New Features - Device Security - May 2025

Devices that connect simultaneously to multiple security zones pose significant security risks by potentially allowing traffic to bypass established firewall policies. Device Security flags these risks by detecting devices with network interfaces that span multiple NGFW security zones, helping you to identify and remediate these compliance breaches. When Device Security discovers a device with interfaces connected to VLANs belonging to different security zones, such as trusted and untrusted, it automatically generates a risk factor, increasing that device's overall risk score. This new risk factor gives you visibility into potentially dangerous network configurations that could allow lateral movement between isolated network segments.

You can find all devices acting as security zone bridges by filtering in the asset inventory, helping you to investigate why these assets have been configured in this way. The feature provides detailed information about which interfaces are connected to which security zone in the device details interface list. Use this context to understand the severity of each case and prioritize remediation efforts. Once you resolve the issue by reconfiguring the device's network connections to reside within the same security zone, the system automatically removes the risk factor and updates the device's risk score, reflecting the improved security posture.

This feature enhances your network security by ensuring that security zone boundaries remain intact. It leverages existing subnet-to-security zone mapping capabilities to detect these violations accurately and provides a path to identification and remediation. By using this feature, you gain deeper insight into potential security policy violations in your network architecture and can maintain stronger segmentation between different security zones.