Firewalls use zones to group interfaces with similar security requirements. Traffic between zones is controlled by policies. Common zones include:
- Inside: Your trusted internal network
- Outside: Untrusted external network (internet)
- DMZ: Demilitarized zone for public-facing servers
Traffic within a zone flows freely. Traffic between zones must pass through the firewall and match a security policy. This zone model lets you define different trust levels for different network segments.