Prisma SD-WAN Stacked Security Policies
Focus
Focus
Prisma SD-WAN

Prisma SD-WAN Stacked Security Policies

Table of Contents

Prisma SD-WAN Stacked Security Policies

Learn how to configure stacked security policies.
Where Can I Use This?What Do I Need?
  • Prisma SD-WAN
  • Active Prisma SD-WAN license
Prisma SD-WAN supports stacked security policies to translate business security intent and requirements into configurable security policy rules that determine connectivity and secure access. Stacked security policies use security policy set stacks, security policy sets, and security policy rules to control access to applications. The stacked security policy constructs include applications, prefix filters, zones, security policy sets, security policy rules, and actions. The information specified for these constructs defines the security policy you want to implement.

Security Policy Migration

Prisma SD-WAN supports stacked network and security policies. If you are a new user starting with Release 6.0.1, you can configure only stacked network and security policies. You will not be able to view or access Security Policies (Original).
If you have configured original or legacy policies, you have to migrate these legacy policies to stacked policies before you can upgrade your device to Release 6.0.1.
See the relationship between Security Policies (Original) and Stacked Security Policies based on the ION device versions. If you are:
  • Using ION device version 5.5 or lower and you have configured Security Policies (Original)
    You can configure stacked security policies, but unless you upgrade your device to version 5.6 or higher, you cannot use the stacked security policies. You can continue using the original security policies.
  • Using ION device version 5.5 or lower and you have not configured Security Policies (Original)
    You can configure stacked security policies, but unless you upgrade your device to version 5.6, you cannot use stacked policies. You will not be able to view or access Security Policies (Original).
  • Using ION device version 5.6 or higher, but lower than 6.0.1, and you have configured Security Policies (Original)
    If you try to upgrade your device to a device version 6.0.1 or higher without converting your legacy policies to stacked policies, you will receive an error message.
  • Using ION device version 5.6 or higher and you have not configured Security Policies (Original)
    You will have to configure stacked security policies. You will not be able to view or access Security Policies (Original).