Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configure a Security Zone For the Device

A security zone is a collection of one or more network segments requiring the regulation of inbound and outbound traffic through policies. Security zones are logical entities to which one or more interfaces are bound. You can define multiple security zones, the exact number of which you can determine based on your network needs.

  1. Select SRX > Device Management > Devices.

    The Devices page opens.

  2. Select the device and click More > View inventory.
    The device inventory details page opens.
  3. Click the Network tab, and click Zones.
  4. Perform the required action provided in Table 1.
    Table 1: Security Zone Actions
    Field Description

    Create a security zone

    1. Click the + icon to create a security zone.

      The Add Security Zone page opens.

    2. Complete the configuration according to the guidelines provided in Table 2.

    3. Click OK.

      The security zone is created and you are returned to the Zones section on the Configuration page.

    Modify a security zone

    1. Select a security zone, and click the pencil icon.

      The Edit Security Zone page opens.

    2. Modify the required fields according to the guidelines provided in Table 2.

    3. Click OK.

      The changes are saved and you are returned to the Zones section on the Configuration page.

    Delete security zones

    1. Select one or more security zones, and click the delete icon to delete the zones.

      The Warning page ipens.

    2. Click Yes to confirm the deletion.

      The selected security zones are deleted.

    Preview security zone configuration

    Preview the security zone configuration by clicking the Preview button on the page.

    Deploy the security zone

    1. Select one or more security zones, and click the Deploy button.

      The Deploy Config Resources page opens.

    2. Do one of the following:

      • Click Run Now to deploy the configuration on the selected devices immediately.

      • Click Schedule at a later time to deploy the configuration later.

    3. Click OK.

      • The settings are saved and you are returned to the Configuration page that shows the deployment status in the Config State column.

      • A confirmation message is displayed indicating that a job is created.

      • A separate task is triggered for each device, in the deployment job to deploy the configuration.

        You can also view the status from the Administration > Jobs page.
    Table 2: Fields on the Add Zone Page
    Field Description

    Name

    Enter a name containing up to 63 characters without spaces.

    The name must begin with an alphanumeric character and can include colons, periods, dashes, and underscores.

    Description

    Enter a description of the zone containing up to 900 characters.

    Ensure that the description contains useful information that is helpful to administrators.

    Application Tracking

    Enable this option to maintain the application usage statistics on the device.

    Interfaces

    Select the interfaces to include in the zone from the left column and add the interfaces to the right column.

    System Services

    Select the system services to include in the zone from the left column and add the services to the right column.

    Protocols

    Select the protocols to include in the zone from the left column and add the protocols to the right column.

    TCP Reset

    Enable this option to activate sending TCP packets with the RST (reset) flag set to 1 in response to TCP packets that have a flag set to any flag other than SYN and that do not belong to an existing session.

    Interface Services and Protocols

    View the summary of interface, services and protocols for your device.

Related Documentation