Organization Adaptive Policy Configuration
Dashboard Location: Organization > Adaptive Policy
Organization-Wide Adaptive Policy and Dynamic Security Management
Section titled “Organization-Wide Adaptive Policy and Dynamic Security Management”Adaptive Policy configuration in Meraki organizations provides administrators with comprehensive dynamic security capabilities, enabling Security Group Tag (SGT) based network segmentation, policy-driven access control, contextual security enforcement, and automated security group assignment. This functionality supports zero-trust network architectures, micro-segmentation strategies, identity-based access control, threat containment, and dynamic policy enforcement based on user identity, device type, location, and behavioral analysis. Adaptive Policy is essential for advanced network security, regulatory compliance, data protection, insider threat mitigation, and maintaining granular security controls across distributed enterprise networks while supporting software-defined perimeter concepts and continuous security assessment.
Diagram
Section titled “Diagram”Classes
Section titled “Classes”organizations (meraki.domains)
Section titled “organizations (meraki.domains)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
adaptive_policy | Class | [adaptive_policy] | No |
adaptive_policy (meraki.domains.organizations)
Section titled “adaptive_policy (meraki.domains.organizations)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | min: 1 , max: 127 | No | |
settings_enabled_networks | List | String[min: 1 , max: 127 ] | No | |
acls | List | [acls] | No | |
groups | List | [groups] | No | |
policies | List | [policies] | No |
acls (meraki.domains.organizations.adaptive_policy)
Section titled “acls (meraki.domains.organizations.adaptive_policy)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | min: 1 , max: 127 | No | |
description | String | min: 1 , max: 1024 | No | |
rules | List | [rules] | No | |
ip_version | Choice | any , ipv4 , ipv6 | No |
groups (meraki.domains.organizations.adaptive_policy)
Section titled “groups (meraki.domains.organizations.adaptive_policy)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | min: 1 , max: 127 | No | |
sgt | Integer | min: 0 , max: 65535 | No | |
description | String | min: 1 , max: 1024 | No | |
policy_objects | List | String[min: 1 , max: 127 ] | No |
policies (meraki.domains.organizations.adaptive_policy)
Section titled “policies (meraki.domains.organizations.adaptive_policy)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
source_group | Class | [source_group] | No | |
destination_group | Class | [destination_group] | No | |
acls | List | String[min: 1 , max: 127 ] | No | |
last_entry_rule | Choice | allow , default , deny | No | |
organization_name | String | min: 1 , max: 127 | Yes | |
name | String | min: 1 , max: 127 | Yes |
rules (meraki.domains.organizations.adaptive_policy.acls)
Section titled “rules (meraki.domains.organizations.adaptive_policy.acls)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
policy | Choice | allow , deny | Yes | |
protocol | Choice | any , icmp , tcp , udp | Yes | |
log | Boolean | true , false | No | |
tcp_established | Boolean | true , false | No | |
source_port | Any | Integer[min: 0 , max: 65535 ] or String[matches: `(?:[1-9][0-9]3 | [1-5][0-9]4 | 6[0-4][0-9]3 |
destination_port | Any | Integer[min: 0 , max: 65535 ] or String[matches: `(?:[1-9][0-9]3 | [1-5][0-9]4 | 6[0-4][0-9]3 |
source_group (meraki.domains.organizations.adaptive_policy.policies)
Section titled “source_group (meraki.domains.organizations.adaptive_policy.policies)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | min: 1 , max: 127 | Yes | |
sgt | Integer | min: 0 , max: 65535 | No |
destination_group (meraki.domains.organizations.adaptive_policy.policies)
Section titled “destination_group (meraki.domains.organizations.adaptive_policy.policies)”Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | min: 1 , max: 127 | Yes | |
sgt | Integer | min: 0 , max: 65535 | No |
Examples
Section titled “Examples”Example-1: The example below demonstrates organization adaptive policy configuration using tested YAML configuration from pipeline fixtures.
meraki: domains: - name: !env domain administrator: name: !env org_admin organizations: - name: !env org adaptive_policy: settings_enabled_networks: - !env network_name policies: - name: Corp Policy organization_name: !env org source_group: name: USERS sgt: 30 destination_group: name: IOT sgt: 40 acls: - Permit Corp - Deny Corp last_entry_rule: allow groups: - name: USERS sgt: 30 description: Corporate Users # policy_objects: # - Corp Policy - name: IOT sgt: 40 description: Corporate IOT Devices # policy_objects: # - Corp Policy acls: - name: Permit Corp description: Permit Example rules: - policy: allow protocol: tcp source_port: 4000 destination_port: 6000 ip_version: ipv4 - name: Deny Corp description: Deny Example rules: - policy: deny protocol: tcp source_port: 4001 destination_port: 6001 ip_version: ipv4