I’m wondering if anyone else has used and setup Network Zones and Policies and what your feelings are about it? Also wondering how you determined your zones if you have?
Thanks and have a great day
Randy
By the lack of response i’m wondering if Zones and Policies will remain a thing or is even worth setting up and useing. 
https://docs.rapid7.com/insightidr/network-zones-and-policies/
Zones and Policies are just meant for additional alerting when users violate those policies. Zones can be anything, like a group of SQL servers and a policy would be set to say that only the SQL admin and Domain admin groups have exclusive access tot hat Zone.
If any users outside of the groups listed in your policy try to access the servers listed in your zone you will get a policy violation alert in IDR.
1 Like
Using it to segment the several prod environments. Not all groups are allowed to access all of prod. This helps to find issues from the past.
1 Like