Creating Zone Sets
Use zone sets page to group one or more zones and reference them in the global firewall group.
A zone set is a grouping of one or more zones in a network to regulate and secure traffic through the security platform running Junos OS. With the zone-based security, you can define multiple security zones, group similar interfaces, and apply the same policies to the zones to avoid creating multiple policies across every possible interface.
Zone sets are referenced in the global firewall group to provide you with the flexibility to perform actions on traffic without the restrictions of zone specifications.
Before You Begin
Read the Understanding Zone Sets topic.
Define a security zone.
Add logical interfaces to the zone.
Review the zone sets main page for an understanding of your current data set. See Zone Sets Main Page Fields for field descriptions.
To configure a zone set:
- Select Configure > Shared Objects > Zone Sets.
- Click the + icon.
- Complete the configuration according to the guidelines provided in the Table 1.
- Click OK.
A new zone set with the predefined configurations is created. You can use this zone set in firewall policy.
Table 1: Zone Set Settings
Enter a unique name for the zone set that begins with alphanumeric characters. Colons, periods, slashes, dashes, and underscores are allowed. The maximum length is 63 characters.
Enter a description for the zone set; maximum length is 1024 characters.
Select one or more predefined or unique zones from the Available column for inclusion in the zone set. For example: DMZ, junos-host.
The unique zones and predefined zones on your firewall depend on the device managed by Security Director.