When defining establishing the scope of a security policy scope for an external network behind protected by a DNS firewall, it is permissible to include overlapping subnets containing that contain IP addresses, hosts, or subnets included already defined in other security policies within an the organization are allowed. In such cases, security policy precedence determines which security policy these instances, the precedence of security policies will dictate which policy takes priority, applying the one with the highest precedence applies to the respective IP addresses, hosts, or subnets. Subnets not already assigned to another Additionally, subnets that have not been allocated to any existing security policy within the organization can be added to incorporated into a different security policy within under the same account.
If a public IP address or subnet is mistakenly added to an organization's security policy and has already been registered by another organization, the system will prevent its addition. In this scenario, the organization attempting to add the IP address or subnet will receive a notification, as overlapping public IP addresses or subnets between organizations are not permitted.
For information on network scope, see Configuring Network Scopes.
...