Interzone Policies

CONFIGURE > FIREWALL > Interzone Policies > Create Interzone Policy

In the Operations Manager, Interzone firewall policy is implemented through Firewalld; this is a zone-based firewall which allows you to define zones and create rules to manage the traffic between the zones.

The firewalld feature provides a dynamically managed firewall with support for network/firewall “zones” to assign a level of trust to a network and its associated connections, interfaces or sources.

The feature allows you to define policies to configure forwarding between zones and can be configured to allow directional forwarding from one or more ingress zones to one or more egress zones.

Rules and filtering may be applied at the zone level. When you add a zone, you select which services are part of that zone. Interzone policy allows these rules and filtering to be applied so as to control the type of traffic allowed to be forwarded.

The default policy, ie. when no zones are added, is that no traffic is forwarded.

Create an Interzone Policy

CONFIGURE > FIREWALL > Interzone Policies > New Interzone Policy

  1. Navigate to the Interzone Policies page: CONFIGURE > FIREWALL > Interzone Policies.

  2. Click the Add Firewall Policy button , the New Interzone Policy page opens for editing.

  3. In the Name field, enter a name that clearly identifies this policy instance to other users.

  4. In the Description field provide a detailed description of this interzone policy (optional).

  5. Click to check the boxes for each Ingress and Egress zone that is to be included in this policy. You can configure traffic in both directions by selecting both zones in the Ingress and Egress as in indicated by the red arrows in the image below:

    Two Directional Traffic Interzone Policy:

    Note: Additional zones may be added to the zones list at: CONFIGURE > FIREWALL > Management > New Firewall Zone.
    Zone customized rules may be edited at CONFIGURE > FIREWALL > Management > Firewall Management.

  6. Click the Apply button to implement the policy, a green banner will inform you that the policy details are saved successfully. The interzone policy is now active.

Edit or Delete an Interzone Policy

CONFIGURE > FIREWALL > Interzone Policies > Edit Interzone Policy

  1. Navigate to the Interzone Policies page: CONFIGURE > FIREWALL > Interzone Policies.

  2. Click the name of the policy you wish to edit (editable policies are identified by red text). The Edit Interzone Policy page opens for editing.

  3. Edit the policy details to be changed.

  4. If necessary, change the Description field to provide a detailed description of the edited interzone policy.

  5. To delete a policy, click on the Bin widget in the top-right corner of the Edit page.

  7. Click the Apply button to implement the edited policy, a green banner will inform you that the policy details are saved successfully. The edited interzone policy is now active.

Customized Zone Rules

Customized zone rules may be applied to any zone at CONFIGURE > FIREWALL > Management > Firewall Management: Firewall Management.