https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36207#M26618 <HTML><HEAD></HEAD><BODY><P>@Richard .. are you saying that traffic will be allow?</P><P></P><P>Protection means AV, IPS , Anti Malware and such right?</P></BODY></HTML> Thu, 08 Sep 2011 14:13:14 GMT friento 2011-09-08T14:13:14Z https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36203#M26614 <HTML><HEAD></HEAD><BODY><P>Hi all,</P><P></P><P>Here is a small question regarding zone protection profile :smileycool:</P><P>What happens if we do not define any zone protection profile to a specific zone ? Is the default behaviour to allow all types of potential threaths ( ICMP flood, fragmentation and so on ... ) or to deny them ?</P><P></P><P>Thanks for your help.</P></BODY></HTML> Tue, 06 Sep 2011 16:02:56 GMT https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36203#M26614 bdaussin 2011-09-06T16:02:56Z https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36204#M26615 <HTML><HEAD></HEAD><BODY><P>It's a firewall device so my guest is Deny. Although it won't show on your log if you don't have explicit deny rule in bottom.</P></BODY></HTML> Tue, 06 Sep 2011 20:03:14 GMT https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36204#M26615 friento 2011-09-06T20:03:14Z https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36205#M26616 <HTML><HEAD></HEAD><BODY><P>If no zone protection is defined on a zone then PA would not apply any of the protection. So all would not automatically deny ICMP/UDP floods, etc. However your security rules will still apply.</P><P></P><P>-Richard</P></BODY></HTML> Thu, 08 Sep 2011 06:02:02 GMT https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36205#M26616 Retired Member 2011-09-08T06:02:02Z https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36206#M26617 <HTML><HEAD></HEAD><BODY><P>Ok, thanks for your answer.</P><P>Regards,</P></BODY></HTML> Thu, 08 Sep 2011 09:07:09 GMT https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36206#M26617 bdaussin 2011-09-08T09:07:09Z https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36207#M26618 <HTML><HEAD></HEAD><BODY><P>@Richard .. are you saying that traffic will be allow?</P><P></P><P>Protection means AV, IPS , Anti Malware and such right?</P></BODY></HTML> Thu, 08 Sep 2011 14:13:14 GMT https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36207#M26618 friento 2011-09-08T14:13:14Z https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36208#M26619 <HTML><HEAD></HEAD><BODY><P>No, the zone protection is not content inspection like AV, IPS, etc. The zone protection profiles are specific to SYN, ICMP, UDP, and other IP flooding attacks as well as host sweeps and port scan type protections.</P><P></P><P>Alfred</P></BODY></HTML> Thu, 08 Sep 2011 15:57:46 GMT https://live.paloaltonetworks.com/t5/general-topics/default-zone-protection-behaviour/m-p/36208#M26619 fredallee 2011-09-08T15:57:46Z