We can then administer shared policy rules across both device
groups as well as administer distinct device group rules for the
regional office and branch office groups. Then for added flexibility,
the local administrator at a regional or branch office can create
local rules that match specific source, destination, and service
flows for accessing applications and services that are required
for that office. In this example, we create the following hierarchy
for security rules. you can use a similar approach for any of the
other rulebases.