Security policies define the zone-based
firewall rules that determine application access within a branch.
They allow or deny application access and traffic within a zone
or across zones based upon administrator specified zone definitions,
prefix filters, and actions.
Security policies are made up of security policy
sets and are provisioned globally at a branch site or locally at
any remote branch office. These policies, at all times, supersede
network policies.