ASA Security Contexts Tidbit

In this tidbit I want to explain what Cisco ASA Security Contexts are in this blog. A very plain & simple way to put it, security contexts are a way to logically divide the ASA into multiple logical firewalls. It is important to understand that the segregated ASA contexts operate with their own interfaces, rules, administrators, etc.

There are 3 main contexts types that you need be aware of:

  1. System Context = default context

  2. Admin Context = used for management on the hardware (ASA)

  3. Normal Context = Active virtual firewall

To break things down a bit further: System context is what is used to manage/deploy other contexts. It also allows us to implement high availability & physical port assignments. The admin context is the first context that actually counts against consuming a license & must be deployed prior to deploying other normal contexts. Administrators who have access to it have access to other contexts too. Lastly, the normal context is just the type name that defines a virtual firewall that will get used to manage traffic, etc.

Oh, and an important thing to note is that by default the ASA supports two contexts so if you want more you need a license :)

When it comes to having multiple contexts note that there is only one system & one admin context. You can have multiple "normal" contexts. When deploying security contexts there are 3 main components required for deployment:

  • Context name.

  • Location of context's startup configuration. Note that the configuration for each context is also known as a configlet.

  • Interface allocation.

Note that there are additional items that can be configured, but those 3 are the bare minimums.

To see more about configuring contexts, how packets are forwarded, & types of deployments see more posts via the asa tag. Cheers!


Recent Posts

See All

Email Security - S/MIME Tidbit

So it has definitely been a minute since I produced a tidbit. Lately I have been investing personal time into email security. The topics that I have covered thus far are in no particular order, but

November 21 Update Tidbit

Sharing some quick personal news as well as an update with where my head is currently at. I recently invested most of my time with VPNs the last couple of months. So I finally decided to take a stab

Personal Tidbit - Oct 2021

Sharing some exciting news. I recently participated in a Cisco Championship Content competition, & actually claimed first place! Pretty excited to receive the news since I frequently spend time on Ci