A zone is a grouping of interfaces. Zones also specify the services that can be used to administer devices and authenticate users. When used with firewall rules, zones provide a convenient method of managing security and traffic for a group of interfaces.

Table 1. Default zones
Name Description
LAN Groups interfaces with different network subnets so that you can manage them as a single entity. By default, traffic to and from this zone is blocked. However, traffic between ports within the same zone is allowed.
DMZ (De-militarized zone) Use for publicly accessible servers. You can group physical ports in this zone.
WAN Use for internet services.
VPN Use for simplifying secure, remote connectivity. When a VPN connection is established, the interface used by the connection is automatically added to this zone.
WiFi Use for wireless internet services.