This walkthrough will cover how to isolate/segregate/separate internal LAN traffic, to prevent from spilling into other internal networks (LAN1, LAN2, DMZ, etc.).
To configure the ZLD appliance to isolate traffic between interfaces please access the device WebUI. Go to menu, Configuration → Security Policy → Policy Control. Edit the rules for the interfaces you wish to isolate. For instance, the "LAN1_Outgoing" rule allows the LAN1 interface to communicate with ANY other interface (this includes the WAN, LAN2 and DMZ). Editing this rule to read from LAN1 to WAN, instead or ANY, will allow the LAN1 to communicate only with the WAN interface for internet access. From this point on LAN1 communications with LAN2 or DMZ will cease.