I'm interested in the high availability features of the ASA, in particular mitigating a failed ASA.
I am aware of the idea of two ASAs in active/standby failover configuration. I also understand that the standby ASA assumes the IP addresses and MAC addresses of the active unit in a failover, and vice-versa. Since the MAC and IP addresses are the same, the routing or ARP tables of devices in front of and behind the ASA(s) see no difference.
My question is how to further increase resiliency - since on the outside interfaces of the ASAs there would need to be a connection to a switch (one to each ASA), that switch is now the single point of failure. Do users ever add redundancy to the switches in front of or behind that ASA? For instance, a set of stacked switches? I can't imagine there would be two ports from the same switch with one going into each ASA as that defeats the purpose of a single point of failure right?