diff --git a/catalystwan/models/common.py b/catalystwan/models/common.py
index 9d02afc3..97f9e4c7 100644
--- a/catalystwan/models/common.py
+++ b/catalystwan/models/common.py
@@ -676,7 +676,18 @@ def str_as_interface_list(val: Union[str, Sequence[InterfaceStr]]) -> Sequence[I
     "umbrella",
 ]
 
-PolicyModeType = Literal["security", "unified"]
+_PolicyModeType = Literal["security", "unified"]
+
+def parse_policy_mode(val: Optional[str]) -> _PolicyModeType:
+    if isinstance(val, str) and val == "unified":
+        return "unified"
+    return "security"
+
+PolicyModeType = Annotated[
+    _PolicyModeType,
+    BeforeValidator(parse_policy_mode)
+]
+
 
 CoreRegion = Literal[
     "core",
diff --git a/catalystwan/models/policy/definition/zone_based_firewall.py b/catalystwan/models/policy/definition/zone_based_firewall.py
index a2987d27..ef6d7267 100644
--- a/catalystwan/models/policy/definition/zone_based_firewall.py
+++ b/catalystwan/models/policy/definition/zone_based_firewall.py
@@ -7,6 +7,7 @@
 from pydantic import BaseModel, ConfigDict, Field
 from typing_extensions import Annotated
 
+from catalystwan.models.common import PolicyModeType
 from catalystwan.models.misc.application_protocols import ApplicationProtocol
 from catalystwan.models.policy.policy_definition import (
     AdvancedInspectionProfileAction,
@@ -220,12 +221,6 @@ class ZoneBasedFWPolicyEntry(BaseModel):
     model_config = ConfigDict(populate_by_name=True)
 
 
-class ZoneBasedFWPolicyHeader(PolicyDefinitionBase):
-    type: Literal["zoneBasedFW"] = "zoneBasedFW"
-    mode: str = Field(default="security")
-    model_config = ConfigDict(populate_by_name=True)
-
-
 class ZoneBasedFWPolicyDefinition(DefinitionWithSequencesCommonBase):
     default_action: ZoneBasedFirewallDefaultAction = Field(
         default=ZoneBasedFirewallDefaultAction(type="drop"),
@@ -236,9 +231,10 @@ class ZoneBasedFWPolicyDefinition(DefinitionWithSequencesCommonBase):
     entries: List[ZoneBasedFWPolicyEntry] = []
 
 
-class ZoneBasedFWPolicy(ZoneBasedFWPolicyHeader):
+class ZoneBasedFWPolicy(PolicyDefinitionBase):
+    model_config = ConfigDict(populate_by_name=True)
     type: Literal["zoneBasedFW"] = "zoneBasedFW"
-    mode: Literal["security", "unified"] = "security"
+    mode: PolicyModeType = "security"
     definition: ZoneBasedFWPolicyDefinition = ZoneBasedFWPolicyDefinition()
 
     def add_ipv4_rule(