This is more of a design question than a technical question. I have inherited a network that uses BGP with two ISP's. Each ISP has an individual firewall (context) assigned to incoming traffic. We have a 6509 in our core that routes internal traffic to one firewall's internal interface.
My question is--what happens if the ISP fails that has the 6509 routing default traffic to it? Is there a way to use some protocol (HSRP-esque) so both ASA's have only one internal IP and the 6509 can route all traffic to either one if an ISP fails? Would it be better to use one firewall with two external interfaces and one internal interface? Are there any whitepapers from Cisco with a similar configuration to this?
Any help would be greatly appreciated. Thanks!