+1 as a feature enhancement for us. Sometimes this will be helpful to compare access-lists that should be maintained in a closely similar pattern. An example would be the access-lists on a production ASA HA pair and the access-lists on the disaster recovery ASA HA pair. Sometimes rules get added to the production environment and not migrated the DR environment and without frequent audits you won't know until you fail over to DR and things stop working.
↧