On This Page
From January 01, 2023, TOS R21-3 Classic is EOL. Technical support will be available for a limited period to customers with Extended Support agreements.
Sample Security Zone Matrix CSV File
Use a text editor, for example Notepad, to save this text as a CSV file and import it into a security zone matrix to see an example of a matrix.
# Enter the security zones that you have manually created or imported into
# SecureTrack in Network > Zones and create a unified security policy matrix
# between the zones.
# Only zones that you enter here are impacted by this Security Zone Matrix. You can
# include up to 70 individual security zones.
#
# This example is for a system where multi-domain is disabled.
# If multi-domain is enabled the columns 'from domain' and 'to domain' can be added.
#
from zone,to zone,severity,access type,services,rule properties,flows
p_Datacenter,p_Datacenter,high,allow all,,,
p_Datacenter,p_PM,low,allow only,ssh,HAS_COMMENT;IS_LOGGED;LAST_HIT_WITHIN {days:90},
p_Datacenter,p_RnD,low,allow only,ssh,HAS_COMMENT;IS_LOGGED;LAST_HIT_WITHIN {days:90},host_to_host
p_Datacenter,p_Sales,low,allow only,any,HAS_COMMENT;IS_LOGGED;LAST_HIT_WITHIN {days:90},host_to_subnet
p_PM,p_Datacenter,high,block all,,,
p_PM,p_PM,high,allow all,,,
p_PM,p_RnD,low,block only,telnet,,host_to_host
p_PM,p_Sales,low,block only,telnet,,host_to_host
p_RnD,p_Datacenter,high,allow only,https;ssh,EXPLICIT_SOURCE;EXPLICIT_DESTINATION,
p_RnD,p_PM,low,block only,telnet,,
p_RnD,p_RnD,high,allow all,,,
p_RnD,p_Sales,low,block only,telnet,,subnet_to_host
p_Sales,p_Datacenter,high,block all,,,
p_Sales,p_PM,low,allow only,https;ssh;tcp 3306;udp 53;tcp 67-68,SOURCE_MAX_IP {COUNT:10};DESTINATION_MAX_IP {COUNT:10},
p_Sales,p_RnD,low,allow only,https;ssh;tcp 3306;udp 53;tcp 67-68,SERVICE_MAX_SERVICES {COUNT:3};EXPLICIT_SERVICE,
p_Sales,p_Sales,high,allow all,,,