06-15-2026 03:50 PM
We want to create some standards rules that will apply to most zones - It looks like the only way to do this is to define all zones that needs these rules at a global level.
Looks like maybe tagging could be used as an alternative to allow zones to be defined at a folder level, but this seems overly complex
06-16-2026 06:40 AM
have you tried using Zone Mapping (from the Overview > Inherited Zones)
you can add all your internal zones to the Trust zone so you can make a rule that allows trust to anywhere which will include all your zones
06-18-2026 04:09 AM
Thanks - I've had a look at this and it appears this is for Prisma access?
We are currently focusing on device level, rather than user level protections to segment high risk area of our network off or area that are critical and need extra protection.
For example we have a rule to allow access to Microsoft Defender for Endpoint or the SIEM system that we want to be able to apply to multiple segmented area of the network, each segment is current in its own zone, with some of the zones been defined at a subfolder level.
From what I can see the best fix would be to define the zones at the root level so they can be used in root level config.
As we don't have Prisma it does not look like we can use the trust/untrusted functionality, nor does it appear to be in any of the mneus
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
