Share an ASA Access Control List with Multiple ASA Devices
Sharing access policies in network security effectively improves efficiency, consistency, and centralized management, leading to an overall improved security posture. With a shared access control list, you can define access rules once on an ASA device and apply them to other CDO-managed ASA devices rather than configuring them separately. This ensures consistency in the network and reduces the risk of misconfigurations. Additionally, shared access control lists provide scalability because networks grow and evolve by allowing you to manage access control lists for increasing users and ASA devices.
Keep the following points in mind:
-
Access control list rules are shared, but the interfaces are not included.
-
Sharing an access control list with other ASA devices will overwrite any existing access control lists with the same name.
Procedure
Step 1 | In the left pane, click Inventory. |
Step 2 | Click the ASA tab and select an ASA device by checking the corresponding check box. |
Step 3 | In the Management pane on the right, click Policy. |
Step 4 | From the Selected Access List drop-down list, choose an access control list. |
Step 5 | In the Actions pane that is displayed on the right, click Share. |
Step 6 | Select the ASA devices by checking the corresponding check box and click Save. In the Device Relationships pane displayed on the right, the ASA devices that share the selected access control list are displayed. |
Step 7 | Review and deploy the changes you made now, or wait and deploy multiple changes. |