Focus

Prisma SD-WAN

Configure Device Management Policy

Table of Contents

Filter

Expand All | Collapse All

Prisma SD-WAN Docs

Activation & Onboarding
Administration
CloudBlades
Select a Document
- CloudBlade Integrations
- CloudBlades Integration with Prisma Access
Deployment
Incidents & Alerts
Reference
Release Notes
Select a Document
- 6.5
- 6.4
- 6.3
- 6.2
- 6.1
- 5.6
- New Features Guide
- On-Premises Controller
- Prisma SD-WAN CloudBlades
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed

Device Management Policies

Create a Security Policy Set

Configure Device Management Policy

Prisma SD-WAN allows to create, modify, and delete device management policies.

Where Can I Use This?	What Do I Need?
Prisma SD-WAN	Prisma SD-WAN license

If a site has two devices configured for High Availability (HA), you must apply this configuration to each device individually.

To configure access for a specific interface, you can perform several actions: review existing policies, create new ones, or delete those you no longer need.

Reviewing Policies: Start by reviewing any policies that have already been created for the interface.
Creating a New Policy: To create a new policy, first select the interface. Then, specify the desired access (for example, Allow Ping, Allow SSH). You must also provide a name for the policy extension, such as "remote-monitoring," and a prefix for the policy to define the source of the traffic.
Deleting Policies: You can delete existing policies as needed to remove access rules.
Disabling a Policy: The Disabled button is a useful feature for troubleshooting. It allows you to keep a policy configuration in place while temporarily bypassing its rules without having to delete them.

Create a New Device Management Policy

Select ConfigurationResourcesDevice Management Policy.
In the Choose Site, Element section, search for a Site and select it.
Choose the Element (ION device) from the dropdown.
A list of all interfaces on the selected ION device, including all sub-interfaces, is displayed.
Select the Interface to which the policy is to be applied and click Get.
In the View/Set Configuration section, fill in the policy details:
- Name: Enter a name for the policy.
- Namespace: This field is auto-filled.
- Interface: This field is auto-filled.
Enter the Prefix (IPv4 or IPv6), select the App (for example, Ping), and choose an Action (for example, Allow).
Click Submit to save the new policy.

Modify or Delete a Policy Rule

In the Choose Site, Element section, select the Site, Element, and Interface associated with the policy you want to change. Click Get.
The View/Set Configuration section displays the existing policy rules.
To edit a rule, you can modify the Prefix (IPv4 or IPv6), App, or Action for the desired line item.
To delete a rule, locate the specific rule you want to remove and click the Delete button next to it.
After making your changes, click Submit to update the policy.

Device Management Policies

Create a Security Policy Set

Prisma SD-WAN Docs

Configure Device Management Policy

Prisma SD-WAN Docs

Configure Device Management Policy

Create a New Device Management Policy

Modify or Delete a Policy Rule

Activation & Onboarding

SASE

Visibility & Monitoring

FedRAMP

Hardware Reference

Hardware Quick Start Guides

Virtual ION Deployment

Prisma SD-WAN Integration

Prisma SD-WAN Experts Corner

Best Practices

Resources