Basic concepts
The security zone feature includes the following basic concepts:
Security zone—A security zone is a collection of interfaces that have the same security requirements.
System-defined security zones—The device provides the following system-defined security zones: Local, Trust, DMZ, Management, Untrust, library, and office. These security zones are created automatically by the system when one of following events occurs:
The first command for creating a security zone is executed.
The first command for creating a zone pair is executed.
System-defined security zones cannot be deleted.
DMZ—A demilitarized zone is a network that is separate from the internal network and the external network both logically and physically. Typically, a DMZ contains devices for the public to access, such as the FTP servers.