The critical security tool you may be overlooking

The Meraki MX’s content filtering can prevent phishing attacks, online fraud, and more, and can be flexibly deployed with group-based policies or site-wide.

When we think of perimeter security, we often conjure thoughts of stateful firewalls and hard core intrusion prevention systems — two features all Cisco Meraki MX security appliances offer. Content filtering, on the other hand, is often relegated to the more parental role of keeping adult material and spam off the network. But if this is how you make use of the features provided in Meraki’s security appliances, you are missing a golden opportunity to harden security across all your sites.

Meraki provides content filtering on its MXs through a partnership with Webroot BrightCloud, a market leader in cloud-based content filtering. This partnership enables Meraki to provide URL analysis and blocking based on content categories that are kept up-to-date by Webroot (there is no URL lookup file to download and maintain). When running Meraki content filtering in Full list mode, URLs are analyzed via cloud lookup—so no website ever goes unclassified.

Screen Shot 2014-04-28 at 10.43.53 AM.png

Choose from over 70 categories of content to block site-wide or granularly, through group-based policies.

 

Thus, with no manual effort, the Meraki MX can ensure malicious websites (along with any infection vector they host) are blocked—keeping the network secure.

 

Applying filtering policies

 

You have a choice when deploying MX content filtering policies: set site-wide filtering rules or apply policies granularly, to specific users, devices, or groups. Site-wide protection is set by navigating to Configure > Content filtering in the Meraki dashboard, and then choosing the categories you wish to block. You can whitelist or filter specific websites and domains to fine tune control.

 

Screen Shot 2014-04-28 at 10.44.07 AM.png

Enabling content filtering site-wide with the Meraki MX.

 

What if you want to enforce basic site-wide filtering (or none at all), and enforce different levels of content filtering for individual groups of users or devices? For example, what if you want teachers and staff to have a less restrictive content blocking than students?

To set granular restrictions, navigate to Configure > Group policies, and create or select a group policy you wish to modify. In the section labeled “Security appliance only,” you have the option to append to, or override, any site-wide content filtering rules.

 

Screen Shot 2014-04-28 at 11.12.16 AM.png

Enforcing additional content filtering restrictions via group policy.

 

Once your policy is saved, you can then apply it to users or devices.  For example, the MX integrates seamlessly with Active Directory servers, making it easy to link policies to specific groups of users:

Screen Shot 2014-04-28 at 11.33.05 AM.png

Applying “Guest” and “Contractors” group policies to AD groups in the Meraki dashboard.

 

In sum: content filtering is a significant source of network security, and like any other tool, is most effective when up-to-date and applied with precision. The Meraki MX’s content filtering easily overcomes both of these challenges, and we encourage you to use it when securing your network infrastructure.