I have a question that I hope someone can clarify ... I will be supporting a new ASA 5585X running 8.4 and I was wondering if it's possible to apply an ACL globally instead of it as an access group that is applied to a specific interface as in or out ... below are the interfaces and ACL ..

interface GigabitEthernet0/1

nameif internet-outside

security-level 0

ip address X.X.X.X 255.255.255.0 standby X.X.X.X!

interface GigabitEthernet0/2

nameif internet-dmz

security-level 10

ip address 10.69.201.X 255.255.255.0 standby 10.69.201.X

interface TenGigabitEthernet0/8.129

nameif core-inside

security-level 100

ip address 10.69.129.X 255.255.255.0 standby 10.69.129.X

interface TenGigabitEthernet0/9.130

nameif VLAN130

security-level 50

ip address 10.69.130.X 255.255.255.0 standby 10.69.130.X

!

interface TenGigabitEthernet0/9.134

nameif VLAN134

security-level 50

ip address 10.69.134.X 255.255.255.0 standby 10.69.134.X

!

interface TenGigabitEthernet0/9.136

nameif VLAN136

security-level 50

ip address 10.69.136.X 255.255.255.0 standby 10.69.136.X

!

interface TenGigabitEthernet0/9.140

nameif VLAN140

security-level 50

ip address 10.69.140.X 255.255.255.0 standby 10.69.140.X

ACL

access-list wwy-legacy remark Citrix Communications

access-list wwy-legacy extended permit ip object-group All-Citrix object-group All-Citrix

access-list wwy-legacy remark Check Point Firewall MGMT

access-list wwy-legacy extended permit tcp object-group FW-Admins object-group CP-Firewalls object-group CP-svc-tcp

access-list wwy-legacy extended permit udp object-group FW-Admins object-group CP-Firewalls object-group CP-svc-udp

access-list wwy-legacy remark QUALYS Scanner Access

access-list wwy-legacy extended permit ip object-group qualys-scanners any

access-list wwy-legacy extended permit tcp object-group CN_HQ_NET host 10.69.130.12 eq 8080

access-list wwy-legacy remark ISX-Solorwinds

access-list wwy-legacy extended permit udp host 10.121.137.92 any object-group SNMP-mgmt-udp

access-list wwy-legacy extended permit icmp host 10.121.137.92 any

access-list wwy-legacy extended permit icmp any host 10.121.137.92

access-list wwy-legacy extended permit udp any host 10.121.137.92 object-group SNMP-mgmt-udp

access-list wwy-legacy remark citrix access to QA Leo systems

access-list wwy-legacy extended permit tcp object-group vmww-grp-2 object-group vmww-grp-1 eq www

access-list wwy-legacy remark EDI-Outbound

access-list wwy-legacy extended permit tcp host 10.69.130.68 host 198.65.112.233 eq ssh

access-list wwy-legacy extended permit tcp host 10.69.130.66 host 198.65.112.233 eq ssh

access-list wwy-legacy extended permit tcp host 10.69.130.68 host 38.96.217.8 eq ssh

access-list wwy-legacy extended permit tcp host 10.69.130.69 host 38.96.217.8 eq ssh

access-list wwy-legacy extended permit tcp host 10.69.130.68 host 184.106.46.199 eq ssh

access-list wwy-legacy extended permit tcp host 10.69.130.69 host 184.106.46.199 eq ssh

access-list wwy-legacy remark Security

access-list wwy-legacy extended permit tcp object-group CP-Firewalls object-group External-ACS object-group security-svc-tcp

access-list wwy-legacy extended permit udp object-group CP-Firewalls object-group External-ACS object-group security-svc-udp

access-list wwy-legacy extended permit udp object-group Private_Addresses object-group External-ACS object-group security-svc-udp

access-list wwy-legacy extended permit tcp object-group Private_Addresses object-group External-ACS object-group security-svc-tcp

access-list wwy-legacy extended permit tcp object-group Private-Addresses object-group External-ACS object-group security-svc-tcp

access-list wwy-legacy extended permit udp object-group Private-Addresses object-group External-ACS object-group security-svc-udp

access-list wwy-legacy remark EDI

access-list wwy-legacy extended permit ip object-group Primary_EDI_Servers object-group Primary_EDI_Servers

access-list wwy-legacy extended permit tcp object-group EDI_Customer_To_Portals object-group Primary_EDI_Servers object-group EDI-Common_Inbound_tcp

access-list wwy-legacy extended permit tcp object-group EDI_Customer_To_Portals host 10.69.201.88 object-group EDI-Common_Inbound_tcp

access-list wwy-legacy extended permit tcp object-group Primary_EDI_Servers object-group EDI_Customer_To_Portals object-group EDI-Common_Outbound_tcp

access-list wwy-legacy extended permit udp object-group Primary_EDI_Servers object-group EDI_Customer_To_Portals object-group EDI-Common_Outbound_udp

access-list wwy-legacy extended permit tcp object-group Primary_EDI_Servers object-group EDI_Dest_grp eq ssh

access-list wwy-legacy extended permit tcp object-group Primary_EDI_Servers object-group EDI_Dest_grp eq 10022

access-list wwy-legacy extended permit tcp object-group Primary_EDI_Servers object-group EDI_Dest_grp eq 2223

access-list wwy-legacy extended permit tcp object-group Primary_EDI_Servers object-group EDI_Dest_grp eq 2224

access-list wwy-legacy extended permit tcp object-group EDI_Itanium_Servers object-group EDI_Dest_grp eq ssh

access-list wwy-legacy extended permit tcp object-group EDI_Itanium_Servers object-group EDI_Dest_grp eq 10022

access-list wwy-legacy extended permit tcp object-group EDI_Itanium_Servers object-group EDI_Dest_grp eq 2223

access-list wwy-legacy extended permit tcp object-group EDI_Itanium_Servers object-group EDI_Dest_grp eq 2224

access-list outside-acl-01 extended deny ip any any

access-group outside-acl-01 in interface internet-outside