Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 5300 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best practices for Zones

contact.pl contact.pl

Hi,

I have 4 VLAN's for different types of users: office, it, call center agents, guests. Initially I though of creating custom zone for each VLAN but after some thinking I am leaning toward keeping just one zone and using filters based on network in rules. So my main question is - when would I need to create custom zone? Currently if I am not mistaken zone mainly has impact on services which are visible to users like (DNS, ping, authentication etc).

Pawel



This thread was automatically locked due to age.
  • +1

    Pawel,

    Device access is one of the reason as you wrote. Using firewall rules, you can apply source/destination network or use zones...

    Think about zones as grouping networks logically.

    For example I always create zones for remote sites when the customer has more than one branch office. Creating zones per each vlan is another good approach but it depends on how many vlan you have (I do not know the maximum number of allowed zones that can be created).

    Hope it helps!

    Regards

  • 0 in reply to lferrara

    As usual - thanks for the answer. Playing a little more with rules, I think I will go with less zones and will use network to filter down to specific vlan.