 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
A security zone is a collection of one or more network segments requiring the regulation of inbound and outbound traffic through policies.
|
Before You Begin |
|---|
|
For background information, read Understanding Policies. |
Security zones are logical entities to which one or more interfaces are bound. With many types of Juniper Networks devices, you can define multiple security zones, the exact number of which you determine based on your network needs.
On a single device, you can configure multiple security zones, dividing the network into segments to which you can apply various security options to satisfy the needs of each segment. At a minimum, you must define two security zones, basically to protect one area of the network from the other. On some security platforms, you can define many security zones, bringing finer granularity to your network security design—and without deploying multiple security appliances to do so.
From the perspective of security policies, traffic enters into one security zone and goes out on another security zone. This combination of a from-zone and a to-zone is defined as a context. Each context contains an ordered list of policies. For more information on policies, see Security Policies Overview.
JUNOS software supports functional zones and security zones.
This topic covers:
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |