Skip to main content

Quick Start Guide to Policies

Published on:
.
2 min read

The Policies section is the central workspace for managing the security policies applied across your Zenarmor deployments. From this page, you can manage both Internet Security Policies and Zero-Trust Network Policies, allowing you to secure internet-bound traffic and define communication rules within your Zero Trust Networks.

Whether you are managing Internet Security Policies for gateways and endpoints or configuring Zero-Trust Network Policies for secure communication between connected peers, the Policies workspace provides a centralized location for administering policy enforcement across your organization.

Figure 1. Policies

The left navigation panel organizes policy management into two primary sections: Internet Security Policies and Zero-Trust Network Policies. Selecting either section updates the main workspace with the policies available for that category, allowing you to manage different aspects of your security environment from a single location.

Internet Security Policies

The Internet Security Policies section is used to manage the security policies applied to gateways and endpoints for inspecting and protecting internet-bound traffic.

Figure 2. Internet Security Policies

Selecting Internet Security Policies displays all configured policies within your organization. From this page, you can switch between Gateway and Endpoint policy views, review policy status, create new policies, and synchronize policy changes with your connected deployments.

Internet Security Policies determine how traffic is inspected and protected across your environment. Depending on your deployment requirements, policies can be used to configure web filtering, application control, threat prevention, TLS inspection, cloud application controls, content inspection, and other internet security features.

Each policy can be enabled or disabled individually, making it easy to gradually roll out new configurations, temporarily suspend enforcement, or update existing policies without removing them.

While Internet Security Policies protect internet-bound traffic, Zero-Trust Network Policies define how communication is permitted between users, devices, gateways, and applications within a Zero Trust Network.

Zero-Trust Network Policies

The Zero-Trust Network Policies section contains the access rules associated with each configured Zero Trust Network.

Figure 3. Zero-Trust Network Policies

Selecting a Zero Trust Network from the navigation panel displays the access rules configured for that network. Each rule defines the communication criteria between source peers and destination peers, allowing administrators to control how users, endpoints, gateways, applications, and other connected resources communicate within the selected network.

Depending on your deployment requirements, these rules can be used to allow remote users to access internal resources, restrict communication between user groups, control application access, or implement micro-segmented connectivity across offices, cloud environments, and remote users.

From this page, you can create additional rules, enable or disable existing rules, duplicate configurations, remove policies, and synchronize policy changes with connected peers using the Sync Now action.

note

Zero Trust Networks follow a default deny model. Communication is blocked unless it is explicitly permitted by a configured Zero-Trust Network Policy.

Video Walkthrough

For a practical demonstration of creating, managing, and applying security policies in Zenconsole, watch the following video: