Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 2801 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

diferent whether I choose type LAN vs DMZ for a new zone

Pavel Vanek

Hallo,

 

could you guys explain how it is diferent whether I choose type LAN vs DMZ for a new zone I am creating? Does the new one inherit something from its parent?

I red just about everything internet has to offer with no clear vision what is really going on.

 

Thank you Pavel



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    Thank you for contacting us.

    You can configure any zone type, there is no such difference than the name of the zones. It is just to distinguish your network and have a better understanding and scenario.

    https://community.sophos.com/kb/en-us/126185

  • 0 in reply to Keyur

    Thank you, I know that link. It says:

    You may also create new zones; they will either be DMZ or LAN type.

    • LAN: You may create new custom LAN zones if you want to further segment your network. For example, you can have one LAN zone for sales and a separate zone for engineering.
    • DMZ: You may have up to 5 ports connected. A business application rule will still be needed to make them publically acceptable

    But is there a real diferent or is it only the name LAN vs DMZ? I see that even LAN zone type with a business application rule can be used as DMZ type? Is there a reason why not all zones shlould be LAN type?

Reply
  • 0 in reply to Keyur

    Thank you, I know that link. It says:

    You may also create new zones; they will either be DMZ or LAN type.

    • LAN: You may create new custom LAN zones if you want to further segment your network. For example, you can have one LAN zone for sales and a separate zone for engineering.
    • DMZ: You may have up to 5 ports connected. A business application rule will still be needed to make them publically acceptable

    But is there a real diferent or is it only the name LAN vs DMZ? I see that even LAN zone type with a business application rule can be used as DMZ type? Is there a reason why not all zones shlould be LAN type?

Children
  • 0 in reply to Pavel Vanek

    Hi  

    There is no such real difference. It just to separate your network, if you place your server in DMZ zone and want to apply access restriction from LAN users than LAN to DMZ firewall rules can be configured.

  • 0 in reply to Keyur

    This wording is indeed very bizarre:

    DMZ: You may have up to 5 ports connected

     

    Pretty sure there is no difference as per the second answer!

    This is a leftover from Cyberoam days as it used to ask you on those as well - It's been a while since I did my Cyberoam CCNSE but I don't think it had any feature then either!