Updated on 2024-01-24 GMT+08:00

Configuring Device Security Zones

Context

Huawei Qiankun needs to identify the security zones to which the attack source and destination belong for threat event analysis.

Huawei Qiankun provides the following types of security zones:
  • User-trusted Zone: It is a security zone trusted by users. It usually refers to users' internal networks. Huawei Qiankun does not block the threat traffic initiated from this zone.
  • Mixed Zone: It is a special security zone between User-trusted Zone and User-untrusted Zone in terms of trust level. Huawei Qiankun does not block the threat traffic initiated from this zone.
  • User-untrusted Zone: It is a security zone not trusted by users. It usually defines insecure networks such as the Internet. Huawei Qiankun automatically blocks the threat traffic initiated from this zone.

Procedure

  1. Log in to the Huawei Qiankun console, and choose > My Services > Border Protection and Response.
  2. Choose Services > IP Security Zone.
  3. Click Create in the Device Security Zone area, and add the untrust zone to User-untrusted Zone.

    Figure 1 Creating a security zone

  4. (Optional) Add the trust zone to User-trusted Zone. By default, the trust zone has been added to User-trusted Zone on Huawei Qiankun. If the trust zone is deleted, perform this step to add it.

    Figure 2 Creating a security zone

    After the security zones are added, the following page is displayed.

    Figure 3 Device security zones