Prisma SD-WAN
Add a Security Policy Stack
Table of Contents
Add a Security Policy Stack
Learn about security policy stacks in Prisma SD-WAN.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
You can create a simple security policy stack
or an advanced security policy stack.
A simple security policy
stack has only one security policy set. The security policy set
has the same name as the security policy Stack. You can add security
policy rules directly to Simple Security Policy Set Stacks. This
simplifies the management of security policy stacks if you do not
need to leverage the stacking capabilities.
An advanced security
policy stack can accommodate a maximum of four policy sets and one
default rule policy set. The policy sets in a security policy stack
are ordered from left to right, with the left-most policy set designated
as the highest priority. A site will evaluate policy sets within
a stack based on the order of the policy sets.
- Add a simple security policy stack.
- Select .On the Add Security Stack screen, enter a Name for the stack, and an optional description and tags.(Optional) Select the Clone From Simple Security Stack check box to clone a stack and select a stack to clone from the Choose a Simple Security Stack.Save your changes.Add an advanced security policy stack.
- Select .On the newly added row in the Name column, click the ellipsis menu for the stack and select Edit Policy Set Stack Info.Enter a Name for the stack, and optionally enter description and tags and Save.
Bind Security Stacks to Sites
In order for stacked security policy rules to be active, bind security policy set stacks to a site. You can bind a single security policy set stack to a site at a time.- Select .For a site, select a security stack from the Security Policy Set Stack list and Save.(Optional) You can assign a security policy set stack to multiple sites at a time by selecting multiple sites, clicking Edit and selecting the security stack for assigning to sites.
