Contents

Cisco Meraki Security Appliance

Contents

Note: I apologize for the loss of the screen shots. When I transferred my blog host the images were lost and I did not yet have a backup copy.

Being that I actually enjoy networking and it’s not just a job, I like to explore new and different technologies. I also like to continue to learn and branch into areas where I’m not as comfortable. One of these areas being firewalls. In my personal life, I have typically used my home routers with their built-in firewall capabilities (though I have my eye on Sophos). Professionally, I have had very limited experience with Cisco ASAs and Bluecoat devices. However, I recently became aware of a free trial program provided by Cisco Meraki (more info here). I found that I fulfilled the requirements and decided that a little learning couldn’t hurt, so I signed up for the webinar. A short time later the trial appliance arrived. Before I let my coworkers in on my new find I decided to give it a test run.

The initial setup and configuration as well as ongoing management is all cloud-based (apart from supplying it with an IP address and Internet connectivity) and very simple. I was a little leery of this for a firewall which is typically front-line security, but those concerns quickly faded (after disabling the ability for Meraki support to see my organization) once I realized the benefit of a cloud-managed solution with a mobile app. The GUI design and feel is modern and sleek (even the physical device itself is appealing).

From the first login, the dashboard provides a great status of the health of your network and devices right at your fingertips, literally wherever you are at the time. You can see the typical device stats, usage reports, security threats, a map with locations and other details.

Over the next couple of months, I found that this device is packed with extras. They’ve included a free dynamic DNS service, auto-VPN, multi-factor authentication, active-directory integration, QoS, malware protection, content filtering, scheduled/automated firmware updates, an API, etc. All of this packed into a centralized management interface makes for one powerful device. Of course, my sweet spots are the included SNMP, logging, NetFlow, and packet capture for traffic analysis.

[MX65 Packet Capture Fields][2]
MX65 Packet Capture Fields

The capture options aren’t anything special, but they get the job done. During the capture when using the “View output below” option the interface does lag quite a bit, but upon completion everything returns to normal. When downloading to a .pcap file the interface remains snappy, includes a timer, and begins streaming the file to your device. With a little setup, this makes me wonder if you could view the file live much like tailing a log file. What puts this above other devices in this area though is the ability integrate with CloudShark (I’ll review this in a later blog). With a few minutes of setup, you can not only initiate a packet capture from off premises, but also view, store, and share it securely from anywhere.

Despite all there is to love about this new Cisco offering, I found one thing to be lacking: a connection table (at least not one that’s easily accessible). Whether it’s a threat or not, I like my firewall to show me what is attempting to connect to my network and how. Using the various screens and utilities the appliance provides, I can piece together what is happening, but I would rather have some sort of connection log or table provided front and center.

Apart from the additional features that put this device ahead of its competitors, the Meraki MX65 performs its core functionality well. This is not your typical firewall and it won’t be for your traditional firewall admin. This truly is a modern security appliance that factors in today’s technological landscape. Though the MX65 is not an enterprise-level device, I could see it serve well in a SOHO or medium-sized business; especially considering this can double as a router. Those with multiple locations would see even greater benefit with its centralized management. I am confident in this product and will add it to my list of recommendations.