I know the ASA can use VM attributes in their policy (basically it sucks in the attribute to IP mappings from vCenter). I don't see why the ASA couldn't have a ACL that uses both VM attributes and Trustsec tags.I was wondering if we've ever thought ...