As we mentioned earlier this week in our latest launch blog post, we are thrilled to announce a slew of new wireless access points (APs) and antennas that will be orderable and will begin shipping February 13th, 2018. Let’s dig a little deeper into the details and use cases of each.
Indoor access points with external antennas
In the wireless world, one-sized coverage does not fit all indoor scenarios. Although our access points easily satisfy the coverage needs of many — if not most — indoor wireless deployments, they come with built-in omni-directional antennas that can’t always satisfy the requirements of specific situations: high-density auditoriums or stadiums, focused coverage down long hallways, or warehouses with high, 25-foot-and-beyond ceilings, for example. For these situations, indoor APs with specialized antennas are required.
With this in mind, we’re thrilled to announce the addition of two new, indoor access points that support external antennas to the Meraki MR portfolio: the MR53E and MR42E.
The MR53E (left) and the MR42E (right) wireless access points.
Both are 802.11ac Wave 2 access points leveraging the traditional Meraki quad-radio architecture: a 2.4 GHz radio, a 5 GHz radio, a dedicated dual-band radio for security scanning and automatic RF optimization, and a dedicated Bluetooth Low Energy (BLE) radio. The MR53E delivers a 4×4:4-stream MU-MIMO architecture and support for multigigabit — with dual-aggregate radio speeds up to 2.5 Gbps. The MR42E has a 3×3:3-stream architecture with a dual-aggregate radio speeds up to 1.9 Gbps.
The MR53E is ideal for high-density deployments that require the utmost levels of performance or that are mission critical in nature. Think: critical care hospitals, stadiums, lecture halls, auditoriums. The MR53E will deliver the highest quality indoor RF coverage because its extra radio chain offers better signal strength, resulting in higher throughput and message integrity. The MR53E also offers extra flexibility and future-proofing with multigigabit support for the highest throughput over existing cabling — which saves money and time in the long run.
The MR42E is ideal for more average-density, general-purpose wireless installations that require focused coverage (e.g. down long hallways) or the flexibility of external antennas, which allow an AP to be repurposed for different wireless scenarios since you can purchase the right antennas for the new coverage map you are deploying.
To support these APs, we’ve designed six new antenna families, most of which have smart technology allowing the MR53Es and MR42Es to automatically detect and classify the antennas — eliminating the need for manual configuration and guaranteeing the automatic selection of compliant transmit (Tx) power. Depending on the family, there may be options to buy packs of one, five, or six antennas — or else to purchase antennas with either five or six connectors.
New Meraki antennas for the MR53E and MR42E access points.
The new antenna options include:
Straight and bendable dipole antennas for omnidirectional coverage
Panel omnidirectional antennas for low-ceiling installations where aesthetics matter
Panel downtilt omnidirectional for higher (25 feet or above) ceilings and medium-density deployments
Wide patch antennas for wide angles of coverage in medium-density scenarios
Narrow patch antennas for very high-density environments like stadiums and auditoriums or for deployments requiring narrowly-focused coverage (i.e., down hallways).
Basic indoor wireless and rapid outdoor deployments
Some installations require wireless coverage for a small number of devices, where there are no plans to leverage location-aware services that require mobile app integrations and Bluetooth. For these customers, we’re excited to announce two new access points, the MR70 and MR20.
The MR70 (left) and the MR20 (right) wireless access points.
These APs are designed for lower density deployments, and have neither the dedicated third scanning/security radio nor the dedicated Bluetooth Low Energy (BLE) radio found in our other APs. This means that security and RF scanning are opportunistic — i.e., when the AP is not communicating with clients, and there is no support for BLE-based app integration. However, both the MR70 and the MR20 support Meraki’s built-in wireless Location Analytics.
The MR70 sports a 2×2:2-stream MU-MIMO architecture designed for those looking to rapidly deploy ruggedized wireless outdoors. Thanks to its integrated omnidirectional antennas (it does not support external antennas), the MR70 can be deployed quickly in the field. The MR70 supports Meraki’s self-healing, automatic mesh capability and is IP67-rated for dust, moisture, shock, and vibration.
The MR20 is an indoor model designed for basic, very low-density wireless coverage. It also sports a 2×2:2-stream MU-MIMO architecture, and, like the MR70, supports only opportunistic security and RF scanning. It’s ideal for SOHO and ultra-small business networks which service around twenty or fewer clients and that want the visibility and control of the Meraki dashboard, but are interested primarily in basic wireless coverage.
These new APs and antennas round out our robust portfolio of wireless access points, and enable IT administrators to make smart hardware decisions that fit the needs of specific deployments — whether entry-level or extremely challenging. Please check out our wireless webinars or visit us at meraki.cisco.com for more information. As always, we’re keen to hear your thoughts and feedback, so please drop us a line on social media or leave a comment in our Meraki Community.
Wireless is now the de facto method of joining networks, and as the number of mobile devices requiring access has skyrocketed, IT admins must make smart choices about coverage and capacity. Essentially, they must have the options available to select the right hardware for a given scenario — a one-size-fits-all omnidirectional coverage solution for indoor deployments is no longer tenable. The coverage needs of a high-density indoor stadium deployment servicing ten thousand guests differ drastically from those of a basic wireless network for a small business employing fifteen people.
And no matter which scenario a wireless network falls into, having more visibility and insight into issues relating to client association, latency, and capacity are always welcome.
With this in mind, we are thrilled to announce a new tool in the Meraki dashboard, Wireless Health, as well as a slew of new wireless APs, antennas and accessories that will round out our product portfolio and deliver more flexibility for our customers to select the type of coverage they need for a given deployment.
We will be deep-diving into these new products and features in follow-up blog posts over the coming days.
Wireless Health helps IT teams verify that wireless users are able to access the network as expected and that they have a fast, reliable wireless experience. By simplifying root cause analysis for all connected wireless clients in a single dashboard, IT teams can proactively manage and answer complex questions without having to manually dig through the entire network stack. Wireless Health will be available for all Meraki MR models soon.
Indoor access points with external antennas
Smart wireless also means having the right hardware for the job. In order to provide more options for customers who have specific indoor coverage needs beyond omnidirectional, we’re adding two new, 802.11ac Wave 2 indoor access points that support external antennas to the Meraki MR portfolio: the MR53E and MR42E.
The MR53E (left) and the MR42E (right) wireless access points.
To support these APs, we’ve designed six new antenna families, most of which support smart technology allowing the MR53Es and MR42Es to automatically detect and classify the antennas.
We also will be rolling out a new dashboard feature in the coming weeks that enables IT admins to create custom RF profiles (or use pre-built templates) to fine-tune coverage in challenging or high-density scenarios, and for advanced customers to customize RX-SOP (a technology that helps mitigate co-channel interference) settings across multiple APs.
Basic coverage for rapid deployments
Some installations require basic wireless coverage for a small number of devices, and have no plans to leverage location-aware services that require mobile app integrations and Bluetooth. For these customers, we’re excited to announce two new access points, the MR70 and MR20.
The MR70 (left) and the MR20 (right) wireless access points.
Both of these APs are designed for basic, medium-density deployments, and have neither the dedicated third scanning/security radio nor the dedicated Bluetooth Low Energy (BLE) radio found in our other APs. They both support Meraki’s integrated wireless Location Analytics, however.
The MR70 is designed for those looking to rapidly deploy basic, ruggedized, IP67-rated wireless outdoors. The MR20 is an indoor model, also designed for medium-density wireless coverage.
We believe these new features and access points will allow IT administrators to deploy smarter wireless solutions for their given environments. All of these new APs and antennas will be orderable and shippable beginning February 13th, 2018. RF Profiles capability will be available by end of February. Wireless Health should be available starting in the second calendar quarter.
For more information, please check out our wireless webinars, or visit us at meraki.cisco.com. We’re always keen to hear your thoughts and feedback, so please either drop us a line on social media or leave a comment in our Meraki Community.
When you think of a Meraki deployment, what comes to mind? Perhaps you think of Wi-Fi in coffee shops, mobile device management in classrooms, or the network of a hotel. Recently, I spoke with the IT team at the Florida Department of Environmental Protection (DEP), and it opened my eyes to all of the possibilities for Meraki to connect the unconnected in unique industries and situations.
DEP manages 175 state parks across 16 million acres, and is responsible for protecting the air, water, and land in the state. They are in charge of land and recreation, all state parks and trails, regulatory programs for air and water quality, and ecosystem restoration. In order for park rangers to collect payment information and work effectively, the parks need a secure network connection.
When it was time for a switch refresh, the DEP team wanted a solution that was easy to deploy and manage, while providing improved network visibility. After completing a bake-off between their legacy solution, a competitive solution, and Meraki, the team decided to move forward with deploying Cisco Meraki switches, access points, and security appliances at DEP parks and offices across the state.
The wireless network allows park rangers to securely access DEP resources and data, improve efficiency for day-to-day administrative tasks, and connect credit card machines to process park fees, hiking permits, and souvenirs. The switches and security appliances support the DEP network, connecting remote sites and offices back to the main network at their headquarters in Tallahassee. On Honeymoon Island, the DEP deployed several APs at the park entrance, which connect their toll booths back to the main ranger station.
There are now hundreds of Meraki products connecting parks across the state of Florida. To learn how the IT team at the Florida DEP is managing this massive, distributed network, watch this webinar recording.A Meraki Product Specialist joined Arthur Wilson, Network Engineer at the Florida Department of Environmental Protection, for a live demo of the Florida DEP Meraki dashboard. You can read the full Florida DEP case study here. To learn more about Meraki for state and local government, attend an upcoming live webinar.
We’re back at it again for Cisco Live! EMEAR next week — for the first time ever, Cisco’s largest event in Europe will take place at the Fira Gran Via in Barcelona, Spain from January 29 to February 2, 2018. Our teams have been working hard since the last Cisco Live! in Cancun and are excited to show you our latest announcements.
You can’t miss Meraki’s booth right at the entrance to the World of Solutions. We’ll be fully stocked with 9 one-to-one demos; live cameras to showcase in-booth; technical sessions; an Innovation Showcase by our SVP, Todd Nightingale; dedicated demo and workshops in the DevNet Zone; as well as a packed schedule of customer meetings and fully sold-out customer party.
It’s not too late to sign up for some of our technical sessions at the event. Take a look at the Session Catalog today to register!
The DevNet Zone at Cisco Live! Barcelona is an area for engineers and developers to come together and innovate using Cisco technologies and platforms. In addition to our demo pod, where you can meet our team and get a personalized demo, we have a variety of workshops below that are still open for registration. Sign up today!
Tuesday, January 30 9:00 – 9:45 AM & 5:00 – 5:45 PM: Automation with Meraki Provisioning API (Courtney Batiste, Solutions Architect)
5:00 – 5:45 PM: Everything about Bluetooth Apps and Asset Tracking (Colin Lowenberg, Solutions Architect)
Wednesday, January 31 9:00 – 9:45 AM: Analytics with Meraki CMX Location API (Cory Guynn, Solutions Architect)
Thursday, February 1 9:00 – 9:45 AM: Analytics with Meraki CMX Location API (Cory Guynn, Solutions Architect)
Sometimes troubleshooting can be like solving crime, whether it’s tracking down and kicking off rogue APs or identifying the bandwidth hog that’s slowing down the whole network. Whatever it takes to restore order, IT will figure it out. And one thing is certain: the tech team is always watching.
This held true for Brett Guidry, the Technical Services Manager at Waitr, when he was called in to solve the mystery behind not one, but two robberies. Waitr is a platform that enables customers to order from local restaurants through a mobile device or online. Waitr connects drivers, restaurants, and users with delivery and carry-out items. Now operating in 150 cities across the United States, with over 3,400 devices for drivers, restaurants, and employees already on the network, Waitr continues to grow, adding 5-10 new restaurants a week.
With the first robbery incident, Guidry didn’t even have a chance to get out of bed. It was 7 a.m. when the phone rang. A Waitr restaurant in New Orleans had been broken into, and nearly $20,000 worth of property was taken, including Waitr devices. Luckily, the devices had Cisco Meraki Systems Manager installed, so Guidry immediately opened the dashboard to track down the devices. Since their connections had switched to LTE, the GPS was still pinging and Guidry could see all from the Meraki dashboard: where the devices were, when they stopped moving, and even the nearest address. He sent the location and the coordinates to the police, bricked the devices so they couldn’t be resold, and waited…
The second incident wasn’t all that different. At 11 p.m., an employee’s car was broken into in Jackson, Mississippi. Two laptops, an iPad, and camera were stolen from the vehicle. Again, because they were Waitr property, Guidry was called to the (remote) scene. Watching everything from the comfort of his own bed, Guidry was able to locate the devices and their GPS coordinates, and he watched them fly down the interstate highway like a high-speed chase. When the pin stopped, Guidry identified the location within a 15-meter radius and directed the police to the location. They stormed the building, which happened to be a bar, and Guidry waited patiently for justice to be served…
What happened in the end? Were the criminals apprehended? Find out our live webinar featuring Brett Guidry himself. Watch the recording here.
2017. What a year. We could fill this with a lot of different stories from the past year, but we chose to highlight one of our esteemed colleagues from the channel team, Stephen Bullock. Stephen had a lot of fun supporting you in his first full calendar year as a channel account manager — but don’t just take our word for it, hear it directly from him.
Conner Sheppard, Meraki Channel Marketing Manager: So, Stephen, how’s life as a CAM treating you?
Stephen Bullock, Meraki Channel Account Manager: Incredible! I’ve been in role for about 18 months and still learn something new every day! Our partners are like snowflakes – no two are the same and that’s exactly how my workday feels. Always lots going on and no shortage of Partners looking for help to grow their Meraki practice.
CS: That’s great to hear. It seems like you’re always flying around working with a new partner, remind me, how many partners are you currently covering?
SB: 16 Partners from Seattle in the North to San Diego in the South and East all the way to Minnesota (although I’ve not spent much time there.)
CS: Wow! That’s enough to keep anybody busy. If you had to give a shoutout to one partner in particular, who would it be?
SB: I can’t pick a favorite child… I love them all! However, CompuNet has done an amazing job developing the LDS Church which was a huge win for Meraki last year with more in flight. And I’m excited to see what ConvergeOne can do once the dust settles on all the acquisitions they’ve made: Annese, SPS & AOS in 2018 alone!
CS: Better question — you have to have some help working with these partners, and obviously Meraki reps are the best, but anybody you’d want to specifically recognize?
SB: The Channel Life is all about working cooperatively. The most successful engagements happen when the Meraki, Cisco and Partner Teams are involved… It takes a village! (No political comment intended). We’ve recently had some great meetings with John Gilkey’s team at FusionStorm and on the SLED side, Andrew Barrientos’ spearheaded a great meeting with Ednetics in Idaho. I’d be remiss if I didn’t mention the amazing work of the Channel Marketing team to support the CAMs :)
CS: Stephen, stop that! So, 2018 is poised to be a big year for us, what kind of projects are you working on with all your partners?
SB: Each of my ‘snowflakes’ has different needs, so I endeavor to extract the greatest Meraki growth from each of them in different ways. It is not formulaic; but it allows us to be agile, adjust to their needs and hopefully dovetail with our Partners strategic goals.
CS: You’re doing a lot of great work. What can reps do to better collaborate with you?
SB: Communicate: engage the CAM for Managed Partners and let them know what’s going on, you might learn something before we do, even when it’s bad news. Let them know when you’re planning on visiting the Partner and ideally participate in joint calls. Be responsive: nothing is more frustrating to a Partner than not knowing what’s going on… Generally, we lead the industry and are known for getting back to Partners in a timely fashion, but challenge yourself to get better every day. We succeed when the Partners succeed. Recognize the incredible job the Partner community delivers to Meraki and don’t take it for granted. It’s a long term relationship, which will endure through thick and thin, overall we’ll win a LOT more working collaboratively with the Partner community.
CS: Well, Stephen, thank you for your time. Before we sign off, any last minute goals or exciting news you want to share with the team?
SB: Part of what I love about Meraki and our incredible growth is you never quite know what opportunity might present itself. I don’t have any “exciting news”, but am always looking for new ways to engage Partners, expand my skill set and contribute to the team. My goal for 2018 is unchanged from last year… Get to Mexico! I think it’s going to be tough, but having experienced the baller life in Mexico a couple of times, I don’t want to ever miss out!
For many retailers, providing free guest Wi-Fi is no longer a perk; it’s a basic cost of doing business. Customers expect to be able to log on to free in-store Wi-Fi to surf on their smartphones and make video calls to their friends while they’re shopping. By now, most retailers have acquiesced to customer demand and installed high-speed wireless networks in their stores.
Although most retailers provide free Wi-Fi to their guests, many stores may not be leveraging this infrastructure to its fullest potential. Retailers should be taking advantage of the wireless infrastructure they’ve already invested in to learn more about their customers, modernize their stores, and provide first-class customer experiences.
1. Learn more about customers through location analytics
Today, nearly all shoppers are carrying smartphones while they roam around stores. In fact, a 2017 Deliotte report noted that 93% of U.S. smartphone owners use their phone while out shopping. This technology gives customers an unprecedented ability to look up anything and communicate with anyone. It can also help retailers with advanced wireless setups track how customers navigate within a store, and use this knowledge to merchandise as needed.
When a phone’s Wi-Fi radio is turned on, it sends out probes to wireless access points. This occurs whether the phone is actually connected to a Wi-Fi network or not, since smartphones are constantly hunting for new Wi-Fi networks to populate the list of available networks nearby. Using these probes as data points, wireless systems can triangulate shoppers’ locations within a few meters. Bluetooth Low Energy (BLE) beacons — popularized as iBeacons by Apple — can take this even further and track shoppers to within inches of their locations. For instance, a home improvement retailer could know whether a customer is looking at sinks or at toilets based on their location.
Advanced systems, like Cisco Meraki Location Analytics, can present this precise location data in a number of ways benefitting retailers. For example, retailers can use location heat maps to see where their customers are walking within the store and appropriately arrange displays or staff certain areas based on actual customer engagement. Learn more about the possibilities of Location Analytics by reading this blog post.
2. Support more modern infrastructure
An upgraded wireless experience can serve as the catalyst for greater infrastructure updates that reduce cost and improve the customer experience. Two areas of technology that have seen rapid evolution in the last decade, and that matter a great deal in the retail space, are security cameras and mPOS (mobile point-of-sale). Incidentally, both IP cameras and mPOS rely on robust wireless deployments in the store.
Security cameras have gone from recording limited, grainy footage onto analog video management systems to recording high-definition video that can be streamed online from anywhere. As a result of these rapid technological advancements, retailers are increasingly adopting the newest camera models, which come fully equipped with wireless connectivity, to monitor in-store activity. These cameras, often deployed in places where Ethernet cords can’t easily reach, require a wireless network connection to send captured video to the server.
Similarly, most mPOS devices today don’t use Ethernet for connectivity, necessitating the use of a fast wireless network to process and complete transactions quickly. mPOS has burgeoned recently in large part thanks to the explosion of smartphones: companies like Square have modernized — and for some retailers, eradicated the need for — traditional cash registers.
Retailers with up-to-date, fully secure wireless networks are ready to support these technologies to the fullest extent.
3. Enable exceptional omnichannel experiences
As Amazon has shaken up the retail world over the last decade, omnichannel shopping experiences — experiences that are consistent whether a shopper is buying in-store or online — have become part of the retail zeitgeist. Delivering a comprehensive omnichannel experience requires retailers to collect and combine information about customers’ in-store and online shopping habits.
Retailers with robust wireless deployments are in a prime position to build a sophisticated system that helps them learn more about their customers’ shopping activities. Once a shopper logs on to a store’s Wi-Fi network, a whole host of possibilities opens up, especially if they’re already known (a repeat visitor) or their identity becomes known thanks to a splash page integration, like Facebook Login. From that point onward, customer activities that integrate with the network can be tracked and their experiences personalized.
For example, when a shopper who buys a pair of heels on a retailer’s website then wanders into that store’s dress aisle, she can be presented with an ad on her smartphone for a dress that matches the shoes. Additionally, based on the network bandwidth consumed by different mPOS terminals, stores can determine which checkout counters are the least or most popular and make staffing adjustments accordingly. Solutions that bring APIs into the mix can take this one step further by integrating activity on the network with retail loyalty programs or CRM systems. The possibilities are endless for IT administrators looking to build custom solutions that help retailers ensure consistent shopping experiences across channels.
To learn more about why Meraki is a great fit for retail, check out our retail webpage, read a customer case study, or sign up for our upcoming Meraki for Retail webinar on January 24, 2018 at 11 AM PT.
Retailers, get excited: NRF 2018: Retail’s BIG Show is coming up! In just a few days, the Javits Center in New York City will be abuzz with all things retail. Cisco Meraki will be at NRF to chat about our latest solutions, showcase a few of our customers, and discuss the benefits that cloud-managed IT can bring to retail. We’re really excited to share why cloud management and Meraki are a perfect fit for retail, and we can’t wait to show you what we’ve got in store (pun intended).
Which Meraki products will be showcased?
At NRF 2018, we’ll be showcasing the Meraki products that matter most to retailers. That means you’ll get to check out Meraki MR wireless access points and our newest product line, MV security cameras, in the flesh. Of course, come to our booth to watch a live demo of the Meraki dashboard and see how simple it is to manage and configure a full stack of IT infrastructure — including APs, switches, security appliances, cameras, phones, and enterprise mobility management — from a single place.
As a special treat, our team will set up beacons and Meraki APs throughout the expo hall to give attendees a first-hand look at how Meraki Location Analytics works in a retail environment. Come to the booth to check it out!
Where can I find Meraki?
Meraki will be part of Cisco’s booth (#2052), located on Level 3 of the Expo Hall. This large, 30 x 40-foot “toy box” will be an experiential retail environment where you’ll get to see a variety of Cisco technologies at play.
Here’s what the booth will look like — look for the big blue Cisco banner!
Which Meraki customers will I get to hear from?
Many retail companies have already deployed Meraki to great success, which is why we’re excited to feature some of them and have them discuss their Meraki deployments at NRF.
On Tuesday, January 16 from 10:15 AM to 11 AM, attend Meraki’s Exhibitor Big Ideas Session (Expo Hall, Room 4, Level 3). You’ll hear from Grupo Merza, a Mexican food and grocery distributor, about their deployment of 3,000 Meraki MV cameras.
Cisco will also be hosting speaking sessions with Dollar General and Panera Bread, both Meraki customers.
Who from Meraki will be at NRF 2018?
You’ll be able to meet some fantastic Meraki sales and marketing employees at NRF. We’ll have the product marketing leads for MV, MC, and our API solutions, as well as two people from the Meraki solutions architecture team, at the demo booth to chat about why Meraki is ideal for retailers.
Crediton Dairy in Devon, England, is a major supplier of milk products to grocery stores across the UK. The milk processing plant employs about 160 workers in both factory and office roles. When IT Manager Benjamin Evans and his team realized it was time to upgrade their existing CCTV system, they looked to Meraki, whose access points they had already been using.
The team had a dated CCTV system that was only deployed in a couple of areas around the facility.
The processing plant spans a large area and contains several tall structures, like silos, making it difficult to survey multiple areas at once.
A constant stream of lorries (or delivery trucks) driving through the facility introduces potential safety hazards for workers.
An initial deployment of 16 MV71 cameras helps cover a majority of external areas.
Benji and the team relied heavily on the Meraki mobile app when physically installing cameras.
“Literally plug it in, and it’s up and running.”
The Operations team, as well as the Health & Safety team, utilize the camera feeds to monitor potential hazards throughout the site, such as high traffic areas.
The team already encountered and resolved one incident involving a lorry driving into a barrier with the help of their MV deployment. They were able to prove the cause of the accident and assign liability accordingly.
Benji and his team have saved both time and money due to the “plug-and-play” nature of the cameras, and the lack of extraneous hardware, like a UPS.
The architecture of the cameras allows the team to monitor video feeds locally without impacting the company’s bandwidth usage.
The team is exploring the possibility of expanding their deployment into the factory to help monitor processes and ensure employee safety, both inside and outside the facility.
When an IT vulnerability breaks into the mainstream media we can be sure something significant has been uncovered. The Spectre and Meltdown CPU vulnerabilities have been present in most processors shipped over at least the past 10 years, but have only recently come to light following responsible disclosure by Google and other security researchers.
We are all using devices that are potentially vulnerable. The good news is that patches for the majority of desktop and mobile operating systems in common use have already been issued, so the onus is on all of us to ensure our devices and servers are up-to-date.
Knowing that Meraki customers will be wondering to what extent Meraki products and the cloud infrastructure may be impacted, we wanted to answer the questions we know will be top-of-mind.
How can these vulnerabilities be exploited?
The two Spectre vulnerabilities and Meltdown vulnerability take advantage of a weakness in the most widely used CPU architectures to perform information disclosure attacks. These vulnerabilities could allow an unprivileged attacker with direct access to a computing device, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.
Are my Meraki hardware devices impacted?
In order to exploit any of these vulnerabilities, an attacker must be able to run crafted code on an affected device. All Cisco Meraki products are closed systems that do not allow customers to run custom code on the device, and thus have no attack vector (means of attack) and are not vulnerable.
Is the Meraki back-end infrastructure impacted?
The Meraki cloud infrastructure is hosted in a Meraki-only private cloud and does not use shared infrastructure. Additionally, the software comprising the Meraki cloud backend is a closed system that does not allow customers to run custom code on the infrastructure and therefore has no attack vector, ensuring it is not vulnerable.
Are Meraki solutions using Virtual Machines impacted?
Virtual MX (vMX) and VM concentrators that are deployed as a virtual machine, even while not being directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment on which these virtual machines run is itself vulnerable. Cisco Meraki strongly recommends customers secure their virtual environment and ensure that all security updates are installed by working with their cloud service provider. Amazon Web Services and Microsoft Azure have both posted advisories related to these vulnerabilities.
How do I detect and block malicious activity on my network?
The Meraki MX offers advanced security features, including industry-leading intrusion detection and prevention, using data provided by Cisco’s own Talos organization. Snort signatures have been issued that are designed to detect and drop network flows containing Spectre and Meltdown exploit attempts, benefitting Meraki customers running the Advanced Security license on their MX appliances with IDS/IPS turned on and the Security/Balanced policy selected.
Where can I learn more?
More details on the Spectre and Meltdown vulnerabilities can be found on this dedicated website and on this blog post from Red Hat. This Cisco securityadvisory provides additional details for customers running other Cisco products.
Meraki customers who remain concerned and would like to know more can contact Meraki support, or head over to our community to discuss this or any other topic relating to our technology.