To use VMware Cloud Web Security, a user must first create, configure a Security Policy, and then apply the policy.

Security policies are created and edited on the New UI of the VMware SD-WAN Orchestrator.


To configure a Cloud Web Security (CWS) policy, a user must have one of the following roles:
  • An Operator with a superuser or standard roles.
  • A Partner user with a superuser or standard role.
  • A Customer user with a superuser, standard, or security admin role.


  1. In the Orchestrator portal, click the Open New Orchestrator UI option available at the top of the Window.
  2. Click Launch New Orchestrator UI in the pop-up window. The UI opens in a new tab.
  3. From the SD-WAN drop-down menu, select Cloud Web Security.
    The Cloud Web Security page appears.

    On the Cloud Web Security page, user can view, create, and edit CWS policies, and monitor the application of CWS policies.

  4. To create a new Security Policy, click the Configure tab in the left hand corner of the page, and then click NEW POLICY.
    The Create a new Security Policy pop-up window appears.
  5. In the textbox, enter the name for the Security Policy and click CREATE.
    Note: The policy name must be a continuous text string with no spaces.


A Security Policy is created and appears in the Security Policies page.

What to do next