To fully protect your network, all traffic must flow through
the firewall.
Configure Interfaces and Zones to create separate
zones for different functional areas such as the internet gateway,
sensitive data storage, and business applications, and for different
organizational groups such as finance, IT, marketing, and engineering.
Wherever there is a logical division of functionality, application
usage, or user access privileges, you can create a separate zone
to isolate and protect the area and apply the appropriate security
policy rules to prevent unnecessary access to data and applications
that only one or some groups need to access. The more granular the
zones, the greater the visibility and control you have over network
traffic. Dividing your network into zones helps to create a
Zero Trust architecture that
executes a security philosophy of trusting no users, devices, applications,
or packets, and verifying everything. The end goal is to create
a network that allows access only to the users, devices, and applications that
have legitimate business needs, and to deny all other traffic.