A security zone is a group of interfaces to which a security policy can be applied to control traffic between zones. For ease of deployment, the Cisco ISA500 has several predefined zones with default security settings to protect your network. You can create additional zones as needed.
Each zone has an associated security level. The security level represents the level of trust, from low (0) to high (100). Default firewall rules are created for all predefined zones and your new zones, based on these security levels. For example, by default all traffic from the LAN zone (with a Trusted security level) to the WAN zone (with an Untrusted security level) is allowed but traffic from the WAN (Untrusted) zone to the LAN (Trusted) zone is blocked. You can create and modify firewall rules to specify the permit or block action for specified services, source and destination addresses, and schedules.
To learn more, see the Security Levels and Predefined Zones table.
Security Levels and Predefined Zones