Manage: Security Policy
Focus
Focus
Strata Cloud Manager

Manage: Security Policy

Table of Contents

Manage: Security Policy

Learn how to manage Security Policy.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Panorama or Strata Cloud Manager)
  • NGFW, including those funded by Software NGFW Credits
Each of these licenses include access to Strata Cloud Manager:
→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.
Your security policy is where you define how you want to enforce traffic in your Prisma Access and NGFW deployments. All traffic that passes through your Strata Cloud Manager environment is evaluated against your security policy, and rules are applied from the top down.
To set up your security policy, go to ManageConfigurationNGFW and Prisma AccessSecurity ServicesSecurity Policy.

Get Started with Security Policy

Here are some things you can do now to make security policy work for you.
  • Create a Security Policy Rule – Security policies allow you to enforce rules and take action, and can be as general or specific as needed.
  • Track Rules Within a Rulebase – Each rule within a rulebase is automatically numbered; when you move or reorder rules, the numbers change based on the new order.
  • Enforce Policy Rule Best Practices – When creating or modifying rules, you can require a rule description, tag, audit comment, etc. to ensure your policy rulebase is correctly organized and grouped, and to preserve important rule history for auditing purposes.
  • Test Policy Rules – Use the Policy Analyzer check policy rules.
  • Activate a Security Profile – A security profile is applied to scan traffic after the application or category is allowed by the Security policy.
  • Create a Security Profile Group – A security profile group is a set of security profiles that can be treated as a unit and then easily added to security policies.
  • Set Up File Blocking – Identify specific file types that you want to want to block or monitor.
  • Create a Data Filtering Profile – Keep sensitive information from leaving your network.
  • Manage Web Security – Control access (general browsing) to the internet and SaaS applications.