We help IT Professionals succeed at work.

How to best configure ZONES services  in SonicWall

I manage a SonicWall TZ210 firewall with the following services:
IPS
CFS
Gateway Anti Virus
Gateway Anti Spyware

Each of the above can be "applied" to any LAN, WAN, WLAN, DMZ Zones.

QUESTION: Whats the most effective or best practice for adding the above to the zones.
What I worry about is duplicating efforts with zero gain.
Any thoughts ?  And I would be grateful to hear "why" so I could figure this out for future services.
Comment
Watch Question

Director, SD-WAN Solutions
Commented:
do you use the Dmz or wlan zones? Do you want content filtering?

As I understand it, It will apply to anything leaving or entering the zone, so if you put them on the wan zone them anything to the Internet will go through them, but a wlan laptop with a virus attacking the lab zone won't get noticed.

Personally I enable  av and spyware on the lan and wlan zones as those are the zones I want protected. Then I enable cfs and ids on the wan zone as that's the only place I'm content filtering and where attacks come from. I don't use dmz.