Create a Zone

Table of Contents

Filter

Expand All | Collapse All

Assign your firewall interfaces to a zone to segment your network.

Contact your account team to enable Cloud Management for NGFWs using Strata Cloud Manager.

Where Can I Use This?	What Do I Need?
`NGFW (Managed by Strata Cloud Manager)` `VM-Series, funded with Software NGFW Credits`	`AIOps for NGFW Premium license (use the Strata Cloud Manager app)`

Assign one or more firewall interfaces to a zone to segment your network to control protection for each zone individually.

Log in to Strata Cloud Manager.
Configure your firewall interfaces.
Select ManageConfigurationNGFW and Prisma AccessDevice SettingsInterfaces and select the Configuration Scope where you want to create the zone.

You can select a folder or firewall from your Folders or select Snippets to configure the zone in a snippet.
Add Zone.
Configure the zone.
1. Select the Interface Type.
  Select Layer2 if you want to add Layer 2 interfaces to the zone or Layer 3 to add Layer 3 interfaces.
2. Add one or more interfaces to the zone.
3. (Optional) Select a Zone Protection Profile to specify how the firewall responds to attack from this zone.
  Select Create New to create a new Zone Protection profile inline.
4. (Optional) Confirm you want to Enable Packet Buffer Protection.
  This setting is enabled by default. The firewall applies Packet Buffer Protection to the ingress zone only to protect the zone from DoS attacks and aggressive sessions and sources.
5. (Optional) Enable User ID ACL.
  This setting is disabled by default. When disabled, the firewall applies user mapping information it discovers to all traffic of this zone for use in logs, reports, and policy rules. When enabled, the firewall
6. (Optional) Enable Device ID ACL.
  This setting is disabled by default.
Save.