- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- InternalNet vs InternalZone
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
InternalNet vs InternalZone
Hi Guys,
Is there any difference between the "InternalNet" or "InternalZone" objects we can select in a security policy ? ( when to use what ? )
Based on what I read in the CCSA course, I assume InternalZone could be the group of internal interfaces. InternalNet could be the group of RFC1918 addresses for ipv4...
Or is this all the same ?
I'm sorry if this is a stupid question, but I can't find the answer here in Checkmates nor the training courses. Thx.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
They are different kinds of objects (Zone versus group) so they could overlap but are not exactly the same.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So InternalZone is a zone, and InternalNet is a group of ... ( interfaces, RFC1918, ... ? )
Thx.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Generally, InternalNet is whatever you've defined it to be.
I believe it is used in the CCSA Courseware as a placeholder for "internal network."
To complicate matters, it turns out there is a Dynamic Object called InternalNet, used primarily with SmartLSM.
Dynamic Objects are generally placeholder objects where you set the actual definition on the relevant gateway via the dynamic_objects CLI command.
Some Dynamic Objects (e.g. LocalGateway) are managed automatically.
I don't believe InternalNet is, unless you're using SmartLSM.
This is in comparison to InternalZone, which is defined based on the topology setting for your gateways and includes all the networks behind the relevant interfaces.
