ASA 5540 / 5510 threat-detection in multiple context mode

Unanswered Question
Oct 28th, 2009

Hello, trying to find out, how to find a way to activate the basic threat-detection on a ASA 5540 model, since we switchted from single to multiple context mode.

Unfortionally the set up guide excludes this feature when the ASA is in the multiple context mode.

Original wording from the manual "Security Context Guidelines

• Supported in single mode only. Multiple mode is not supported."

Since we need the multiple context to safe hardware resources, I am looking for a diffrent way to spot and maybe also prevent a scan or similar activities with this ASA.

We have been litte bit disapointed, since it is a great firewall, great performance but when we switched from single to multi context mode, some of the features we where using where no longer available. Maybe someone also has an explanation why this is...?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kureli Sankar Tue, 11/24/2009 - 19:50

There are quite a few features that are not supported in multiple context mode:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html#wp1116132

TD command reference link is below:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/t.html#wp1482339

in the table you would clearly see (what you have already found) that it is not supported in multiple context mode.

The reason may be either software or hardware limitation or both.  This may be beyond the scope of this forum.  If you contact your local Cisco account team they may be able to share additonal information.

Actions

This Discussion