Defining Zone elements
Zone elements allow you to group network interfaces of Engine, IPS, and Layer 2 Engines.
You can use Zones to specify the receiving or sending interfaces in policies. The Zone element represents all interfaces that belong to the Zone. All rules that include a Zone element also apply to any new interfaces that you associate with the same Zone.
There are several predefined System Zones available:
- DMZ: interfaces connected to DMZ networks.
- External: interfaces connected to the Internet or other external networks.
- Guest: interfaces connected to guest networks.
- Internal: interfaces connected to internal networks.
- Node-internal: Engine, IPS, and Layer 2 Engine nodes themselves. This Zone is automatically assigned to interfaces through which traffic to or from the engine node travels. It cannot be assigned to other interfaces, but it can be used in policies.
Zone Properties dialog box
Use this dialog box to define the properties of a zone.
Option | Definition |
---|---|
Name | Specifies the element name. |
Category
(Optional) |
Allows you to flexibly filter your Management Client view. |
Select | Opens the Category Selection dialog box. |
Comment
(Optional) |
Specifies useful information to administrators. |