Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ASA Multi-Context Wishlist

Our company has implemented a pair of ASAs in multi-context mode as firewall to our Enterprise costumers.

We can say that it was a successful solution, mostly in management point of view.

We were aware of the limitations of  mode when we specified that equipment.

http://www.cisco.com/en/US/docs/security/asa/asa84/asdm64/configuration_guide/mode_contexts.html#wp1191609

But(there is always a but) we miss some features:

  • QoS
    • Would be easier to prioritize the traffic of some IPs directly on ASDM instead of doing it on a Router that we need to put in series with ASA.
    • Not mentioning the Internet bandwidth limitation provided in contract that we could take out of the border router...
  • VPN
    • I almost do not need to explain how complicate is to maintain a pair of IOS Router, with VRF's to provide de VPN service to each costumer...
  • Routing Protocol
    • Its really hard to maintain the statics routes in this scenario, especially if we consider that some of those costumers has more than 50 sites behind that ASA...

P.S.: A controversial  detail in this whole thing is that, our company been a Cisco Partner, the equipment that would bring almost all those features that we need, beyond those already utilized, is a CheckPoint Firewall.

Everyone's tags (5)
426
Views
0
Helpful
0
Replies
CreatePlease to create content