With our latest wireless release, Meraki’s group policies got a powerful boost. As you know, group policies are used to create bandwidth, VLAN, splash page, and Layer 3 firewall rules that can be pushed out to groups of users and devices, even automatically based on device type (i.e., iPads vs. iPhones). Now, Layer 7 firewall and traffic shaping rules can also be deployed.
For the first time, granular Layer 7 control can be applied at the individual client and group level. The surgical precision now available to shape the traffic flowing on your network can’t be overstated.
Let’s take two examples — the first where we apply policies to a specific device; the second where we apply policies automatically based on device type. For the first example, we want to prioritize our CEO’s traffic, and we can create a policy to do so. Our policy grants unlimited bandwidth for many types of traffic, such as email, VoIP, video conferencing, and even social web apps like Facebook or Flickr. It also sets QoS priority via DSCP tagging in the event of network saturation.
A single group policy prioritizes several application categories.
Next, we need to apply our policy specifically to the CEO’s device. To do so, we first search for his laptop and select it:
Finding our CEO’s laptop is easy using Meraki’s real-time search tool.
Once selected, we click “Apply policy,” and choose our recently created policy from a list (note: we even have the flexibility to assign our policy based on which SSID our CEO is connected to):
And that’s it! We now have a tailored policy that prioritizes certain applications for our CEO, and which is only applied to his device.
For the second example, let’s create a single group policy that blocks all P2P traffic, throttles several specific video applications and websites, and prioritizes VoIP — and apply this policy automatically to all Windows PCs that connect to the network. First, we create our policy:
A single group policy shaping P2P, video, and VoIP/videoconferencing traffic.
Next, we enable assignment of group policies based on device type, select Windows devices to apply the policy to, and then select our new policy from a list:
And that’s it! Now we have a single policy shaping P2P, specific video, and VoIP traffic that will automatically apply to any Windows device that connects to our wireless LAN.
We’re excited about the integration of Layer 7 visibility into group policies, and best of all, it’s only one of the new features now available to customers through our new wireless release. So please check it out and let us know what you think…we’re listening!