Archive for June, 2014

High availability for Cisco Meraki switches

As part of our latest Cisco Meraki MS feature release, we’re pleased to announce support for warm spare failover in our layer 3 switch models—the MS320 and MS420 families. This brings high availability to our mission critical MS products through Virtual Router Redundancy Protocol (VRRP), ensuring that if a VRRP-enabled Meraki switch goes offline, a backup MS will immediately take over its gateway responsibilities.

 

How it works

 

During normal operation, both switches are online and respond to Layer 2 traffic. The primary switch, however, handles all Layer 3 network requests while the spare switch monitors its connection to the primary. Both primary and spare switches have unique IP addresses for management communication with the Meraki cloud (e.g., 10.0.1.14 and 10.0.1.15, respectively, in the image below), but they also share a virtual IP address—serving as the gateway address for each IP subnet on the switch—for all non-management communication. From the point of view of other devices on the network, this shared virtual IP (vIP) is the default address for communication with the primary switch.

 

ms-virtual-ip-failover-3

Other network devices send packets addressed to the virtual IP.

 

In the event the primary switch becomes unresponsive, the spare will immediately detect the change in connectivity and take over the primary switch’s Layer 3 responsibilities; it does this by responding to network requests addressed to the vIP. From the point of view of all other network devices, nothing has changed: they still communicate through the vIP, and have no knowledge that, from a physical standpoint, they are interacting with a new switch. Downtime and client disruption are minimized. Network alerting can be enabled to notify you that the primary switch is offline, keeping you informed that failover has occurred.

 

Configuring warm spare failover

 

Configuring an MS switch as a warm spare is easy: simply navigate to Configure > Layer 3 routing in the Meraki dashboard, and select the “Add new warm spare” button. Next, select primary and spare switches.

Screen Shot 2014-06-23 at 5.12.04 PM.png

Meraki MS warm spare functionality is easy to configure in the Meraki dashboard.

 

Screen Shot 2014-06-23 at 5.33.14 PM.png

Simply choose primary and spare switches from dashboard drop down lists.

 

Note that warm spare failover is only supported between Meraki switches within the same product family (e.g., MS320), though it’s not necessary to deploy the same model within a family. Warm spare failover cannot be configured between Meraki switches and non-Meraki peers.

Having warm spare failover for mission critical switches keeps outages from impacting resource availability on your network. We’re thrilled to offer warm spare failover on our Layer 3-capable switches, and encourage you to give us your feedback through our Make A Wish feature and via social media.

 

Posted in Company Blog | Comments Off on High availability for Cisco Meraki switches

New, mission critical MS switch features

We are thrilled to announce new features for our Cisco Meraki MS switches that will become generally available to customers in our upcoming summer firmware update (check back soon for in-depth posts about each feature).

New functionality includes:

  • Open Shortest Path First (OSPF) dynamic routing

  • Virtual Router Redundancy Protocol (VRRP) support

  • IPv4 Access Control Lists (ACLs)

  • DHCP server

  • IPv6 visibility and tracking

Taken together, these enhancements address evolving customer needs around redundancy, campus connectivity, and reduced complexity.

 

Redundancy & availability

 

Uptime needs are driving demand for warm failover techniques. Support for VRRP allows MS320 and MS420 switches to provide high availability via a warm spare, ensuring that if a VRRP-enabled switch goes down, a backup switch will immediately take over its gateway responsibilities—preventing downtime and client disruption.

New and compelling MS features like OSPF dynamic routing (distinctive for being configurable without a command line) and integrated DHCP service help prevent single points of network failure—like lost access to a blocked traffic pathway that can be re-routed, or the failure of the only accessible DHCP server on a network segment.

chosen.png

Configuring a secondary, Layer 3 Meraki switch as a warm spare.

 

Campus connectivity & distributed sites

 

Large deployments are creating new performance, security, and management requirements for IT admins. One well-established trend in network design optimizes performance using dynamic routing at Layer 3. The Meraki MS320 and MS420 switches now support OSPF, allowing improved deployment flexibility, routing resiliency, and traffic flow.

From a security standpoint, switch ACLs provide secure boundaries between VLANs, hosts, services, and the Internet by filtering traffic based on subnet, protocol port range, or host.

Large, distributed deployments also require intuitive, centralized management of networks and switches. Meraki MS switches can be set up from remote locations via zero-touch configuration and then managed from any Internet-accessible device. Built-in tools like Virtual Stacking allow IT admins to rapidly configure ports across all switches in a network—regardless of switch model or geographic location. Additional tools like integrated packet capture and cable testing allow for remote troubleshooting.

Finally, as networks grow, IPv4 address space has become constricted—and the world is slowly transitioning to IPv6. The MS switches can bridge IPv6 and are the first Meraki product to provide visibility and tracking for IPv6 addresses from within the dashboard; you can now view IPv6 devices identified by MS switches in the Monitor > Clients page.

IPv6-edits

MS switches support IPv6 visibility into clients and application use.

 

Reduced complexity

 

Meraki products are designed from the ground up for intuitive configuration and use; we always attempt to reduce complexity for our customers. In this spirit, our graphical implementation of OSPF reduces the “pilot error” of traditional, manual methods of dynamic routing setup. There is no need to remember complex command lines or fret about a mistype, and it’s easy to visualize switches and Layer 3 configuration from within the dashboard.

Additionally, there are benefits innate to Meraki’s cloud-managed design that reduce complexity, like our PCI-compliant cloud architecture, built-in backend redundancy, automatic firmware updates, and up-to-date device and application fingerprinting. These features ensure IT admins waste no time worrying about securing the Meraki control plane, downloading and manually installing configuration updates, or installing new definitions for client visibility.

ospf edits

Intuitive, graphical control for dynamic routing reduces complexity and opportunities for misconfiguration.

 

For more information

 

In sum, we’re excited about these new features, many of which have been heavily wished for by our customers. Please let us know what you think through our social media feeds, and check our website for specific switch models, data sheets, and whitepapers.

 

Posted in Company Blog | Comments Off on New, mission critical MS switch features

Start your engines. Time to build a new network!

The Chevrolet Detroit Belle Isle Grand Prix is an exciting weekend of racing with its origins dating back to the 1980s when Detroit was on the Formula 1 World Championship circuit. Today the Raceway on Belle Isle Park is a regular fixture on the United States Verizon IndyCar Series and TUDOR United Sportscar Championship series schedules. The event has become hugely successful, drawing crowds from far and wide to Motor City, as Detroit is affectionately known.

lat-levitt-dgp-0514_09192.jpg
Credit http://www.latphotousa.com/

As with any event of this nature, there is always a large contingent of media personnel in attendance and generating huge quantities of data, particularly high resolution photos and video which must be transmitted back to multiple media organizations. For many years, Cisco has been providing the network for this event, so we were super excited when it was decided to go with a cloud managed Cisco Meraki network for the 2014 race weekend, which took place May 30 – June 1.

Detroit GP Network Diagram

The network was built on the two floors of the historic, 107 year old Casino Building on Belle Isle, which was dedicated to media personnel during the race weekend. A simple design started with a 45Mb/s Internet connection with a backup DSL connection, feeding into a Meraki MX100 Security Appliance and then relayed out to an array of strategically placed switches and wireless access points. Here’s a quick look at part of the media center during the event. Can you spot the AP?

IMG_0320.EC.jpg

One of the primary reasons for choosing Meraki was the excellent application and client visibility available in the dashboard. A summary report for the peak usage days of the event showed that almost 2 terabytes of data was transferred across the network, with an approximate 50/50 split between uploaded and downloaded data, and with peak throughput approaching 240Mb/s. Here’s the clients view for the period:

Screen Shot 2014-06-03 at 10.15.14.png

Screen Shot 2014-06-03 at 10.21.09.png

Client device connections were evenly split between wired and wireless via multiple device types. For the wireless clients, the dashboard’s Location Heatmap view was able to show where the main concentrations of clients were to be found. This information can be extremely useful for more permanent networks, helping to ensure real world client density in a given spot is adequately catered for by the available access points. In a retail deployment it can also provide the retailer with an indication as to the popularity of different areas. The green icons in this heatmap indicate healthy access points, and the numbers shown within each is the number of associated clients at the moment this snapshot was taken.

gpheatmap.png

Our location analytics also provided valuable data, covering numbers of clients, the number of repeat visits over the duration of the event, and how long they were connected each day, as seen in this example:

Meraki cloud networking is the perfect solution for events like these. In the case of the Chevrolet Detroit Belle Isle Grand Prix the network was put together in half a day by the team from Penske IT, who had never worked with the equipment before. We’ve always been proud of how quickly network engineers can adapt to and deploy Cisco Meraki equipment, and of course this translates to greater efficiency and reduced operational cost for our customers.

Our free trial program is designed to demonstrate the ease of setup and powerful monitoring capability in real-world settings, so why not supercharge your network administration and sign-up today.

 

Posted in Company Blog | Comments Off on Start your engines. Time to build a new network!

Guest Post – June 2014

Our guest post this month comes from Brandon Froehlich, an IT Project Manager at Integrity Computer Service in North Carolina. We encounter plenty of enthusiasm for our intuitive cloud managed networking, from the customers using our networks to the partners who help deliver Meraki products to their markets, bringing the cloud’s rich functionality to life. Today we have a shining example of this, and as you’ll see, there was clearly no holding Brandon back:

I’ve been using Meraki products for two years now, and I absolutely love their approach to management. It all started with the free wireless access point and free mobile device management. After getting used to the dashboard and seeing how easy it was to configure settings, I became hooked. At my previous employer, I had the opportunity to deploy the full Meraki stack (security appliance, managed switches, access points, and MDM) and they are still running smoothly and loving their Meraki network. I have since joined an MSP and we are laser-focused on integrating the Meraki stack into our business model.

 The best part about the Meraki dashboard is the Layer 7 visibility you get with all of their networking products. This is one of the many features that adds tremendous value to businesses. Gaining this type of visibility historically meant running expensive on-premise software which was a large barrier for many small businesses. This visibility became critical in helping us track down a virus at a customer site.

We installed an MX60 for a customer of ours that had been experiencing slow Internet performance. As a company that relies on various SaaS solutions, it is critical that their applications are readily available and not bogged–down by people watching YouTube or downloading torrents. They had been using another vendor’s product, but it gave us very little room to work with in throttling application specific traffic. All we could see was aggregate application usage and it wasn’t helpful in identifying individual bandwidth offenders. Shortly after installing the MX60, we found such an individual and investigated further. As you can see below, this user was sending a large amount of data to a remote server named secondfatman.

screencap

 A quick Google search turned up this article from Microsoft that tells us this is the behavior of a Trojan virus. Armed with this knowledge, we were able to quickly and easily block this device from accessing the Internet with just a few clicks.

To further enhance the security of this particular network, we implemented HIPAA compliant policies using the Dashboard and it couldn’t have been easier! Setting up group policies and content filtering was a breeze thanks to the user friendly management interface.

In summary, Meraki has delivered once again and added value to a business that was suffering from slow network performance. We were able to identify and address the issue almost immediately and with little administrative effort. With the Meraki Dashboard, we were also able to help this company achieve and maintain HIPAA compliance by fine-tuning policies on their firewall. We are now implementing a program internally to replace all the other vendor’s security appliances we have out in the wild with Meraki’s!

 Thanks to all at Meraki for such a wonderful product portfolio and service offering!

We loved the raw energy in this piece. From the feedback we receive we know our application visibility and control is helping solve real–world issues like the one Brandon set out every day. Do you know what’s on your network? If you’re not already using Cisco Meraki then why not give it a try and see for yourself.

 A t–shirt is on its way to Brandon. If you’d like to submit your own Meraki story, check out this blog post where we introduced the guest post program we’re running through the summer.

 

Posted in Company Blog | Comments Off on Guest Post – June 2014

Phone Home for Free – A Customer Story

Note: The full case study will be featured on our website soon, but here is a sneak peek into how they are using VOIP and the automatic failover mechanisms built into Meraki products to support their business operation.

Based in Perth, Australia, Cash Converters is a pawnbroking franchise company and retailer, with over 700 stores in 21 countries that specialize in the sale of second-hand goods. All of their stores operate on an online point of sale system, making Internet connectivity critical. “We are 100% dependent on the Internet at all times,” Duncalf stressed.

To ensure a secure, reliable, and scalable network, each Australian Cash Converters store is equipped with a full Meraki stack, consisting of a Cisco Meraki MX security appliance, MS switch, and MR wireless access point. The stores use a fully-redundant MPLS network, with traffic spanned across multiple VLANs.

For the giant pawnbroker, one of the most attractive features of the Meraki offering is the automatic failover mechanism built into each MX security appliance. The MX can automatically failover to VPN in case the MPLS connection is ever lost. This way, traffic continues to pass between sites over the encrypted VPN tunnel, avoiding downtime without sacrificing data security. Employees are able to complete sales transactions, determine the appropriate buying price of incoming goods, update settings for purchased mobile devices, and other necessary business functions at all times.

The Cisco Meraki MX also supports cellular connectivity through 3G and 4G USB modems, maximizing network uptime by relying on this cellular connection in case the primary ISP links go down. With this appliance installed at every location, there is now no single point of failure in the Cash Converters network, “effectively making our uptime 100%,” Duncalf reported.

Confident in the strength of their network, all of the desktop phones at Cash Converters locations are now hooked into the Meraki switches. “To make every store unique, we gave each store its own number, which relates to its IP address,” Duncalf explained. The unique addresses are used by Cash Converters to set up IP forwarding to certain switch ports, enable VoIP for each location, and then configure 1:1 NAT with their security appliance and phone system. Cisco phones connect directly to the PoE switches, traverse into the corporate network over the MPLS cloud, and are then routed to the call manager at corporate headquarters.

All phone calls are now free between distant sites as a result of this network design. “We worked with Meraki Support to figure out some of the intricacies involved in our specific setup,” Duncalf said. “Support was awesome, they really came through for us.” The self-healing properties of the Meraki design allow these phones to stay connected and functional, even in the case of network failure.

Easily configure settings for business-grade voice over IP telephony in dashboard

With a solid solution now in place, Cash Converters is able to keep their IT team lean and their focus on expanding their business, not worrying about their network. To read more about Cash Converters and their unique Meraki deployment, keep an eye out for the full case study coming soon to our website!

Posted in Company Blog | Comments Off on Phone Home for Free – A Customer Story

Measuring Common Core success at Oakland USD

The goal at Cisco Meraki is to make products that provide solutions to our customers’ challenges in a way that’s intuitive, simple, and reliable. We recently had the opportunity to chat with Northern California’s Oakland Unified School District and discuss how the rapid deployment of Meraki products facilitated the launching of a new, state-wide learning initiative.

The 2013-2014 school year marked the first implementation of the new Common Core testing standards in California. Common Core is a state-mandated online learning and testing initiative which sets standards for mathematics and English.

The switch from a traditional testing model to an online testing model has numerous benefits, including standardized learning across states and a higher level of thinking where students must defend their answers. However, there are several elements needed in order to support hundreds of students testing online simultaneously. Many schools have opted to perform testing on school-issued mobile devices, but for this to work, schools need a robust and reliable wireless infrastructure in place.

Oakland USD’s Chief Technology Officer John Krull began working with the district in August 2013 and needed to quickly find a solution for how the district was going to execute Common Core testing in April 2014.

About Oakland Unified School District

Oakland USD provides educational services to over 37,000 students annually and is comprised of more than 120 K-12 schools and child development centers. When Krull joined the district, he discovered that while the previous network was functional, it was only meant to support the laptop of the occasional roaming teacher. Its intended use was not for classrooms of students using mobile devices for collaboration and certainly not for supporting hundreds of students accessing online tests all at once.

Each of the district’s sites generally lacked both consistency in mobile device offerings and the ability to support them. “There was inequality across the sites when facing online testing,” Krull explained. “We had 10,000 computers to use for testing, but the computers were all different makes and models. The network had the same problem.” Students and staff had been using an aging computer system to integrate technology into the classroom, but it was not robust enough to meet the new education requirements.

New technology and an upgraded network

With only 5 of 34 IT staff dedicated to network operation, Krull’s mantra of “equitable, supportable, and standardized” is crucial to maintaining daily operations. A recent award in federal funding helped fulfill this philosophy by financing the initial purchase of Meraki 802.11ac APs, as well as 10,000 new Chromebooks. Conforming all school sites to a model of mobile Chromebooks carts with a Meraki AP attached provided the equality and standardization Krull desired.

Oakland USD’s network architecture

All of the sites are connected in a hub and spoke architecture via a metropolitan WAN which routes all traffic back to a main data center, running alongside a redundant backup. The data center houses district services including storage, servers, firewall, and security. Depending on location size, the network connection comes in to Cisco switches in the main wiring closet which are then connected to smaller wiring closets as needed. Krull explained that simplification of the network is critical in a district the size of Oakland USD, “and even though the Cisco Catalyst 3k switches that we use can be complex, the integration with Meraki wireless helps make them easy.”

OUSD - DC&Schools_Case_Study_Diagram

Oakland USD datacenter and network architecture

The IT team created the initial AP configuration in the Meraki dashboard and once the Meraki APs were plugged in on the Chromebook carts, they downloaded their configurations. Along with the Meraki 802.11ac AP mounted on each Chromebook cart, the plan is to also place a Meraki AP in every classroom and workspace. APs on carts will be dedicated to testing and intensive online use, complete with their own Chromebook SSID with Meraki DHCP enabled, allowing students to authenticate via 802.1X with Meraki RADIUS. Meanwhile, APs in classrooms will broadcast a different SSID and will be used for daily classroom activity, including research, collaboration, and application usage. “We want to have the high density coverage on Chromebook carts for those that are testing and another set of APs for non-testing, broadcasting a different SSID,” Krull explained. “We want a highly engaging, blended learning environment where we can stream video, while also online testing.”

Oakland USD Dashboard

The results of deployment

Upgrading to Meraki wireless has had a massive impact on the network, empowering network engineers and technicians to efficiently troubleshoot issues, as well as optimize the network space between the WAN and the end user. Before the Meraki deployment, visibility into the network consisted of merely being able to see whether a device was online or not; now network engineers are providing first and second tier help desk techs with read-only access and tools to diagnose many of the network issues. The Cisco Meraki dashboard is also providing insight into Oakland USD’s downstream issues, including lost packets and misconfigured DNS servers.

“It’s so easy to use,” Krull said. “In a few weeks we added 10,000 devices to the network and 300 Meraki APs, roughly doubling the end user computing devices and significantly adding to the wireless — all without hiring a single extra person,” said Krull.

Oakland USD photo

Oakland USD students using Chromebooks via http://www.blendmylearning.com/2013/09/09/back-to-school-2-0/

Shortly after the first round of Common Core testing, California’s state superintendent of public instruction held a conference with Oakland USD focused on the effectiveness of the testing standards, ease of use, and overall thoughts. But there were only a few brief minutes spent talking about the wireless. “It was incredible. Here is the person who decided to do online testing in the state and we weren’t talking about bad bandwidth, computers breaking, or slowness,” explained Krull. “Instead we were talking about kids being engaged in the testing. The fact that the network worked flawlessly during testing was an impromptu measure of success.”

Curious to hear more about how Oakland USD is supporting the high density demands of Common Core testing? Check out the webinar where we walked through their deployment, including providing a live demo of their network.

Posted in Company Blog | Comments Off on Measuring Common Core success at Oakland USD

Firmware updates while you sleep

A Cisco Meraki network doesn’t run itself, but we take pride in the fact that we can come pretty close in some cases. The firmware update process is a great example of something that used to spur late nights and migraines for administrators, and now is quite the opposite with the Cisco Meraki cloud based solution. We were excited to see this recent tweet from one of our happy customers.

For this customer, a complete deployment of Cisco Meraki APs was upgraded to the latest firmware with new features and fixes, with minimal intervention. Let’s take a look at what is happening behind the scenes to enable these scheduled upgrades for any Cisco Meraki device.

Because all Cisco Meraki devices communicate to the cloud, they always know if they are on the latest firmware. By logging into the dashboard or simply navigating to my.meraki.com while locally connected to a Cisco Meraki device, we can check the firmware status.

mymerakicom_firmware

But what if it isn’t up to date? If there is a new firmware version, administrators will be automatically notified via email, as well as directly in the dashboard. Upon logging into the dashboard, administrators will see a banner alerting them of the newly available firmware.

firmware_banner

From here, administrators can choose to upgrade firmware right away, or defer the update by selecting a different upgrade timeframe. Dashboard displays all of the available firmware upgrade options. Select a preferred upgrade time window as well as whether to use standard or beta builds to get the latest and greatest features ahead of time.

scheduleupgrades

Dashboard also provides the ability to customize the firmware upgrade process for each product type. In the screenshot below, it is clear that the switches are up to date and the firmware was last updated on May 9th.

switchupgrades

So now that it’s been scheduled, what happens during the upgrade? Meraki engineers have thought through every aspect of the upgrade process to ensure it goes smoothly. During the selected upgrade window, the APs will download the firmware and then reboot to apply the latest version.

Here are a few common questions our customers have about the process.

Does the device still operate as the firmware is being downloaded?
It does. Cisco Meraki devices store the old and new firmware version in parallel so the device can keep running during the download.

Can the device be used during the reboot?
No, the device will be unavailable during the minute or so during the actual reboot.

What happens if the power goes out and the device shuts down during the upgrade?
No problem, the device reboots using the previous firmware.

What if the device boots up on the new firmware but the file was corrupted and/or the device can’t communicate to the cloud?
The device will automatically revert to the previous firmware version.

All of these failsafes are built into Cisco Meraki devices to ensure the upgrade process is as resilient as possible. The entire process takes around 10 minutes from download to reboot depending on your internet connection. For more information on firmware upgrades, check out our knowledge base. If you’re curious about what new features may be arriving in your next firmware upgrade, subscribe to the Cisco Meraki blog to get a heads-up on what’s coming and how your network can benefit.

Posted in Company Blog | Comments Off on Firmware updates while you sleep

The popup network

Much of the time, networks are fairly static in nature. They’re installed somewhere specific – switches in wiring closets, APs up on walls or suspended from ceilings. This is the stuff of the network admin’s day job.

Every now and then a less straightforward requirement comes along. Perhaps a company wants to attend a trade show, or a non-profit wants to set up a stall at a street fair, providing WiFi access for passers-by.

haightstreetfair.jpg
The Haight Street Fair, San Francisco – how do you provide WiFi here?

Fortunately the Meraki family of Security Appliances provides the perfect solution. Included in the family are a couple of models which meet all the requirements for a temporary network like this. Let’s take a closer look at the MX60W and the Z1. Both of these include two design features enabling temporary networks to be set up with ease, all with a single device.

mx60w-mantle.jpg

Firstly, the MX60W and Z1 provide dual-band 802.11n WiFi for up to 20 users (5 for the Z1), supporting multiple SSIDs and customizable splash pages. It’s even possible to redirect connecting clients to an established captive portal back at the event base or HQ for authorization, if required. If the network needs to scale then our enterprise grade MR APs remain the more extensible option, but for a quick, small deployment around a stand, the mini security appliances do a great job.

Secondly, all Meraki security appliances include a special USB port, designed for use by a cellular wireless dongle. In the office one of these might be used as a secondary, or even tertiary backup Internet connection. However, there’s no reason why a cellular data connection cannot be the sole means of connection to the internet, and with 4G speeds now reaching into the tens of Megabytes per second range, there’s plenty of bandwidth to share.

Even with all that bandwidth to play with, it still makes sense to make a few configuration tweaks to ensure all clients have a good experience. The simple application visibility and control tools provided by Meraki make this a breeze. These allow per-user bandwidth limits to be set with a simple slider, or specific apps to be brought to heel so they’re not sucking-up an unfair share of the internet connection.

Both devices sip only a little power, so a small solar panel or wind generator may be all that’s needed to keep things running. Details of the supported dongles for your region can be found on our documentation portal, here.

 

Posted in Company Blog | Comments Off on The popup network

Don’t let the upcoming Apple updates slow down your network

Earlier this week at WWDC 2014, Apple’s CEO Tim Cook took the stage and unveiled iOS 8, the latest version of the mobile operating system, and OS X Yosemite. The announcement highlighted numerous new features, including new services and apps, integration with OS X, and major updates for developers.

ios8-app-apple-wwdc-2014-22_verge_super_wide

via The Verge.

With iOS 8 and OS X Yosemite expected to be released to the public in just a few short months, now is the time for admins to begin thinking about how to prepare their networks for the bandwidth spike that will likely accompany the release. When Apple released iOS 7 and IS X Mavericks last fall, a massive 50% of iOS users upgraded in the first week. With each download ranging in size from 750Mb to multiple gigabytes, many unprepared networks suffered outages while many others were brought to a staggering standstill.

Luckily, IT admins can plan ahead this year and make sure that hundreds or even thousands of simultaneous iOS downloads don’t cripple their networks. Built into each Cisco Meraki access point and security appliance is the ability to completely block certain traffic types or simply throttle it down to ensure that no single user or application is hogging the bandwidth.

Starting at the Clients page in dashboard, it’s easy for admins to keep an eye on which applications and users are high on the usage charts. If reports of slowness or network interruptions come in, this is a great place to begin investigations. There are also numerous live tools that can help admins dive deeper into their troubleshooting, whether in the office or on the go with the Meraki mobile app.

MerakiMobileApp SS

Within the Firewall & traffic shaping page, admins have the ability to fine-tune how much bandwidth certain applications are allotted or prescribe how much bandwidth can be consumed by each user generally. Rules can even be tailored by device type using group policies, ensuring that only those devices eligible for the upgrade are affected.

The best part is that each of these options can be customized for each SSID, regardless of whether the connected devices are company-owned, BYOD, or guest. And because information is updated live and changes are pushed out in real-time, admins can tweak network settings as usage fluctuates during the day.

TrafficShaping SS

Check out some of the tips and tricks we’ve learned since the last iOS update and prepare your network for what will surely be a massive surge in bandwidth usage this fall.

Posted in Company Blog | Comments Off on Don’t let the upcoming Apple updates slow down your network

More power in your pocket

Monitor and support your MDM-managed devices

Support for Systems Manager in the mobile app has been a popular request, and we’re happy to put it to the palm of your hands. Administrators can use the app to monitor managed clients, verify device compliance, and perform remote management and troubleshooting.

Rich details shown for a device include its location (GPS-based for mobile devices), network connectivity, compliance with MDM settings, and more. Built-in troubleshooting tools are also available: if a user is locked out of a device, perhaps due to incorrect passcode attempts, an administrator can use the mobile app to reset the passcode and have the user select a new one.

 

 

Richer remote troubleshooting

The app’s new ping tool enables remote connectivity and latency testing of network clients. Just find a device on the network from the clients page, click to see its details, and use the built-in tool to ping as needed. This is available for wireless, switching, or security appliance clients. The mobile app will display latency and packet loss over time as shown below. Recent events reveal information that helps troubleshooting, like authentication success or failures, roaming, and more.

 

The dashboard’s event log is a powerful tool when trying to debug a wide range of issues. It’s especially useful when trying to find the root cause of connectivity issues, authentication failures, and problems that might span across a range of network elements. In addition to the mobile app’s live tools like ping, the app’s new event page shows network-wide or client-specific events — the same information also displayed on the dashboard.

Troubleshooting the local Meraki environment

Remote troubleshooting has been improved — but local troubleshooting isn’t left out. Often times administrators are on-site, trying to debug issues in the local network. The new local connection page makes rich troubleshooting and status information available on the mobile app. This is very similar to what you’ll see by browsing to ap.meraki.com, switch.meraki.com, and mx.meraki.com — the local connection interfaces and views available for each type of Meraki product —  shows all the Meraki devices to which you’re connected in one view.

If you haven’t already downloaded the Meraki app, go to the appropriate app store:

If you already have the app installed, don’t worry—you’ll get the update automatically the next time you open the app. Enjoy!

 

Posted in Company Blog | Comments Off on More power in your pocket