Prisma SD-WAN ZBFW
Prisma SD-WAN Application Fabric includes an in-built
security solution called the Zone-Based Firewall (ZBFW).
| Where Can I Use
This? | What Do I Need? |
|---|
The zone-based firewall (ZBFW) is designed
to create, manage, and enforce security policies and propagate those
policies to all branch sites without using fragmented rules or managing
security at an individual device-level. It is a lightweight security solution
for securing the WAN perimeter and segmenting traffic within a branch
site.
Securing the Perimeter—ION hardware and virtual
devices include an application-aware, stateful, zone-based firewall
to protect internet connections in the remote office. With the ION
device, application-aware policies are defined that specify what
is allowed into and out of the remote location, giving the administrator
explicit control to secure the perimeter. Additionally, AppFabric
is centrally managed through the cloud-delivered and deploys hardware,
software, and storage to support the management and monitoring infrastructure.
Segment Traffic in the Branch—Prisma SD-WAN uses the
concept of zones and prefix filters within ZBFW rules to isolate
and segment traffic in the branch.
Prepare to Configure ZBFW—To prepare for securing
the network, conduct preliminary planning and evaluation of your
environment.
