[c-nsp] FWSM, Contexts and ASA's
Justin M. Streiner
streiner at cluebyfour.org
Wed Feb 13 13:31:51 EST 2008
On Wed, 13 Feb 2008, Christian Koch wrote:
> do you mix corporate and customer firewall contexts on the same fwsm
> modules?
I work for a large university, so the line between corporate and customer
traffic is somewhat blurry, and the architecture is more like a service
provider than a traditional enterprise. We run most everything through
the same firewalls, just in different contexts.
If your original question was about if there is a technical reason not to
do this, that really depends on your needs. Another poster mentioned that
the FWSMs are not quite as advanced as the ASAs in some ways, and that is
true. One big strike against the FWSMs is the inability to directly
terminate IPSEC VPN tunnels, which is something the ASA handles with ease.
jms
More information about the cisco-nsp
mailing list