As you say, using one ASA and the central location would cause a single point of failure.
Having 3 L2L VPN connection would mean that the 2 locations would be able to communicate with eachother even though one failed. (Naturally might be true in the other case too if the failed device/connection wasnt the central one)
All of the environments where I work are using a separate central VPN device which handles the traffic between all the sites BUT usually those sites are all only dependant on the central site anyway and have no real need to be in contact with eachother.
In most cases the central site has redundant devices and connections though so its very rarely the case that the connections are ever totally down (in our setups that I'm referring to)
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...
Dear Team Suppose we have hundreds of rules in access policy on cisco fmc device. Now I want to fetch all access policy rules in which I have mentioned some specific port number X. Can anyone help me with the process to fetch the same?
Greetings everyone, Happy New Year! I would like to thank you all for making our ISE demos in dCloud a great success!
The ISE instant demo has been in the top 5 of Enterprise demos for a long time now and recently just moved into the #1 and 2 slots...
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
A More Intuitive Cognitiv...