like to know the difference between interface based and zone based firewall
It comes down to how the policy is defined.
In a zone-based firewall I can say "everything that comes from this interface should be treated this way" without worrying about the IP addresses at all.
You can achieve the same thing in an interface-based firewall, but you have to know (and define) every IP address reachable from that firewall.
Which, in complex environments with dynamic routing, can be a challenge.
Check Point did not support using zones in the firewall policy until R80.10 (except on SMB appliances, where this has been supported for a while).
However, even in R80.10, interface Anti-spoofing and NAT rules still have to be defined in terms of IP addresses--something that should be addressed in future releases.
Retrieving data ...