Creating Zone Sets

Use zone sets page to group one or more zones and reference them in the global firewall group.

A zone set is a grouping of one or more zones in a network to regulate and secure traffic through the security platform running Junos OS. With the zone-based security, you can define multiple security zones, group similar interfaces, and apply the same policies to the zones to avoid creating multiple policies across every possible interface.

Zone sets are referenced in the global firewall group to provide you with the flexibility to perform actions on traffic without the restrictions of zone specifications.

Before You Begin

Procedure

To configure a zone set:

  1. Select Configure > Shared Objects > Zone Sets.
  2. Click the + icon.
  3. Complete the configuration according to the guidelines provided in the Table 295.
  4. Click OK.

A new zone set with the predefined configurations is created. You can use this zone set in firewall policy.

Table 295: Zone Set Settings

 

Settings

Guidelines

Name

Enter a unique name for the zone set that begins with alphanumeric characters. Colons, periods, slashes, dashes, and underscores are allowed. The maximum length is 63 characters.

Description

Enter a description for the zone set; maximum length is 1024 characters.

Zones

Select one or more predefined or unique zones from the Available column for inclusion in the zone set. For example: DMZ, junos-host.

The unique zones and predefined zones on your firewall depend on the device managed by Security Director.