Im installing a new FWSM and I have a couple of questions. Currently I have several VLANs defined with SVI's on my Cat 6500's and they can all pass traffic to one another. Now I need to segment 3 VLANS (Currently Layer3) from each other and everything else. So from my understanding of this statement "For security reasons, by default, only one SVI can exist between the MSFC and the FWSM. For example, if you misconfigure the system with multiple SVIs, you can accidentally allow traffic to pass around the FWSM if you assign both the inside and outside VLANs to the MSFC."
Does this mean that I would....
1. Have a layer 3 vlan on the Cat6500 that would be the inside interface that is attached to the FWSM (this will route traffic from the segmented VLANS)
2. The 3 interfaces that I want segmented I would convert to layer 2 vlans by removing the current SVI's
3. And I would assign all 4 vlans to my firewall vlan-group on the switch?
That is my understanding of this, am I correct?