NCC – Replicate Site-Wide Configuration
Zyxel Employee
Overview
The Replicate Site-Wide Configuration feature is part of Zyxel Nebula’s Configuration Management suite. It allows administrators to efficiently copy configuration templates from one site to another, greatly simplifying the setup of new sites and ensuring configuration consistency across multiple deployments.
With this enhancement, Zyxel Nebula now offers three key tools under Configuration Management:
- Synchronization Settings – for applying configuration updates to multiple existing sites.
- Replicate Site-Wide Configuration – for duplicating site-level configurations to new or other sites.
- Replicate Switch Setting – for copying switch-specific configurations.
What Is Configuration Management?
Configuration management in Nebula provides centralized tools for modifying or replicating site settings across multiple locations.
In earlier versions, Backup & Restore was grouped under Configuration Management. However, it has now been separated into an independent feature for easier access, while Replicate Site-Wide Configuration has been added as a new tool under the Configuration Management section.
Difference Between Synchronization and Replication
Function | Purpose | Typical Use Case |
|---|---|---|
Synchronization | Updates selected configuration items (e.g., SSIDs or switch profiles) across multiple existing sites. | Ideal for operational sites that need to align specific settings like guest WiFi SSID or power schedule. |
Replication | Copies an entire configuration blueprint from one site to another before deployment. | Used to speed up new site deployment by reusing proven configuration templates. |
Synchronization Use Cases
- Updating Guest WiFi settings: Sync SSIDs, authentication methods, and captive portal pages across branches.
- Updating switch port profiles: Apply standardized switch configurations to sites with similar architectures.
- Updating PoE schedules: Adjust power delivery plans to reduce energy consumption outside business hours.
Replication Use Cases
- Before deployment: Copy configurations from a “golden template” site to new locations.
- Rapid rollout: Ensure identical network and security policies across multiple new sites.
- Standardization: Maintain consistent network architecture while allowing per-site customization afterward.
Scope of Each Tool
We use the following picture to categorize which settings each tool covers. The color-coded boxes clarify which configuration sections belong to each tool category.
Special Case: Global vs Per-Device Settings
Some configuration pages (e.g., AP Port Settings) contain both:
- Global settings – apply across the site (e.g., enabling mesh or load balancing).
- Per-device settings – unique to each AP (e.g., PVID, VLAN assignment).
When using Replicate Site-Wide Configuration, only global settings are replicated. Per-device configurations remain unique to each site or device.
Supported Device Types
The Replicate Site-Wide Configuration supports:
- Access Points (APs)
- Switches
- Security Appliances
- Site settings
Each category has a defined set of settings eligible for replication. For example:
- SSID configurations and Captive Portal settings for APs
- Port profiles and PoE schedules for switches
- Routing and firewall rules for security appliances
Replicating Site Settings
When replicating Site Settings, only specific items are copied:
- Device Configuration: Admin credentials, access methods
- Captive portal reauth
Items such as site name, time zone, or location are not replicated since they are unique to each site.
Limitations and Rules When Replicating Security Appliance Settings
- Not Supported for USG FLEX H-Series
- Sites using H-Series appliances cannot replicate security appliance settings.
- Matching Model Required
- Both source and target sites must have the same security appliance model for replication to proceed.
- Source Site Must Have a Security Appliance
- If the source site lacks a security appliance, this category will be disabled for replication.
- Virtual Appliance Handling
- If the target site has no appliance, Nebula automatically creates a virtual security appliance object to receive the replicated configuration.
Replication Process
- Navigate to:Organization-wide > Configuration Management > Replicate Site-Wide Configuration
- Select:
- Source Site
- Target Site(s)
- Configuration Components (AP, Switch, Security Appliance, or Site Settings)
- Confirm:
- Review the summary window listing all components to be replicated.
- Click Confirm to begin.
- Replication Behavior:
- During replication, no configuration changes can be made to the source or target sites.
- Upon completion, a Replicate Completed notification bell appears.
- If a conflict occurs (e.g., someone edits settings during replication), the process will revert back both impacted sites to their previous state and display a notification such as:“Replicate Incomplete”
Special Handling Rules for Referenced Objects
Because site configurations may include assignable objects (e.g., port profiles, PoE schedules), NCC applies four rules to ensure consistency during replication:
Rule 1 – Update Shared Objects
If an object with the same name exists in both source site and target site, NCC updates the target site’s version to match the source.
Example: Port Profile B exists in both sites — the target’s version is updated to match the source’s settings.
Rule 2 – Add Missing Objects
Objects present in the source but absent in the target (e.g., PoE Schedule B) are automatically added to the target site.
Rule 3 – Remove Unmatched Objects
Objects found in the target but not in the source are removed after replication.
Example: PoE Schedule A exists only in the target — it will be deleted.
Rule 4- Unbind the Removed object
Additionally, if a removed object was assigned to another configuration (e.g., switch port binding), NCC automatically unbinds it to prevent broken references.
Example: PoE schedule A is removed from the target site after replication-NCC unbinds it from Switch Port 1 setting.
In sum, Replicate Site-Wide Configuration simplifies multi-site deployment in Nebula by enabling administrators to clone an entire site’s configuration to other sites safely and efficiently. Combined with Synchronization and Replicate Switch Setting, it provides a comprehensive, flexible framework for both ongoing network management and large-scale rollout.
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 202 Nebula Ideas
- 126 Nebula Status and Incidents
- 6.3K Security
- 512 USG FLEX H Series
- 328 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 49 Wireless Ideas
- 6.8K Consumer Product
- 288 Service & License
- 458 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 85 About Community
- 97 Security Highlight