- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- Do Security Zones work across gateways and policie...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Do Security Zones work across gateways and policies?
I am looking at simplifying my policies with Security Zones for the first time and need some clarification. Since they are assigned to the interface, how are these stored/shared? Per gateway? Per Policy? Global?
How do these work for VPN traffic? Since that technically comes in and out on the external interface, is it seen as an external zone or does it see that it's coming from an internal zone on the other gateway?
Thanks!
1 Reply
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Zones only have a scope relevant to the local gateway.
For example, the InternalZone on GatewayA may be very different from the InternalZone on GatewayB.
I would expect VPN traffic to appear to come from the zone associated to the interface which the VPN traffic came in on.