Meraki - so simple and powerful! - BRINEL · Advanced Malware Protection for Meraki MX Enhanced Threat Defense Contextual Visibility Rapid Detection Ease of Management Automatic protection

Meraki - so simple and powerful!

Voiculescu Bogdan

CLUJ CONNECTING DAY 2018. All rights reserved.


A complete, powerful, and intuitive cloud-managed IT solution

Wireless | Security | Switching | Communications | Enterprise Mobility | Security Cameras

NETWORKING IS COMPLICATED.

WE’RE MAKING IT EASIER, FASTER, AND SMARTER.

Our products are used in over 800,000 networks worldwide;

you’ll find them in classrooms, coffee shops, hospitals, and

hotel rooms. Better networking means that businesses run more

smoothly, and more people have reliable access to the

information they need.

3

Cloud-first IT


Campus / HQ

Branch Office

Retail Store

Teleworker

Intuitive, browser-based

dashboard

Suitable for locations of any size

Centralized, cloud-

hosted platform

Management

Traffic

Meraki endpoints connect

securely to the cloud

4

Secure, scalable architecture allows rapid deployment

CLUJ CONNECTING DAY 2018. All rights reserved. 5

Out of band cloud management reduces overhead

Scalable

Unlimited throughput, no WLAN controller bottlenecks

Add devices or sites in minutes

Reliable

Highly available cloud with multiple datacenters

Network functions even if connection to cloud is interrupted

99.99% uptime SLA

Secure

No user traffic passes through cloud

Fully HIPAA / PCI compliant (level 1 certified)

3rd party security audits, daily penetration testing

Automatic firmware and security updates (user-scheduled)


• A complete cloud managed IT portfolio

• Single pane of glass management

MR

Access Points

MS

Ethernet Switches

Systems Manager

EMM

MX

Security Appliances

MC

Communications

MV

Security Cameras

6

The Meraki Full Stack – An IT Ecosystem

Meraki MR Wireless


Easiest solution to deploy, manage, and maintain

Preconfigure networks before equipment is powered on or connected for rapid, plug-and-play deployment.

Scale quickly without limits or bottlenecks — no need to purchase wireless LAN controllers.

Manage your networks from anywhere you have internet connectivity using our intuitive, web-based dashboard.

Oversee all Meraki and client devices — wired and wireless —from one place for centralized, end-to-end visibility and control.


Granular control over bandwidth, apps, and client devices

9

Get up-to-date insights into clients and application usage thanks to cloud-automated classification and device fingerprinting.

Ensure network stability and higher productivity by prioritizing mission critical apps and throttling low-priority ones.

Ensure baseline security and consistency across sites while drastically reducing deployment time with configuration templates.


Integrated analytics for actionable insights

10

Leverage out-of-the-box analytics to understand client behavior and foot traffic across sites and venues.

Use location data to make informed decisions about

staffing, event or storefront displays, advertising —

even AP placement.

Integrate raw, real-time data with business intelligence

systems and perform deeper analysis using built-in API.


Secure guest wireless in seconds

11

Rapidly deploy secure guest WiFi with one-click client isolation that protects devices and network integrity.

Increase brand awareness and customer engagement through integrated Facebook or Google sign-on, enabling deeper social media analytics.

Deploy targeted advertising via built-in splash page hosting.


Seamless Bluetooth integration for context-aware apps

12

Easily locate and track important assets using built-in Bluetooth Low Energy (BLE) scanning.

Advertise to third-party mobile apps that use BLE to deliver context- and location-aware experiences.


Massively scalable across cities, regions, or continents

• Proven in deployments with 10,000+ devices

13

Telmex

Nationwide hotspot and 3G offload

network

Next Retail

550 retail stores across the UK

Motel 6

70,000 hotel room deployment

Jeffco School District

80,000 student district with 100+

schools


Meraki MS Switches


Easiest solution to deploy, manage, and maintain

Preconfigure networks before equipment is powered on or connected for rapid, plug-and-play deployment.

Scale quickly without limits or bottlenecks — no need to purchase and support overlay management solutions.

Manage your networks from anywhere you have internet connectivity using our intuitive, web-based dashboard.

Oversee all Meraki and client devices — wired and wireless —from one place for centralized, end-to-end visibility and control.


Integrated logging, alerting and anomaly detection

Leverage out-of-the-box analytics to understand client behavior and network traffic across sites.

Use detailed network reporting to make informed

decisions about infrastructure expansion, staffing

and more.

Integrate raw, real-time data with business intelligence

systems and perform deeper analysis using built-in API

and logging export capabilities


Simplifying multisite management

Virtual stacking

Single pane of glass visibility into

all switches and ports

Configure ports in minutes,

regardless of model or location

Easy to deploy & manage

Zero-touch site provisioning

Switch cloning in 3 clicks

Seamless updates from the cloud

Network-wide monitoring and

alerts

Built-in troubleshooting tools

Remote packet capture

Local configuration page

(switch.meraki.com)

Cable test tool


Enhancing network-wide security

Lock down wired LAN access

802.1X access policies require either

user or device-based authentication

Easily disallow all port access except

to specific whitelisted devices

ACLs filter unwanted services,

clients, and access

Reduce window of exposure

Time-based port schedules can

disable ports during off-hours

Network-wide monitoring and alerts

Multi-tenant dashboard and mobile

app reduce response times

Built-in troubleshooting tools

Per-port monitoring

Integrated rogue DHCP server

containment at no additional cost or

licensing


Avoiding downtime and client disruption

Physical Stacking

Supported on Layer 3 models

Immediate failover if hardware goes

offline

No need to reconfigure other network

devices

Dynamic Routing with Gateway

Redundancy

Built-in routing resilience

Automatically adapts to detected link

failures

Graphical UI reduces opportunities for

error

DHCP and IP services

Supports multiple DHCP relay

definitions

Supports reservations and DHCP

snooping

Seamlessly transitions to warm spare in

failover mode and on stacked switches


Flexible stacking options

Benefits of virtual stacking apply equally to

standalone or physically stacked switches

Step 1

Select ports to edit

Step 2

Configure multiple ports as desired

Step 3

Save; you’re done!

Apply Access Policy on ports 1-10

San Francisco

London

Londonstacked

switches

standalone

switches


Ongoing feature updates delivered from the cloud

Per-port bandwidth utilization

Introduced for all customers in November 2016

Update to the Switch Detail view

Introduced for all customers in September 2016

Change of Authorization for NAC and Wired

security

Introduced for all customers in October 2016


Security made simple


Application Control

Bandwidth shaping

URL content filtering

Quality of Service

control

Security

Next generation firewall

AES encrypted VPN

Intrusion prevention

(IPS)

Malware protection

Geo-IP firewalling

Networking

3G / 4G failover

Branch routing

WAN balancing and

failover

High Availability

Intelligent path control

25

Complete connectivity and threat management


Ironclad security

Next Generation Firewall Application aware firewalling

Intrusion Prevention

(IPS)Based on Cisco Snort

URL Content FilteringWith over 80 categories and

over 4 billion categorized URLs

Geo-based security Allow or block traffic by country

Malware Protection Cisco AMP and Threat Grid

Automatic updatesSoftware and security updates

delivered from the cloud

PCI compliancePCI 3.2 certified cloud

management backend


Backed by Cisco Talos

1.5 million malware

samples / day

600 billion email

messages / day

16 billion web

requests / day

Honeypots

Open source

communitiesInternal

vulnerability

discovery

Telemetry

Internet-wide

scanning

Over 250 full time

threat researchers

Millions of

telemetry

agents

4 global data

centers

Over 100 threat

intelligence

partners

Over 1100 threat

traps


Advanced Malware Protection for Meraki MX

Enhanced Threat

Defense

Contextual

Visibility

Rapid

Detection

Ease of

ManagementAutomatic protection against

an ever-growing list of known

malicious files, plus malware

sandboxing with Threat Grid

Security Center makes it

easy to ensure you have the

latest information about

attacks on your network

Automatic alerting when a

downloaded file is found to

be malicious after the fact

Enable best-in-class

malware protection with just

two clicks

220 million known malicious files

407 million known clean files

1.5 million new incoming malware samples per day

1.6 million devices using AMP globally

3.1 billion lookup requests per day


How does it work?


Automated site-to-site VPN (Auto VPN)

Simple Create VPN tunnels between locations with easy point-and-click interface, or apply

configuration templates to enable and configure VPN at many locations at once

Automatic VPN configuration generated and deployed automatically from the cloud – create a

mesh or hub-and-spoke topology with only a few clicks

Resilient Automatically adjusts to changes in order to maintain secure connectivity during an

ISP or datacenter outage, hardware failure, or IP address update


Reliable, cost effective connectivity: Meraki SD-WAN

Dual uplink ports2 uplink support on all MX models for load balancing

and redundancy

LTE failover USB modem support in all models with automatic

failover

Site to site VPNCloud orchestrated VPN (Meraki Auto VPN) with load

balancing and self-healing capabilities

Intelligent path

control

Policy based routing and performance based dynamic

path selection

Branch Routing

Automatic route distribution via Auto VPN

OSPF route advertisement

BGP support coming soon

High Availability Active/passive hardware redundancy

Traffic shaping Application bandwidth limiting and prioritization


Traffic monitoring and analytics

• View bandwidth usage by application or by client

• Highlight an application or a client to see their portion of total network bandwidth

• See a client’s active time for specific applications

• Easily create policies to limit bandwidth for problematic users or applications


URL Logging

• See complete web browsing history

• Smart search to find the specific information you need

• Active Directory integration for user identification

• See data for one location or across all locations

• Export log data for aggregation if needed


VPN health and bandwidth monitoring

• See VPN connection status between locations

• Monitor VPN bandwidth usage

• Track performance of VPN tunnels using built-in loss, latency, jitter, and MOS voice score reporting

• Live updating log of traffic flows and path decisions

• Compare historical performance to configured performance policies


Email alerts from the cloud

• Fully integrated alerting - no need for an email server

• Customizable alerting – only get emails about the things you need to know about

• Get alerts if critical network clients go offline

• Configure alerting for all Cisco Meraki devices in one simple interface

• Send alerts to network administrators or custom recipients


Meraki SM – Cisco’s Enterprise Mobility Management


Enterprise

Mobility

Management

Mobile

Application

Management

Mobile

Content

Management

Mobile Device

Management

Mobile

identity

What is EMM?

38


• Total management for mobile and desktop

• Provision settings and restrictions

• Inventory management and device tracking

• Remote wipe; full device and enterprise

• Remote viewing and troubleshooting

• Native remote desktop support

Mobile Device Management

39


• Deploy in-house developed and public apps

• Enterprise app store and cloud hosting

• Native app containerization with Android for Work, iOS Open-in

• Managed-app configuration

• Volume app purchasing

Mobile Application Management

40


• Access policies for files distribution, replacement, and deletion

• Conditional access to files including copy/paste and e-mail attachments

• Enterprise file sync and sharing (EFSS) e.g. Dropbox integration

• Enable shared use of mobile devices

Mobile Content Management

41


SM provisioning and security is applied to devices based on identity

Policies can be assigned automatically or manually

Automatic tags are based on;

Geolocation

Time of Day

User Group

Device Type

Security Posture

Mobile identity

42


Cisco’s EMM - Systems Manager

43

Cisco’s Enterprise Mobility Management solution

Millions of devices managed managed globally

Scale from 1 to 100,000 to devices

Native network integration

Multi-OS management


Meraki MV Security Cameras


Additional on-premise hardware

Ex. Network Video Recorder

(NVR)

DVDs, thumb drives, VHS,

and other outdated sharing

options

Standalone software

packages, drivers, plug-ins,

and IP configuration

WITH MV, SAY GOODBYE TO

Current Video Surveillance Solutions

46


Less than 50kbps upstream bandwidth per camera

Configuration, thumbnails, and metadata stored in the cloud

Hybrid video processing: video is analysed on camera, motion indexed in the cloud

Cutting Edge Architecture

47


The MV Product Philosophy

The goal: apply Meraki’s expertise in cloud, distributed computational systems, and UX design to video surveillance.

48

Solving problems, not building features


Video At Rest Management DataVideo During Transport

Encryption by Default

49


Meraki MV Security Cameras• The newest Meraki product family

50

MV21 Indoor Camera

MV71 Outdoor Camera

The only security camera from a cloud leader

Managed through the Meraki dashboard

128GB of solid state storage on each camera

Motion and schedule-based retention*

*95% of MV cameras will store at least 30 days with Standard image quality




Thank you!

Eveniment sutinut de

Documents

Meraki - so simple and powerful! - BRINEL · Advanced Malware Protection for Meraki MX Enhanced Threat Defense Contextual Visibility Rapid Detection Ease of Management Automatic protection