The network security zones model uses the concept of trust as the foundation. Each zone is assigned a trust level. Trust increases from the outer zone to the inner one that houses the company's most critical assets and production data. Communication is only allowed between systems in adjacent zones skipping or bypassing of zones is not allowed. Security controls are placed between each zone, such as stateful inspection firewalls, intrusion prevention and detection systems, and solid access controls. Security controls implemented inside a zone allow the detection of malicious activity between systems within a zone.
Traffic directionality can also be considered when defining the rules of communication among zones. For ...