Cisco ASA Firewall Virtualization

Cisco ASA firewall Virtualization is a concept where ASA is divided into multiple virtual standalone firewalls and each virtual standalone firewall acts and behaves as an independent firewall with its own configuration, interfaces, Security Policies, routing table and etc. Virtual ASA is also known as “Security Context”.  Cisco ASA firewall virtualization  is one of the most used technology to provide security services in networking world.

eg. Two virtual firewall (Security Context)- Apple and Orange are created in Physical firewall.

Overview of security context and includes the following topics.

  1. Scenarios in which security context are useful in network deployment.
  2. Single mode VS Multiple mode.
  3. Types of Security context in multiple mode.
  4. How packets are forwarded in Security Context.
  5. Configuring Security context in ASA firewall.
  6. Troubleshooting Security Context.

Scenarios in which security context are useful in network deployment

You might want to use multiple security contexts in the following situations:

Single Mode VS Multiple Mode

Single mode is set by default in Cisco ASA firewall. To create security context in ASA, we need to enable muliptle-context mode globally. Changing mode in cisco ASA from single to mulitple also brings some Benefits and limitation of using Cisco ASA multiple context mode. 

You can check the mode for Firewall by using below Command

ciscoasa# show mode
Security context mode: single

To change from Single mode to multiple mode

ciscoasa# ciscoasa# config t
ciscoasa(config)# mode multiple
WARNING: This command will change the behavior of the device
WARNING: This command will initiate a Reboot
Proceed with change mode? [confirm]
Convert the system configuration? [confirm]

Once you enter mode multiple, ASA will ask for the confirmation and initiate for reboot.

Exit mobile version