Zones
Set up zones to configure network security and network policies in the ZyWALL. See the Zones section for related information on these screens.
Zones Overview
A zone is a group of interfaces and VPN tunnels. The ZyWALL uses zones, not interfaces, in many security and policy settings, such as firewall rules and remote management.
Zones cannot overlap. Each Ethernet interface, VLAN interface, bridge interface, PPPoE/PPTP interface, auxiliary interface, and VPN tunnel can be assigned to at most one zone. Virtual interfaces are automatically assigned to the same zone as the interface on which they run.
Effect of Zones on Different Types of Traffic
Zones effectively divide traffic into three types--intra-zone traffic, inter-zone traffic, and extra-zone traffic--which are affected differently by zone-based security and policy settings.
Intra-zone traffic is traffic between interfaces or VPN tunnels in the same zone. In each zone, you can either allow or prohibit all intra-zone traffic. You can also set up firewall rules to control intra-zone traffic, but many other types of zone-based security and policy settings do not affect intra-zone traffic.
Extra-zone traffic is traffic to or from any interface or VPN tunnel that is not assigned to a zone. Some zone-based security and policy settings may apply to extra-zone traffic, especially if you can set the zone attribute in them to Any or All. See the specific feature for more information.
Zone Summary
The Zone screen provides a summary of all zones. In addition, this screen allows you to add, edit, and remove zones.
Zone Add/Edit
The Zone Add/Edit screen allows you to define a zone or edit an existing one.