How to: Control Communication Across Zones
Communication across zones is managed through zone endpoints. Communication through zones can be inbound, outbound, or bi-directional. In the example of a zone as a firewall, you can think of the inbound and outbound traffic through the firewall as occurring through the zone endpoints. Using the zone endpoints, you can specify which types of traffic are allowed to pass in and out of the zone. To do this, you need to set zone communication constraints on the zone endpoint.
Zone communication constraints appear in the Settings and Constraints Editor when you select a zone endpoint. The constraints available on a zone endpoint reflect possible communication protocols offered by servers within the zone. By clearing the check box on one of these constraints, you can disallow communication into or out of the zone using that protocol. This does not prevent the communication protocol from being used between servers within the zone; it prevents that protocol from being used across the zone.
Use the following procedure to set zone communication constraints.
To set communication constraints on zone endpoints
Select a zone endpoint.
Arrows in the endpoint icons indicate the communication direction each endpoint handles:
Inbound communication - ">" pointing into the zone.
Outbound communication - "<" pointing out of the zone.
Bi-directional communication - "<>" pointing both in and out of the zone.
View the list of communication constraints available in the Settings and Constraints Editor. For more information, see How to: Open the Settings and Constraints Editor.
Select a check box to allow a logical server to delegate the specified type of communication to the zone endpoint. Clear the check box to disallow that type of communication.
Specifying a zone communication constraint affects your ability to connect zone endpoints to logical server endpoints. For example, if you select the outbound zone endpoint and clear the HTTPClientEndpoint constraint in the Settings and Constraints Editor, then you are not allowed to connect an HTTP Client endpoint on a Web server to that zone endpoint.
To change the communication direction for a zone endpoint, see How to: Change Communication Direction on Zones.
See Also
Other Resources
Defining Communication Pathways Between Zones and Logical Servers