Hi Bro

You can’t possible compare Cisco IOS Routers and Switches with Cisco Firewalls. They are both different types of product, with totally different behaviors and purposes.

This is a Cisco FWSM/PIX/ASA Firewall limitation. You can only define one snmp community string, and that too has to be RO, and NOT RW. Perhaps, this Cisco URL link may shed some light on your query http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20031215-pix

There’s a reason to why Cisco Firewalls don’t support RW. RW is used generally, by network management tools such as Cisco Security Manager, Cisco MARS, CiscoWorks etc. to push configurations, IOS etc. to Cisco products in large masses. In fact, RW can also be used as a mitigation approach. Cisco Firewalls being a defensive product by nature, will not allow this to occur. There could be a possibility of un-stealth-ing the product. Hence, only RO is available. Mitigation approach in Cisco Firewalls can always be done through telnet/ssh, if needed.

Note: Perhaps, it doesn't make sense to use a vulnerable/non-secure protocol such as SNMP to manage a security appliance, unless SNMP v3 is introduced.

P/S: If you think this comment is useful, please do rate them nicely :-) and select the option "THIS QUESTION IS ANSWERED"