Stem has suggested I start this thread. So this is a 1st post. One request I have, please don't use the thread as a ZA /Checkpoint bashing opportunity. Stem I'm sure doesn't have the time deal with all that stuff which achieves nothing on a technical knowledge level. So please restrict posts to technical content questions and answers please! See 3 attached posted images of the options screens. I have put the following questions to start the ball rolling. (1) Main Firewall. What setting should user set Internet zone security?What is custom used for and how to approach using it? (2) Zones How to determine what IP's and sites to put into the Trusted Zone?How to determine what IP's and sites to put into the Internet zone? Zone? (3) Expert Is it required to use/set expert rules for ZA Pro? Why?If so can you provide a proven tested default set?