Add Stacked Security Policy Sets
Focus
Focus
Prisma SD-WAN

Add Stacked Security Policy Sets

Table of Contents

Add Stacked Security Policy Sets

Learn how to add stacked security policy sets.
Where Can I Use This?What Do I Need?
  • Prisma SD-WAN
  • Active Prisma SD-WAN license
Stacked security policy sets contain policy rules and are a part of Security Policy Set Stacks. A simple security policy stack contains a single security policy set. An advanced security policy stack contains multiple, ordered security policy sets.
There are two types of policy sets—Normal Policy Set and Default Policy Set. The Default Policy Set will have only the implicit policy rules i.e. Intra-Zone, Self-Zone and Catch-All Deny. The normal policy set will not have any implicit policy rules, that is, Intra-Zone, Self-Zone and Catch-All Deny.
You can create Security Policy Sets only through the Advanced view on the Security screen.
  1. Select ManagePoliciesSecuritySecurity StacksAdvancedSecurity SetsAdd Set.
  2. On the Add Security Policy Set screen, enter a Name for the Security policy set, and enter an optional description and tags.
  3. Optional Select the Clone From a Policy Set check box to clone a policy set and select a policy set to clone from the Choose a Policy Set.
  4. Optional Select the Clone From an Original Policy Set check box to clone a policy set created under Security Policies (Original) and select a policy set to clone from the Choose an Original Policy Set.
  5. Click Done to submit your changes.

Add a Security Policy Set to a Security Stack

After creating security policy sets, you need to add these policy sets to a security stack. Note that you can add security policy sets to Security stacks only via the Advanced view on the Security screen.
  1. Select ManagePoliciesSecurity Security StacksAdvanced.
  2. Select a security stack for adding a security policy set.
  3. Select a policy set from the Policy Set list, and then Save.
    You can assign up to 4 policy sets to an advanced security stack.
    You can convert a simple security stack to an advanced security stack by assigning more than one policy set to the simple security stack.