>
    Strata Copilot
    Modify and Delete Policy Rules and Sets
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma SD-WAN
    3. Prisma SD-WAN Administrator’s Guide
    4. Prisma SD-WAN Stacked Security Policies
    5. Security Policies (Original)
    6. Modify and Delete Policy Rules and Sets
    Download PDF
    Prisma SD-WAN

    Modify and Delete Policy Rules and Sets

    Table of Contents

    Modify and Delete Policy Rules and Sets

    In Prisma SD-WAN you can modify and delete the created policy rules or sets.
    Where Can I Use This?What Do I Need?
    • Prisma SD-WAN (Managed by Strata Cloud Manager)
    • Prisma SD-WAN
    In Prisma SD-WAN, after you create security policy sets and security policy rules, you can edit the sets and rules, if needed. You can edit the name and description for security policy sets, clone an existing security policy set to create a new policy set, or delete a security policy set if not required.

    Change Security Rule Order

    In Prisma SD-WAN, security policy rules are evaluated in order. If network traffic matches the first rule in a policy set, that rule is applied and access is allowed, denied, or rejected. If traffic passing from the source zone to the destination zone doesn’t match the first rule; it is evaluated against the next rule in the policy set until a matching rule is applied.
    You can change the order in which the security policy rules are evaluated by specifying a numerical order value or by dragging and dropping the rule definition to a new location in the graphical representation of the security policy set as part of it. For example, to change the second rule in a policy to be the first rule checked, you can change its policy set position.
    1. Select a policy rule block, drag it to a new position and Save Ranking.

    Manage Existing Security Policy Rules

    In Prisma SD-WAN, you can modify, disable, monitor, delete, or view change history for any security policy rule in a set.
    1. Select a security policy rule, to display operations in a toolbar, and select an icon for the task you want to perform.

    Edit a Security Policy Set

    In Prisma SD-WAN, if you want to modify the name or description for a security policy set without changing any of its security policy rules, you can edit the policy set.
    1. Click the ellipsis menu next to the policy set name, select Edit Name & Description enter a new name and description for the security policy set, and Save.

    Clone a Security Policy Set

    In Prisma SD-WAN, if you want to use an existing security policy set as a template then modify its security policy rules and site binding, you can clone the policy set.
    1. Click the ellipsis menu next to the policy set name, select Clone Set.
    2. Enter a new name for the cloned security policy set, and Clone Set.
    3. Return to the list of security policies and select the cloned policy set and Edit, disable or delete the set's cloned security policy rules.

    Delete a Security Policy Set

    In Prisma SD-WAN, if you want to remove a security policy set and all of its security policy rules, you must remove any site binding. When the security policy set is no longer bound and used by any site, you can delete it.
    1. Click the ellipsis menu next to the policy set name, and select Delete Set.
      If any of the sites are not using the policy set, you can confirm that you want to delete the set by clicking OK.

    © 2026 Palo Alto Networks, Inc. All rights reserved.