At Cisco Meraki, we’re passionate about helping IT keep sophisticated networks running and secure, without the pain of manual configuration and complex integrations.
Our Systems Manager product is widely known for its endpoint management capabilities, including pushing apps and email settings; configuring device security for point-of-sale systems or in-class student use; and tracking location and device status. Systems Manager is a powerful tool for these classic endpoint management scenarios, but it is also one of the most compelling additions to your network management toolset.
Systems Manager is unique in the endpoint management space for its native integrations with the Meraki wireless, switching, and security portfolios. It’s been engineered to share intelligence and enforce policy in concert with Meraki networking hardware to help admins automate and secure access to the company network based on device posture, location, installed or running software, or users.
And the integrations have only gotten deeper with the recent introduction of automatic profiles to reflect Meraki networking configurations into Systems Manager.
These network-centric features are core to Systems Manager’s ability to deliver value beyond endpoint management and are provided alongside the rest of the Meraki portfolio.
Here are a few of these integrations in action:
Device Enrollment
Systems Manager provides an easy way to enroll existing devices in the field (including staff and student personal devices) without physically handling each device! Through an integration with Meraki MR access points, network administrators can configure SSIDs to only allow devices with Systems Manager installed onto the network.
Unenrolled devices are sent to a splash page to install Systems Manager before gaining access to the network.
Wi-Fi Configuration
Having Systems Manager talking to Meraki MR access points allows administrators to save time and effort when provisioning SSID access to devices. Wi-Fi access can be automatically deployed to devices based on Systems Manager’s knowledge of device type, user group, location, security compliance, etc. These settings will also automatically update if changes are made to the Meraki MR network.
Additionally, admins have the option to leverage Systems Manager’s built-in certificate infrastructure to provision EAP-TLS WLAN authentication with unique certificates — eliminating the need to manage a certificate authority, RADIUS server, or Public Key Infrastructure (PKI)!
VPN Configuration
This feature allows admins to provision client VPN automatically with the Meraki MX, while controlling access based on time of day, user group, geolocation, and Systems Manager’s security compliance.
Wi-Fi Security and Network Policy Automation
This feature allows admins to dynamically grant or restrict network access to a device based on its security status, location, installed software and OS version, and more. With this feature, when a device fails to comply with a set security measure (for example, the user disables the antivirus program, jailbreaks a device, removes a passcode, leaves a given territory, etc.), Systems Manager can automatically revoke access to Wi-Fi networks.
Systems Manager allows IT to create dynamic, segmented network policies without the need for dedicated hardware. Meraki access controls such as VLAN assignment, firewall rules, traffic shaping, and content filtering can be dynamically changed based on endpoint posture from Systems Manager. Network access is controlled, updated, and remediated automatically based on granular policies ranging from OS type and time schedule to security posture and user. Requires: Systems Manager (SM) and Meraki security or wireless products (MX or MR products).
For more about using Systems Manager to better inform and automate your network access, join us in an upcoming webinar!