Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


TZ300 vs TZ370 firewall rules in general

B83B83 Newbie ✭

Both firewalls have a traffic matrix (LAN to WAN, WAN to LAN, etc.) that allows one to easily view rule sets for each of these traffic cases, but I noticed the TZ300's matrix is about physical interfaces whereas the TZ370 is about zones (I discovered 'zones' yesterday investigating this).

  1. Broadly speaking, would you say the TZ370 is a zone-based firewall and the TZ300 is not?
  2. Can TZ300 rules be imported into a TZ370?
  3. Is it possible to build a zero-trust network with TZ370s specifically, and zone-based firewalls in general?

Zones are apparently based on trust. What good is that model if one of your trusted machines is compromised?

Category: Mid Range Firewalls

Best Answers

  • Options
    MarkDMarkD Cybersecurity Overlord ✭✭✭
    Answer ✓

    There is no difference in the implementation if rules between Gen 6 and Gen 7 TZ - Gen 7

    Interfaces are in Zones

    Gen 7 - is Zones

    Gen 6 - is Zones I just doesn't say Zones

    As for rules:-

    SonicWALL provide a migration tool within the Tools/Migration tool of your my SonicWALL Portal.

  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭
    edited May 7 Answer ✓

    Zones are apparently based on trust.

    Zones are groups of interfaces. The "trust level" is a shorthand for, "by default, should traffic from here to there be allowed or not?". You can tweak the default rules to taste.

    What good is that model if one of your trusted machines is compromised?

    How the firewall is managed won't make any difference to defending internal machines from each other - traffic to and from the same network will not pass through the firewall, so it cannot act on it. This does not invalid the firewall zone concept.


  • Options
    B83B83 Newbie ✭

    Thanks, especially about that 'migration tool'

Sign In or Register to comment.