Zone Management (Alpha)

Overview

Zones are the highest architectural “unit” within the Byos Secure Lobby Overlay Network.

• the unit hierarchy is: Zones > Groups > Edges > Assets

Zones are networking boundaries that control how, who, what, and where traffic is allowed to move within the Byos Secure Lobby Overlay Network.

• Groups are placed inside of the Zones from Group Management

• Super Administrators grant role-based access control to allow inbound access to a Zone from other Zones, and Byos Administrators and Guests inside of the Secure Lobby Overlay.

• Admins can configure specific and granular Network ID and CIDR settings for different Zone networking configs.

How are Zones used?

Zones are used to manage how traffic flows within the Byos Secure Lobby overlay, specifically access control rules for which Edges, Guests, and Administrators can communicate with each other.

Managing Zones

Administrators can:

• Create a Zone

• Rename a Zone

• Delete a Zone

Modifying Zone Access Control

By default, all traffic between Zones are inbound.

• Outbound Traffic is governed by the Policy Group and can only be set in Policy Management > Routing Rules.

The different Access Control policies that can be set for Zone Management include:

• What Zones can allow inbound communications from:
• Other Zones
• Admins
• Guests

Zone Segmentation Configuration

The Zone’s Network ID and CIDR can be customized to meet the networking needs of complex networking environment with Legacy networking equipment.

Available Hosts per CIDR

The CIDR can be set per Zone. The available options include:

• CIDR / 29 - 3 hosts available

• CIDR / 28 - 7 hosts available

• CIDR / 27 - 15 hosts available

• CIDR / 26 - 31 hosts available

• CIDR / 25 - 63 hosts available

• CIDR / 25 - 127 hosts available

Note: The amount of Hosts available are less than expected because certain IPs are have been reserved for the Internal Network’s gateway IP address.

Networking Conflicts