Cisco ASA and PIX Firewall Handbook

4-1. Using Security Contexts to Make Virtual Firewalls

Beginning with PIX 7.0 and Firewall Services Module (FWSM) 2.2(1), you can configure one physical firewall chassis to act as multiple virtual firewalls. Each virtual firewall is called a context because it is one partition or instance of a fully functional firewall.

Even though all the configured contexts are emulated by a single firewall CPU, the traffic inspection and security policies of each are kept separate, as if they were being handled by a dedicated physical firewall. Therefore, each context can be configured and managed by different administrators, or they can all be managed by one administrator who has access to them.

Traditionally, one physical firewall would be added to a network ...

Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco ASA and PIX Firewall Handbook by Dave Hucaby

4-1. Using Security Contexts to Make Virtual Firewalls

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly