Security Zones do not work with what type of defined rule?

Security Zones in Check Point are designed to control the flow of traffic based on specific network segments or areas. They categorize the traffic by defining which interfaces allow traffic, providing an additional layer of security. However, when it comes to the Manual NAT rule, Security Zones do not apply.

Manual NAT rules work at the network layer and define how addresses will be translated for traffic between different interfaces. The primary function of these rules is to manage address conversions rather than enforce policies based on the geographical or logical classification of traffic zones.

On the other hand, Application Control, IPS bypass, and Firewall rules can all leverage Security Zones to apply specific policies or controls depending on the zone the traffic originates or ends in. This integration allows for a coherent security strategy that uses the same contextual parameters of the traffic for application awareness, intrusion prevention, and basic firewall functionalities. Thus, while Manual NAT rules focus solely on address translation and not on traffic policy enforcement, the other types of rules utilize Security Zones for more dynamic control over network traffic.