Is it possible to create the following design:
1) Multiple Contexts: Customer Internal Network; Business Partner A, Business Partner B
2) Customer net can talk to Business Partner A and B (from the inside)
3) Business Partners can't talk to each other.
If this is possible, am I gaining any additional security with using this type of context design vs. putting the business partner connectivity in DMZ interfaces and using ACLs?