assigned to a Domain with a Global IPS subscription, then the Global IPS objects (profiles, exceptions, patterns, etc.) will not be updated properly.
This may result in an unexpected behavior, such as failure to assign a Global Policy, or inconsistency in Domain database.
The "Assign Global Policy" process compares the current global object timestamp to the last time when the "Assign Global Policy" or "Reassign" action was performed, in order to check if those objects must be updated.
If administrator reverts to an earlier Database Revision, the comparison will incorrectly identify the Global IPS objects as older, when compared to the last global policy assignment. Therefore, it will not update these objects on the Domain Management Servers.
Important Note: Perform the following procedure every time you restore a global database revision, prior to assigning the Global Policy to a Domain.
Follow any one of the following procedures to update the time stamps of global policy assignment and global IPS assignment:
If an administrator has reverted to an older database revision in the Global Database and has performed "Assign Global Policy" before the updating the time stamps (as described above), then one or more global IPS profiles might appear as regular profiles that have been defined at the Domain level (i.e., these IPS profiles may be edited and altered just like any other local IPS profile).
In such a case:
- Delete the problematic Global IPS profile using the Domain's SmartDashboard
- Update the time stamps as described above.
Failing to do so may result in a failure to assign or remove Global Policy later on.
- 01955854 , 01960801 , 01957167 , 01960795