Add policy group

Updated: March 10, 2026

Want to summarize with AI?

Configure a policy group to deploy to devices.

Create a policy group that can be deployed to devices to manage application priority, security policies, and other network configurations.

Procedure

From the Cisco SD-WAN Manager menu, choose Configuration > Policy Groups > + Add Policy Group.

Enter a Policy Group Name, choose a Solution from the drop-down list and provide a description (optional).

Table 1. Policy group parameters
Field	Description
Policy Group Name	Specify the name of the policy group. This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (–), and underscores (_). It cannot contain spaces or any other characters.
Description	Provide a description for the policy group. It can contain up to 2048 characters including spaces.
Policy
Application Priority & SLA	Choose an application priority for the policy group from the drop-down list. Click Create New to create a new application priority.
Embedded Security	Choose an embedded security policy from the drop-down list. Click Create New to create a new embedded security policy by selecting a configuration group, creating firewall policies, and other configuration settings.
Secure Internet Gateway	Configure the Secure Internet Gateway (SIG) tunnels before you apply a data policy for redirecting application traffic to an SIG. Select a Secure Internet Gateway (SIG) policy from the drop-down list. Click Create New to create a new SIG policy.
DNS Security	Select a DNS Security policy from the drop-down list. Click Create New to create a new DNS Security policy.

Click Create.

Note

If you have already created a policy group, click the policy group from the list of available policy groups to edit.

Click Save to save your configuration.

Click the pencil icon to select or unselect devices to associate or dissociate with the policy group.

Note

Starting from Cisco Catalyst SD-WAN Manager Release 20.15.1, click +Add adjacent to Associated field to select or unselect devices to assoicate or dissociate with the policy group. In the associate devices workflow, you can choose devices based on Regions and not just Sites.

Click Deploy to select sites and deploy the policy group.

The policy group is created and deployed to the selected devices. To delete a policy group, select the ellipsis icon (...) to the right of the policy group and click Delete.

Need help?

Open a support case

(Requires a Cisco Service Contract)

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.