Archive for May, 2010
Identity Policy Manager… coming soon to a network near you.
The Meraki Identity Policy Manager (IPM) is now being rolled out to Meraki Enterprise customer network with the latest firmware release. Look for a Dashboard notification of an upcoming firmware upgrade to your network, and after that upgrade you will see a new page under the Configure tab called Group Policies:
IPM can be used to create identity-based policy controls. What this means is that you can define groups of users and set different policies for each group. VLAN tagging, bandwidth limitations and customized access control lists (ACLs) can be applied on a per-device, per-user or per-group basis over a single SSID. IPM integrates with an existing Active Directory or RADIUS environment, allowing you to seamlessly enforce existing policies over the wireless network.
Here is an example of how you might use IPM to configure a group policy for contractors in your office to give them limited access to LAN resources:
This new capability is now included with the Meraki Enterprise Cloud Controller, no additional licenses required. Another example of the how Meraki’s cloud-based architecture provides a constantly evolving feature-set and unmatched future-proofing of your network.
-Posted by Greg Williams
Be our guest to great wireless! Introducing the Guest Management Portal
Meraki Enterprise customers will now notice a new feature on the Network-wide Settings page under the Configure tab in Dashboard: the ability to create guest ambassador accounts. Guest ambassador accounts give an office receptionist the ability to create guest access accounts for Meraki wireless networks.
Guest Ambassador accounts give the user access to a single page in Dashboard: the new Guest Management Portal. Using the portal the receptionist can create username and password credentials on-the-fly to distribute to guests that will automatically expire after a specified time period.
This new feature makes it even easier to offer hassle-free guest access wireless to your visitors while maintaining the security and access control that you need for your corporate network.
– Posted by Greg Williams
Meraki Now Supports Smart Client Roaming
To support the needs of some of our large service provider customers, Meraki now supports the Wi-Fi Alliance WISPr protocol. What this means is that wireless users who subscribe to a multi-provider service like Boingo can roam across different service provider networks like AT&T, T-Mobile, and Telmex and authenticate seamlessly via RADIUS without the need to interact with a captive portal. This is similar to how cellphone users are allowed to roam across different networks, and is also known as Smart Client roaming. For example, one of our larger service provider customers can now allow users to roam across networks covering hundreds of Starbucks cafes and restaurants like Burger King. This allows service providers to offer convenient, hassle-free wireless access wherever their customers need it with minimum hassle as an added value service to their subscribers. This is a great example of how Meraki networks can be used by service providers to expand their businesses and improve service levels to their own customers.
– Posted by Greg Williams
We’re not sure why you’d want to hide such a beautiful wireless network, but….
Sometimes there are good reasons to not want to broadcast an SSID. Often it is to prevent wireless users from associating to an SSID that they are not supposed to associate to, or if neighbors in adjacent buildings are averse to having RF “clutter” coming onto their property.
Starting today, all Meraki Enterprise network administrators will find a new feature on the Access Control page – Configure tab under Wireless Options in Dashboard: the ability to hide SSIDs. With this feature turned on for an SSID, anyone searching for nearby wireless networks with their wireless card in their laptop or iPhone would not see this SSID, and would only be able to connect if they knew the name of the SSID.
See the below screen shot for what the new drop-down tool looks like in Dashboard:
Note: Meraki does not recommend hiding SSIDs as the sole means of securing a wireless network against unauthorized access. WPA/WPA2 authentication and encryption should still be used to secure your network.
Happy hiding!
-Posted by Greg Williams
We're not sure why you'd want to hide such a beautiful wireless network, but….
Sometimes there are good reasons to not want to broadcast an SSID. Often it is to prevent wireless users from associating to an SSID that they are not supposed to associate to, or if neighbors in adjacent buildings are averse to having RF “clutter” coming onto their property.
Starting today, all Meraki Enterprise network administrators will find a new feature on the Access Control page – Configure tab under Wireless Options in Dashboard: the ability to hide SSIDs. With this feature turned on for an SSID, anyone searching for nearby wireless networks with their wireless card in their laptop or iPhone would not see this SSID, and would only be able to connect if they knew the name of the SSID.
See the below screen shot for what the new drop-down tool looks like in Dashboard:
Note: Meraki does not recommend hiding SSIDs as the sole means of securing a wireless network against unauthorized access. WPA/WPA2 authentication and encryption should still be used to secure your network.
Happy hiding!
-Posted by Greg Williams