This disclosure generally relates to hierarchical policies in a network. The emergence of software-defined wide-area-network (SDWAN) technology promises to simplify networking so that end-users can focus on their business critical applications, and not worry about their underlying network. Network administrators and end-users use policies to control how a network behaves for different types of traffic, applications, etc. When the number of policies or rules required to configure a network is small, it is fairly easy to just create them one by one. However, complex networks are not that simple. There will be exceptions to global policies that must be added. As the number of exceptions grows, then exceptions to the exceptions will arise when policies are not well thought out. Unfortunately, when there are 20, 50, or over 100 policy rules, it becomes very difficult for the network administer to ensure correctness of those rules, and it also becomes difficult to understand the implications of adding/deleting/modifying the policy rules. Incorrectly adding, deleting, or modifying a rule can have a potentially catastrophic impact on the network.
Therefore, what are needed are techniques and systems to provide network administrators and operators to define policies without the above-mentioned drawbacks.