This week the Systems Manager team released a host of exciting new Apple features and made some interface changes in the Meraki dashboard to make endpoint management even easier, automated, and more powerful.
Interface Changes: Settings Page
Interface changes can be seen on the Settings page, where users set configuration profiles and settings for different device types. The new Settings page has been redesigned to streamline management and make configuration settings more easily discoverable when creating profiles.
Also on the new Settings page, you’ll see a host of new features available for iOS and macOS, some of these were made available in the Apple iOS 11.3 and macOS 10.13.4 release. These new features are extremely powerful for all organizations managing Apple devices, but particularly compelling for those in education!
Delay OS updates for up to 90 days on iOS and macOS: Providing time for IT teams to vet and test new OS versions before they are deployed on managed devices.
Keep apps up to date on iOS and macOS: Select for specific App Store apps to automatically update when a new version is available.
Disable Bluetooth settings on iOS and macOS: Limit distractions and security loopholes by locking down the bluetooth functionality on devices through the live tools on a device page. IT teams can use this in conjunction with bluetooth restrictions settings to lock bluetooth settings on or off.
FileVault Personal Recovery Key (PRK) Escrow: Store PRKs for disk encryption on macOS devices.
Login window: Set custom login window messages for macOS devices to alert users of management or convey organizational messages.
Lock screen: Specify a custom lock screen asset tag on iOS to easily identify a device in hand.
App Store Restrictions: Restrict end user app installations and updates for more control of apps and app versions on macOS devices.
AirPrint: Set printer configurations for iOS and macOS devices.
Dock: Change size, magnification, position, minimization effect, and more macOS dock settings.
Setup Assistant: When re-provisioning a macOS device, select to skip steps like Siri setup.
….and more! For a full list, please go to the “New Features” section in the Meraki dashboard.
Current customers can take advantage of these features immediately! We hope you’ll join the Community discussions on this and other topics.
We don’t talk enough about Meraki Systems Manager’s role in the larger Cisco story. Being a part of Cisco gives our Systems Manager team access to a broad range of Cisco products and initiatives, from security to networking and collaboration. As Cisco’s endpoint management solution, Systems Manager strengthens Cisco’s position in endpoint security and enables smarter decisions about device access and policies on Cisco networks.
Earlier this year, Systems Manager played an important role in the launch of Cisco’s cloud-based endpoint security portfolio for managed security service providers. This portfolio offers scalable solutions for visibility and control of endpoint devices and highlights key products for service providers to deploy.
In another example of how Cisco and Meraki are leading the industry in endpoint security, Cisco announced that Cisco Security Connector (CSC) is now available for purchase! Cisco Security Connector is a powerful tool to help organizations with supervised iOS devices ensure compliance, block phishing attacks and malicious links, understand application and device behaviors, and investigate security incidents across deployments.
Building CSC was a collaborative effort between Apple, Systems Manager, Cisco Umbrella, and AMP for Endpoints. Only Cisco has been able to achieve this type of cross-product alignment at scale. Having access to and information about upcoming security initiatives gives us at Meraki the opportunity to find compelling ways to collaborate across products at Cisco.
There’s work underway to bring even more cross-product value to customers. Look out for future launches with our larger Cisco family!
Learn more about Cisco Security Connector hereor contact us to get started using Systems Manager to deploy and manage this powerful iOS application!
1:00 pm: Students trickle back into class after a well-deserved lunch break. Eager to get started with their next lesson, they grab their school-issued laptop out of their emptying backpack, log on, and start their next assignment while patiently waiting for the teacher to bring attention to the front of the room. Unbeknownst to the students and teachers actively participating in classroom activities, the network deployment team paces the halls, double checking that each new access point has a home, and that each switch will be comfortable in its new closet.
3:30 pm: The bell rings. Students rejoice; jumping, dancing, and skipping out of the building, excited to get to their study group, sports practice, or friend’s house. Some stay behind to attend an after-school course, work on homework, or attend a teacher’s office hours. Behind the scenes, the deployment team sneaks inside empty classrooms and offices, unmounting old access points and seamlessly swapping them for brand new, inconspicuous access points to take their place. From the gym to the cafeteria, no space can be left unconnected. With great attention to detail and swift hanging capabilities, the team goes room by room, replacing and adding APs, making sure no classroom is left behind.
4:30 pm: The last of the students head home for the day, with tired eyes, full brains, and superb stories. Once everyone has left the campus, and the school buildings start humming in their normal emptied silence, the real fun begins. Operation: the complete switchover. The deployment team speeds through the remaining AP installation. They move onto the closets, and in a sea of cables, sweat, and servers, they unrack and uninstall the legacy switches, tossing them into a corner of their already forgotten memory. Installing the new switches is faster than a cheetah lapping the school, with an organized, lit up rack of switches foreseeable on the other end.
5:00 pm: Testing. Testing. 1, 2, 3, testing. The devices are online. The computers are connecting. The tablets are connecting. Even the phones are connecting! The intrusion detection system is working. The security cameras are on. We are a go! Network complete.
This nonfiction tale tells the story of Orange County Public Schools (OCPS), the 9th largest school district in the United States, with around 208,000 students spread across 200 schools. And yes, they continue to flip schools left and right in four hours, moving them off of their legacy equipment and onto a Meraki network of MR access points and MS switches. Originally a project that David Overton, Senior Director of Information Security, thought would take several years to finish, is on pace to finish in under two years, with the deployment team transitioning three schools a week. And, for the schools that have already moved onto Meraki, not only has student learning through their 1:1 device program continued to work without a hitch, but the simplified management through the Meraki dashboard has been a lifesaver for the IT team.
To learn more about OCPS and their Meraki deployment, watch a webinar recording with David and a Meraki product specialist. They discussed why David chose Meraki, how they are able to install a new network in 4 hours, and why a robust network is imperative to supporting their 1:1 device program. Watch here!
El verano pasado, celebramos cuando llegamos a un millón de redes en línea. Hoy, menos de un año después, hemos llegado a 1.4 millones de redes. Es difícil de creer, pero en solo 12 años, Cisco Meraki ha cambiado el networking (redes) y ha ayudado a cientos de miles de organizaciones a conectar personas e ideas mejor que nunca.
Llevar una administración inteligente y una experiencia informática más sencilla a organizaciones en todas partes del mundo siempre ha sido nuestra misión. Es por eso que estamos emocionados de anunciar que lanzámos Meraki en el mercado de Internet más grande del mundo: China.
¿Por qué China? Muchos de nuestros clientes en comercio, hotelería, educación y manufactura han ingresado al mercado chino y quieren seguir administrando sus redes con Cisco Meraki. Al mismo tiempo, esperamos llevar la magia de Meraki a las organizaciones Chinas y mostrarles cómo Meraki puede ayudarlas a aprovechar las nuevas oportunidades y reducir los costos operativos.
Es importante mencionar el papel que la conectividad a Internet ha tenido en la sociedad y la economía de China, y cómo esta ha evolucionado. China tiene casi 800 millones de usuarios en línea, la mayoría de los cuales accede a Internet exclusivamente a través de sus teléfonos inteligentes. Los desarrolladores de aplicaciones, los comerciantes locales y todos los intermediarios necesitan redes rápidas y confiables para funcionar sin problemas. Plataformas enteras como Alipay y WeChat han cambiado la forma en que los consumidores chinos interactúan con amigos, familiares y organizaciones de todo tipo.
En los últimos meses y años, hemos trabajado duro para comprender las necesidades de los clientes en China y así construir una experiencia ideal para este mercado. Estamos lanzando en China nuestras soluciones de red emblemáticas: MR (puntos de acceso inalámbrico), MS (switches) y MX (equipos de seguridad).
En el pasado las organizaciones trataban al departamento de TI como un apéndice separado, consultando al equipo de TI solo cuando se cortaba el Wi-Fi, hoy en día las organizaciones trabajan de la mano con sus equipos de TI, confiando en ellos para implementar y gestionar soluciones con visión de futuro que puedan brindar a las organizaciones inteligencia sobre sus clientes, evitar el tiempo de inactividad y mucho más. El equipo de Meraki ha invertido innumerables recursos para construir una solución integral de redes específicamente para el mercado chino:
Hemos invertido en dos centros de datos en China, utilizados exclusivamente para los datos de gestión de estas organizaciones.
El Dashboard de Meraki se ha traducido a mandarín y está físicamente separado del Dashboard utilizado para administrar redes fuera de China.
Abrimos una sede en Shanghái y desde allí ejecutaremos todas nuestras operaciones, incluidos los equipos dedicados de ventas y marketing.
Habilitamos un equipo de soporte en mandarín
Ya sea en San Francisco o Shanghai, nuestro espíritu sigue siendo el mismo: simplificar tecnología poderosa para que las organizaciones se centren en su misión. Meraki está en todo el mundo, con más de 1.4 millones de redes activas en oficinas, aulas, cafeterías, restaurantes, fábricas, hospitales, habitaciones de hotel y en cualquier otro punto intermedio. No podemos esperar para ver cómo nuestros clientes chinos construirán nuevas redes y cómo Meraki ayudará a dar forma al futuro de TI en China.
As the needs of our customers and the capabilities of our products have grown over time, so too has our deliberate approach to making the Meraki dashboard as useful and delightful as possible. The Meraki engineering team has been hard at work refining the list pages where you can view all Meraki devices of a particular type (e.g., wireless APs or switches) as well as the detail pages for individual Meraki devices.
We’ve already rolled out most of these changes over the last few months. By May 28, users will see the full set of updates when they log in to the dashboard. Keep reading to see how we’ve enhanced these pages.
Device list page
The device list page now displays a useful summary pane, which gives you an instant look at the status of all of your Meraki devices on the network. For example, you can see how many APs are online and offline, how many are alerting, and how many of your APs are repeaters. This is a small change, but one that we think a lot of customers will quickly appreciate.
Device details page
On the device details page, the map showing the location of the Meraki device is now always visible, no matter which tab of the page you’re on. You can confirm which AP you’re working on without having to toggle to the Location tab. This is especially useful for multi-site deployments.
We’ve also made it much easier to find the RADIUS and VLAN request status on an AP’s details page — it’s right on the summary tab. You can quickly narrow down a connectivity issue to RADIUS, DNS, DHCP, or ARP, or you can click on the LAN tab for more granular information.
Old Tools tab on the left, new Tools tab on the right
Finally, when clicking on the Tools tab, you’ll see all the tools available at one time instead of a dropdown selector. This way, you’ll be able to run and view the results of multiple tools at once.
Please note that after May 28, you’ll no longer be able to revert to the old version of the pages.
Do you have any suggestions for improvements? Feel free to “Make a wish” on the bottom right of any page in the dashboard to get your feedback directly to our engineers!
Last summer, we celebrated as the millionth Meraki network came online. Today, less than a year later, we’ve hit 1.4 million networks. It’s hard to believe, but in just 12 years, Meraki has completely changed the face of networking and helped hundreds of thousands of organizations connect people and ideas better than ever before.
Bringing intelligent management and a simpler IT experience to organizations everywhere has always been our mission. That’s why I’m excited to announce today that Meraki is launching in the world’s biggest Internet market: China.
Why China? Many of our large enterprise customers in such verticals as retail, hospitality, education, and manufacturing have already entered the Chinese market. They love using Meraki to manage their networks in other countries, and now they can use Meraki to manage their Chinese networks as well. At the same time, we look forward to bringing the Meraki magic to organizations born and bred in China and show them how Meraki can help them seize new opportunities while reducing operational costs.
It’s hard to overstate the role that pervasive Internet connectivity has had in shaping China’s society and economy. China has nearly 800 million online users, most of whom access the Internet exclusively through their smartphones. App developers, local merchants, and everyone in between need fast and reliable networking to function smoothly. Entire platforms like Alipay and WeChat have changed how Chinese consumers interact with friends, family, and organizations of every type.
Having visited China a few times myself, I’ve been astonished every time I’ve paid for a train ride using my phone, borrowed a shared bike through an app, or ordered food at a restaurant (and paid for my meal) without having to leave the table. It’s clear to me that the increasing sophistication of China’s digital economy demands a stronger IT and networking backbone.
Over the last many months and years, we’ve worked hard to understand the needs of customers in China and to build an experience ideal for this market. We’re launching in China with our flagship networking solutions: MR (wireless access points), MS (switches), and MX (routers).
At Meraki, we believe that IT has a pivotal role to play in every organization. In years past, organizations would often treat IT as a separate appendage, consulting the IT team only when the Wi-Fi went down. Today, organizations work hand-in-hand with their IT teams, relying on them to deploy and manage forward-thinking solutions that can give organizations actionable intelligence about their customers, prevent production downtime, and much more.
What makes Meraki the leader in intuitive, intelligent IT? Our centralized management model minimizes the need for expensive, complex on-site infrastructure like wireless controllers, and allows us to rapidly deliver features that unlock new capabilities. All of our products are managed through the web-based Meraki dashboard, a simple interface for configuring and controlling Meraki access points, switches, and routers. Advanced capabilities, from a network topology view and virtual switch stacking, to Layer 7 application visibility and extensible APIs, minimize the time IT administrators need to deploy, configure, and manage the network.
The Meraki team has invested countless resources to build a comprehensive networking solution specifically for the Chinese market:
We have invested in two data centers in China, used exclusively for the management data of Chinese organizations.
The Meraki dashboard has been translated into Chinese and is physically separate from the dashboard used to manage networks outside of China.
We’ve opened up a China headquarters in Shanghai and will be running all of our Meraki China operations from there, including dedicated sales and marketing teams.
A support team dedicated to our Meraki China customers (and fluent in Mandarin!) sits in our Shanghai headquarters, ready to proactively help our customers build the best and most powerful networks.
Whether in San Francisco or Shanghai, our ethos remains the same: simplifying powerful technology to free passionate people to focus on their mission. Meraki is all over the world, with over 1.4 million active networks (and counting) in offices, classrooms, coffee shops, restaurants, manufacturing facilities, hospitals, hotel rooms, and everywhere in between. We can’t wait to see how our Chinese customers will build out new networks and how Meraki will help shape the future of IT in China.
Last month we announced the latest addition to our portfolio of easy-to-manage IT products, Meraki Insight. This advanced new troubleshooting tool will be of interest to any organization working across a wide area network, whether they’re connecting sites together or accessing resources in a remote data center. With more and more IT services migrating from on-site servers to virtual machines running in private or public clouds, it’s never been more important to be able to quickly and easily troubleshoot the WAN and application server performance.
Meraki Insight combines the deep packet inspection capabilities inherent to our MX platform with a robust, mature cloud-hosted architecture to analyze WAN traffic and server response times. By inspecting both the network and application layers, a picture soon emerges, enabling network administrators to quickly identify potential performance bottlenecks that may be leading to a diminished user experience. With IT support tickets being one of the most critical data points for measuring IT effectiveness, anything that helps to accelerate the closing of those tickets and even prevent them is welcome. A better network experience translates to happy users and customers who are more likely to return.
We’ve been delighted with the feedback we’ve received from early customers of Meraki Insight, and not just for the great user experience in the dashboard either. Real issues with real revenue implications are being resolved more quickly already, thanks to the capabilities unlocked by this new tool.
In one case, a well-known retailer with operations around the world was able to use Meraki Insight to rapidly identify and resolve a point-of-sale issue that was impeding sales during its busiest time of year: the holiday season. Another renowned storage company with over 1,500 locations was able to look at WAN performance data to help pinpoint a latency issue that was impacting business-related VoIP calls between branch sites.
Even if alerting isn’t being used to draw attention to an issue, one may be lurking. One of our Meraki partners was about to deliver a demo using their own company’s network when they stumbled across a custom application with a low performance score. All clues pointed to a network layer issue, and sure enough the app was experiencing packet loss severe enough to affect user experience. After a call to their ISP, a support team was dispatched to fix interference on the line.
Real world issues, impacting real business: these are the challenges Meraki Insight helps to address, thereby helping our customers increase revenue and reduce operational costs. For the first time the outstanding LAN troubleshooting tools that have helped build our success at Meraki are looking out to the WAN and the application servers we rely on every day. To gain better insight into issues that may be impacting your network and end-user experience, just click here to initiate a free trial.
IP cameras undoubtedly represent a huge leap over the analog security camera setups of yesteryear: newer cameras bring significant ongoing cost savings and simpler operation to the table. But one area where traditional IP cameras don’t improve on their analog predecessors is in the way they store camera footage.
Where analog cameras transfer footage to VCR-based solutions, traditional IP cameras usually store footage on NVRs (network video recorders). The need for an NVR in typical IP camera setups presents some critical downsides in terms of costs, reliability, and complexity.
Here are four reasons to say “no thanks” to your NVR and adopt a camera solution with a modern cloud-managed architecture:
1. High hardware costs
The more components in a system, the more expensive that system is to maintain and update over time. As organizations deploy additional cameras, more video footage is captured, necessitating greater amounts of space to store that footage. Though NVRs may not introduce too many costs for smaller deployments, the one-NVR-per-location model quickly breaks down when organizations have to deploy cameras across many different sites — a common scenario for customers in verticals like retail and hospitality. Storage requirements can also balloon with IP camera systems that don’t automatically delete footage that isn’t useful, like video in which there is no motion.
The need to augment cameras with NVRs doesn’t just add another line item to the BOM; it also makes it more difficult to scale because organizations need to determine in advance how much storage they’ll need per location. The result is often inadequate storage, a less cost-effective deployment, or both.
2. Restrictive remote access to video footage
Organizations with old-school CCTV setups typically don’t think twice about remotely viewing video footage; they’re all too used to the idea of someone having to be physically present in a control room on-site to watch video (after all, the first two letters in “CCTV” stand for “closed-circuit”). But one of the promises of Internet-connected cameras was that video footage would be easier to access from anywhere.
Alas, the requirement for video to be transmitted to and stored on an NVR in typical IP camera deployments limits the possibilities for remote viewing. That’s because accessing videos stored on an NVR from outside the network requires cumbersome and complex VPN configuration. Plus, all computers will need to download a separate, often unintuitive VMS (video management service) — yet another thing to install, configure, and learn how to use. It’s no wonder that most organizations using typical IP camera systems have adjusted their interaction style such that they are only using cameras locally. Unfortunately, this means there’s often a frustratingly long gap between when video is captured and when it’s been retrieved, converted, and ready to view — not an ideal scenario.
3. Potential data loss risks
A chain is only as strong as its weakest link, and the same holds true for security camera deployments: if one piece of the system fails, the entire system is at risk. If for some reason camera footage can’t be sent to the NVR from the cameras (due to a network outage, for instance), footage is lost forever. Even worse, network administrators frequently don’t realize that part of the system has failed until they try to watch footage that was never properly transmitted to the NVR. The risk of losing critical footage due to a network issue is a basic failure of NVR-reliant camera systems.
4. Security vulnerabilities
Since NVRs are often nothing more than old computers running outdated software and collecting dust in the back of a closet, keeping them up-to-date with the latest security updates is a difficult and oft-forgotten task. This means NVRs can serve as an entry point for cyber threats looking to find their way into a network. Once they’ve infiltrated the network, cybercriminals can do anything from stealing corporate data and holding a business hostage to compromising sensitive financial information.
These aren’t just theoretical threats: in October 2016, thousands of cameras and video recorders were infected by malware and initiated a DDoS (Distributed Denial-of-Service) attack against services like Amazon, Spotify, and Reddit. Unfortunately, even a single weak point in the network could open a company up to significant security issues.
By removing the NVR from the equation, organizations stand to gain a more efficient, reliable, and secure camera system. That’s only possible with a ground-up reinvention of the traditional IP camera architecture.
Cisco Meraki MV eliminates the NVR by introducing a unique cloud management model. With MV, there’s no single point of failure; footage is stored and encrypted on the cameras themselves, creating a distributed system (and consequently distributing the risk). Video is streamed securely to the Meraki dashboard for monitoring, where the cameras can also be configured and managed. And all system components stay protected from security vulnerabilities, thanks to standard end-to-end encryption and regular, automatic firmware updates. The result: a streamlined, simplified security camera solution.
In keeping with the age-old Meraki philosophy of empowering our customers to do more with less, people-counting analytics on MV12 has finally arrived!
We’re excited to see this new set of tools build on top of an already impressive (and necessary) security product. Now, MV12 can act not only as a great security camera, but also as a sensor for businesses big and small — no servers or extra infrastructure needed.
If you’re already familiar with our wireless product line, this rollout might feel reminiscent of our WLAN Location Analytics tool, and it should! At Meraki, we love the notion of providing our customers more intelligence with less infrastructure, an idea especially apparent with MR and now MV.
How does it work?
Using the advanced processor on our recently launched MV12 security camera, and built-in, anonymized person detection (not to be confused with unique facial recognition/identification) software, video is stored and analyzed on-camera, at the edge. This metadata is sent to the cloud and aggregated into people-counting metrics independently of the video itself. Plus, over time this software will become more accurate using machine learning.
To see this functionality in action, just click on the ‘Analytics’ tab for an individual camera and select the time resolution (minute-by-minute, hourly, or daily) and timeframe of interest. The ‘People count’ section of this page shows an at-a-glance overview of your busiest time period, estimated peak occupancy over that period, and the total number of entrances. Remember that the ‘Total Entrances’ value will double count individuals if they leave a frame and then return, since this data is anonymized. Consequently, we encourage thoughtful placement of cameras intended for use as sensors to minimize both double counting (place them in an area with restricted traffic flow moving in one direction, like an ‘Entrance Only’ door) and occlusions (where two people or objects pass in front of one another, making it difficult for the camera to see what’s going on).
Clicking on the ‘Most Utilized’ and ‘Peak Occupancy’ results will jump directly to that moment in the camera’s historical footage so you can quickly analyze what events may have driven that spike in traffic. Drilling down into each bar in the people counting bar chart will also take you to the corresponding piece of footage, making it simple to investigate anomalies.
You’ll now be able to observe and quantify granular foot traffic patterns through a given frame.
For retailers: monitor the ebb and flow of customers throughout the day, optimize staffing headcount to make sure your customers get the attention they need, and increase the efficacy of marketing campaigns by targeting days of the week with the greatest or least traffic.
In schools: track general attendance patterns, see which areas of campus are used most frequently, and make a business case for updating facilities and equipment based on usage patterns.
At offices: figure out whether it makes sense to add more common spaces, or repurpose these areas based on popularity with office-dwellers. And are those pricey espresso machines actually getting used anyway?
Of course, these examples represent only a fraction of the uses cases now available with this additional functionality. Coupled with motion heat maps (available on all MV models), it’s never been quite so easy to see the big picture quickly.
Does this mean my MR Location Analytics setup is now redundant?
Definitely not! Think of these tools as complementary. Because MR access points count mobile device wireless signals throughout a wireless network, they provide a broad “macro” level view of foot traffic through, say, an entire store location. People counting on MV only tabulates traffic within that visual frame, making it more accurate on a “micro” level, like an individual product display within that store. By pairing these two features, you can quickly gain insights across multiple levels of your business.