Configuring Device Security Zones

Context

Huawei Qiankun needs to identify the security zones to which the attack source and destination belong for threat event analysis.

Huawei Qiankun provides the following types of security zones:

User-trusted Zone: It is a security zone trusted by users. It usually refers to users' internal networks. Huawei Qiankun does not block threat traffic initiated from this zone.

Mixed Zone: It is a special security zone between User-trusted Zone and User-untrusted Zone in terms of trust level. Huawei Qiankun does not block the threat traffic initiated from this zone.
User-untrusted Zone: It is a security zone not trusted by users. It usually defines insecure networks such as the Internet. Huawei Qiankun automatically blocks the threat traffic initiated from this zone.

By default, Huawei Qiankun adds the trust zone and DMZ to User-trusted Zone, and the untrust zone to Mixed Zone. In addition, Huawei Qiankun adds other zones to the corresponding security zones (except User-untrusted Zone) based on threat events.

Procedure

Log in to the Huawei Qiankun console, and choose > My Services > Border Protection and Response.
Click Services in the menu bar, and choose IP Security Zone from the navigation tree.
Optional: Click Create in the Device Security Zone area to add the corresponding security zones, for example untrust zone, to User-untrusted Zone.

If you want Huawei Qiankun to deliver the IP address blacklists containing the IP addresses of threat events, add the corresponding security zone to User-untrusted Zone.

Figure 1 Creating a security zone
Optional: Click in the upper right corner of the device card, and drag security zones to different zones.

You can drag security zones to different zones based on requirements to help Huawei Qiankun determine threat events.

Figure 2 Setting zone labels
Click Save in the upper right corner of the device card to save the configurations.