I'm in the process of setting up 2 ASA 5510 with Active/Standby Failover. I'm in the process of testing right now. I have a question about the Anti-spoofing feature. I've done some reading and got some mixed suggestions. Should just be turned on my outside and 2 DMZ interfaces so that RPF can be done on a sourced IP address? Or is this only done on the Inside interface which is where I want everthing protected?