Bind Zones to Sites

Prisma SD- WAN zbfw allows to bind zones to sites.
Use site bindings to map firewall zones to interfaces and networks to attach the current security policy set to the selected site. You must bind a security policy set to a site to make its security policy rules applicable to the site and associated zones. When planning to bind sites, zones, and security policy sets, you should be aware:
  • Binding a zone to a site attaches networks to the zones for that site. A zone can have multiple networks, but a network can only have one zone.
  • Binding a security policy set to a site attaches the zone-based firewall rules to that site.
  • Binding a security policy set to a site will block all traffic not explicitly allowed by the security policy rules by default.
  1. Click
    Perform one of the following to search or select a site to display its configuration details.
    1. Type a
      site name
      in the search field.
    2. Click the right-facing arrow to display a list of existing sites.
  2. Select
    Security Zone Binding
    and then once on the appropriate tab, click
    Bind Zone
    Bind zones to sites from the
    tab or devices from the
    tab (zone bindings on devices override zone bindings on the site).
  3. Choose the zone name from the list of zones and
  4. Choose the zone network bindings for the zone and
    All VPNs are bound to a single zone. Verify that the networks you select for zone bindings are attached to an interface. As mentioned before, a zone is bound to multiple networks, including LANs, WANs, or VPNs. However, each network is attached to one zone.
  5. Click
    If no sites are bound to a security policy set then click
    Bind Site
    . After you have a site or device attached to the security policy set, click
    Bind Zone
  6. Select a
    from the drop-down to display
    Zone Network Bindings
  7. Select the
    to bind to the zone and

Recommended For You