Configuration > Overlays & Security > Security > Firewall Zones
Zone-based firewalls are created on the Orchestrator.
A zone is applied to an Interface.
By default, traffic is allowed between interfaces labeled with the same zone.
Any traffic between interfaces with different zones is dropped.
Users can create exception rules (Security Policies) to allow or deny traffic between interfaces within the same or different zones.
NOTE: “Default” will always be the initial default zone. You cannot have another zone named “Default”.
NOTE: The name of your firewall cannot exceed 16 characters and cannot contain any special characters. It can contain alphanumeric characters and underscores only.