Changing the Access Zones Policy

The main component of the Access Zones policy rule is the definition of the Trusted Zone. All objects that are not in the Trusted Zone are automatically in the Internet Zone. If necessary, you can create new Trusted Zone objects to use in different policy rules

You can add and remove network objects from a Trusted Zone.

Note - A computer can have only one Trusted Zone. This means that if the Access Zones policy has more than one rule, and more than one Trusted Zone applies to a computer, only the last Trusted Zone is enforced.

To define the Trusted Zone:

1. In the Policy tab > Access Zones rule, double click Corporate Trusted Zones or right-click it and select Edit Shared Action.

   The Edit Properties - Access Zones window opens.

2. To add an existing object to the Trusted Zone Locations list:
   • Select a network object from Available Network Objects.
   • Click Add.
3. To remove an existing object:
   • Select the network object from the list
   • Click the Remove arrow
4. To delete an existing object, select the object and click Delete.
5. To create a new Network Object, click New.

   The Select New Object Type window opens.

   1. Select an object type from the list.
   2. Click OK.

      The Properties window for the selected object opens.

   3. Enter the required data.
6. Click OK.

To create a new Trusted Zone object:

1. In the Policy tab > Access Zones rule, double click Corporate Trusted Zones or right-click it and select Edit Properties.

   The Properties window opens.

2. In the Select action field, select New.
3. Edit the Name and Description of the Zone.
4. Click OK.
5. Edit the network locations in the zone as described in the procedure above.