What do I need to know about security contexts for Firewall Services Modules (FWSMs) on Catalyst switches when I add them and discover policies?
A. On FWSMs, you can create security contexts, which act like independent firewalls. If you use this feature and are running IOS software on the chassis, add the chassis device using the SSH credentials for the chassis. Then Security Manager can identify each FWSM on the chassis, and give you the option to add each of them. During FWSM discovery, Security Manager discovers the security contexts for each FWSM, including the policies for the FWSM and for each context. In the device list, each security context is listed separately and the name of the context is appended to the name of the FWSM on which it is defined. (For example, Cat6K_FW_4 might be the FWSM, and Cat6K_FW_4_context1 would be the context1 security context.) You should always perform policy discovery on the chassis, not on the individual FWSM, so that Security Manager can discover the inventory. However, if you are running the Catalyst OS on the device, you must add the FWSM as a standalone device instead of adding the cha
Related Questions
- What do I need to know about security contexts for Firewall Services Modules (FWSMs) on Catalyst switches and 7600 routers when I add them and discover policies?
- What do I need to know about security contexts for Firewall Services Modules (FWSMs) on Catalyst switches when I add them and discover policies?
- Are the Wireless Services Modules (WiSMs) in Catalyst 6500 Switches hot-swappable?
