[c-nsp] BGP support on the new ASA5585-X
Dean Smith
dean at eatworms.org.uk
Fri Oct 29 18:21:07 EDT 2010
>I'm sure it doesn't. Routers are routers, firewalls are firewalls.
So very narrow minded. In a large complex enterprise environment a few
thousand routes delivered dynamically to a firewall robustly via BGP would
be a godsend - and perfectly matched to the Cisco treatment of "high" and
"low" security interfaces. We too have had to go transparent for this reason
alone in many places but its not always possible. (Oh and when will we get
an HTTPS inspect on ASA/FWSM!)
More information about the cisco-nsp
mailing list