What You Need To Know About Zones; The Zone Screen - ZyXEL Communications ZyWALL USG 300 User Manual

Chapter 14 Zones

14.1.2 What You Need to Know About Zones

Effects of Zones on Different Types of Traffic
Zones effectively divide traffic into three types--intra-zone traffic, inter-zone traffic, and
extra-zone traffic--which are affected differently by zone-based security and policy settings.
Intra-zone Traffic
• Intra-zone traffic is traffic between interfaces or VPN tunnels in the same zone. For
example, in
zone traffic.
• In each zone, you can either allow or prohibit all intra-zone traffic. For example, in
167 on page
WAN zone.
• You can also set up firewall rules to control intra-zone traffic (for example, DMZ-to-
DMZ), but many other types of zone-based security and policy settings do not affect intra-
zone traffic.
Inter-zone Traffic
Inter-zone traffic is traffic between interfaces or VPN tunnels in different zones. For example,
in Figure 167 on page
is the normal case when zone-based security and policy settings apply.
Extra-zone Traffic
• Extra-zone traffic is traffic to or from any interface or VPN tunnel that is not assigned to a
zone. For example, in
traffic.
• Some zone-based security and policy settings may apply to extra-zone traffic, especially if
you can set the zone attribute in them to Any or All. See the specific feature for more
information.
Finding Out More
See Section 5.4.7 on page 113

14.2 The Zone Screen

The Zone screen provides a summary of all zones. In addition, this screen allows you to add,
edit, and zones. To access this screen, click Network > Zone.
274
Figure 167 on page 273, traffic between VLAN 2 and the Ethernet is intra-
273, you might allow intra-zone traffic in the LAN zone but prohibit it in the
273, traffic between VLAN 1 and the Internet is inter-zone traffic. This
Figure 167 on page
for related information on these screens.
273, traffic to or from computer C is extra-zone
ZyWALL USG 300 User's Guide
Figure