Prisma SD-WAN
Modify and Delete Policy Rules and Sets
Table of Contents
Expand All
|
Collapse All
Prisma SD-WAN Docs
-
-
-
- CloudBlade Integrations
- CloudBlades Integration with Prisma Access
-
-
-
-
- 5.6
- 6.1
- 6.2
- 6.3
- 6.4
- 6.5
- New Features Guide
- On-Premises Controller
- Prisma SD-WAN CloudBlades
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
Modify and Delete Policy Rules and Sets
In Prisma SD-WAN you can modify and delete the created
policy rules or sets.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
In Prisma SD-WAN, after you create security policy sets and
security policy rules, you can
edit the sets and rules, if needed. You can edit the name and description for security
policy sets, clone
an existing security policy set to create a new policy set, or delete a
security policy set if not required.
Change Security Rule Order
In Prisma SD-WAN, security policy rules are evaluated in order. If
network traffic matches the first rule in a policy set, that rule is applied and
access is allowed, denied, or rejected. If traffic passing from the source zone
to the destination zone doesn’t match the first rule; it is evaluated against
the next rule in the policy set until a matching rule is applied.
You can change the order in which the security policy rules are evaluated by
specifying a numerical order value or by dragging and dropping the rule
definition to a new location in the graphical representation of the security
policy set as part of it. For example, to change the second rule in a policy to
be the first rule checked, you can change its policy set position.
- Select ManagePoliciesSecurity(Original)and select a security policy set.Select a policy rule block, drag it to a new position and Save Ranking.
Manage Existing Security Policy Rules
In Prisma SD-WAN, you can modify, disable, monitor, delete, or view change history for any security policy rule in a set.- Select ManagePoliciesSecurity(Original)and select a security policy set.Select a security policy rule, to display operations in a toolbar, and select an icon for the task you want to perform.
Edit a Security Policy Set
In Prisma SD-WAN, if you want to modify the name or description for a security policy set without changing any of its security policy rules, you can edit the policy set.- Select ManagePoliciesSecurity(Original)and select a security policy set.Click the ellipsis menu next to the policy set name, select Edit Name & Description enter a new name and description for the security policy set, and Save.
Clone a Security Policy Set
In Prisma SD-WAN, if you want to use an existing security policy set as a template then modify its security policy rules and site binding, you can clone the policy set.- Select ManagePoliciesSecurity(Original)and select a security policy set.Click the ellipsis menu next to the policy set name, select Clone Set.Enter a new name for the cloned security policy set, and Clone Set.Return to the list of security policies and select the cloned policy set and Edit, disable or delete the set's cloned security policy rules.
Delete a Security Policy Set
In Prisma SD-WAN, if you want to remove a security policy set and all of its security policy rules, you must remove any site binding. When the security policy set is no longer bound and used by any site, you can delete it.- Select ManagePoliciesSecurity(Original)and select a security policy set.Click the ellipsis menu next to the policy set name, and select Delete Set.If any of the sites are not using the policy set, you can confirm that you want to delete the set by clicking OK.