Solved: FMC "Zones" Are they needed?

Steven Williams · ‎11-28-2018

When building policies within the SFR/FMC what are zones? Do we need them? How are they different from "Networks"?

Marvin Rhoads · ‎11-28-2018

Zones are assigned to interfaces (although you technically don't need to reference them in your Access Control Policy).

They are quite useful when you have multiple interfaces - like several internal interfaces that you might all include in the "Inside" zone - that you want to treat with a single set of rules.

View solution in original post

Marvin Rhoads · ‎11-28-2018

Zones are assigned to interfaces (although you technically don't need to reference them in your Access Control Policy).

They are quite useful when you have multiple interfaces - like several internal interfaces that you might all include in the "Inside" zone - that you want to treat with a single set of rules.

Steven Williams · ‎11-28-2018

I dont see the value in them when its only an SFR that is using the FMC. Its not a FTD device.

Marvin Rhoads · ‎11-28-2018

True - very little utility in the case of a single ASA Firepower service module.

Steven Williams · ‎11-28-2018

Ok just wanted to make sure my thinking was on par.

Thanks for the feedback.

FMC &quot;Zones&quot; Are they needed?

FMC "Zones" Are they needed?