i have an 2 no's of physical FTD in HA and in multiple context that are splited as an internet firewall and DC Firewall, hence as i know it is not a good practice from the security perspective can i know the disadvantages for the same.
@adamgibs7 there is no such thing as multi-context on FTD, this is only supported on ASA. There is a similar concept called multi-instance, where you can deploy multiple container instances on a single chassis that act as completely independent devices. As these devices are independant, they are as secure as the administrator configures them.
This is supported on Firepower 3100, 4100, 4200 and 9300 series hardware only.
@adamgibs7 there is no such thing as multi-context on FTD, this is only supported on ASA. There is a similar concept called multi-instance, where you can deploy multiple container instances on a single chassis that act as completely independent devices. As these devices are independant, they are as secure as the administrator configures them.
This is supported on Firepower 3100, 4100, 4200 and 9300 series hardware only.
The resources are shared on the physical boxes, if a perimeter firewall face an DDOS attack the firewall will reboot which will reboot all the instances, please correct me if i m wrong.
@adamgibs7 the hardware resources are not shared, instances allow hard resource separation, separate configuration management, separate reloads, separate software updates.
