Security Zone-Policy Zone <Zone - Brocade Communications Systems 5600 vRouter Configuration Manual

security zone-policy zone <zone>
Defines a security zone policy.
Syntax
set security zone-policy zone
delete security zone-policy zone [
show security zone-policy
Parameters
zone
Multimode. The name of a security zone. The name can be as many as 18 characters long.
You can define more than one security zone by creating more than one zone-policy zone configuration node.
Modes
Configuration mode
Configuration Statement
security {
zone-policy {
zone zone {
}
}
}
Usage Guidelines
In the vRouter, a zone is defined as a group of interfaces that have the same security level. After a zone is defined, a filtering
policy can be applied to traffic flowing between zones.
By default, traffic to a zone is dropped unless a policy has been defined for the zone sending the traffic. Traffic flowing within a
zone is not filtered.
When defining a zone, keep the following in mind:
∙
An interface can be a member of only one zone.
∙
An interface that is a member of a zone cannot have a firewall rule set directly applied to it.
∙
For interfaces not assigned to a zone, traffic is unfiltered by default. These interfaces can have rule sets directly applied
to them.
Use the set form of this command to define a security zone.
Use the delete form of this command to delete a security zone.
Use the show form of this command to display the configuration of a security zone. See
90
zone
zone ]
Zone-Based Firewall Commands
show zone-policy on page 89.
Brocade 5600 vRouter Firewall Configuration Guide
53-1004253-01