Archive for January, 2019

Making DEP-loyments Easier with Systems Manager

If you have experience managing Apple devices in the enterprise, then you’ve probably used Apple’s Device Enrollment Program (DEP), which helps administrators deploy Apple devices seamlessly throughout an organization.

Large organizations such as school districts, managed service providers, and business conglomerates often procure company-owned Apple devices through various entities which requires multiple DEP accounts. This can create a logistical nightmare when trying to deploy devices at scale.

Previously, admins could only manage one DEP server per organization in Systems Manager. This led to network admins having to create separate organizations in order to support multiple DEP servers.

Taking these user experiences into account, it is with great excitement that we announce that Systems Manager now supports Multi-DEP!

What does this mean for you?

Customers can now add, remove, and edit multiple DEP servers within the same organization in the Meraki dashboard. This gives more flexibility to deploy devices that are being procured under one subset. The experience will be more seamless, efficient, and granular; an admin can specify which DEP server should be visible  for management and syncing under each network.

For instance, a school district with 10 schools can manage all of the 10 schools under one organization, with each school network having its own DEP server. Similarly, a managed service provider could manage different customers’ networks simultaneously, with each customer network mapped to its own DEP server.

For customers in education using Apple School Manager (ASM), the ASM sync can now also handle multiple DEP servers at the same time. When an ASM sync is initiated, it will automatically run for all DEP servers assigned to that network. DEP servers will now sync in-the Apple server display name, and the Meraki dashboard will display that metadata along with a timestamp of the last update of the DEP server.

If you are already using Systems Manager, give it a try today by going to Organization > MDM in the Meraki dashboard to see the new ‘Apple DEP Servers’ section. Let us know what you think of it; we love getting feedback!

If you would like to learn more about Systems Manager, join us for an upcoming webinar (where you can qualify to earn free System Manager licenses), or call the Meraki sales line to start a risk-free evaluation.

 

The power to expand

Back in November 2018, we announced a new family of access layer switches with multigigabit ports. With Wi-Fi 6 (or 802.11ax) access points arriving this year, multigigabit is no longer a luxury: connecting one of these blazing fast APs to a regular switch would mean creating a bottleneck and compromising the end user experience.

Adding capacity in one part of the network has the potential to create a ripple effect, uncovering limitations elsewhere, so to help address this, we’re introducing our fastest ever switch, built for the aggregation layer, where performance and stability are everything.

The MS450-12 is a veritable beast of a switch, with a total switching capacity in excess of 1.3Tb/s! You read that right; that’s terabits per second, an increase of 70% over our previous generation! Up to 12 high-performance access layer switches can be connected, and then to ensure no loss of that capacity in a large scale three-layer network, there are two QSFP28 ports, each capable of 100Gb/s. Those same ports also provide versatile options for connecting demanding datacenter equipment. Finally, around the back, there are dedicated stacking ports and the switch provides a generous 400Gb/s of stacking capacity.

When combined with the latest wireless access points and multigigabit switches, there’s no question that Meraki is delivering the next generation of local area network, ready for whatever comes next. To learn more about Meraki switching, please sign-up for one of our other informative webinars. We’ve got lots to show you!

Posted in Company Blog | Comments Off on The power to expand

Recap: Meraki Quarterly, January 2019

Every quarter, the Cisco Meraki product marketing team presents a comprehensive review of new product introductions and improvements released over the previous three months. By keeping customers informed on a regular basis about what’s new at Meraki, we hope to help them make the most of their Meraki deployments.

While the Meraki Quarterly consistently enjoys excellent attendance, we’re cognizant of the fact that many IT admins find it difficult to find the time to watch an hour-long webinar. For those who haven’t found the time to watch the full webinar, here’s a quick recap of some of the material we went over earlier this month.

1. Improvements to Maps and floor plans

Meraki network admins have long enjoyed viewing their MR access points on floor plans in the Meraki dashboard. This helps in optimizing indoor and outdoor wireless coverage and figuring out where to place new access points.

Now, admins can map MS switches and MV cameras in addition to their access points. We think this is an exciting development for MV in particular, since mapping cameras can help admins ensure that important areas receive the surveillance coverage they need. Read more about the newest member of your floor plans.

2. An update on MX LTE deployments

Back in August 2018, Meraki introduced a slew of new MX security and Z-Series teleworker appliances, with a few new models that come with integrated LTE. By baking LTE right into the product instead of forcing admins to attach a separate cellular dongle, we hoped to give IT admins a new level of visibility into their connections and the ability to leverage a new set of APIs to make these MX models a new platform to build new capabilities on top of. Just five months later, we’re pleased to report that organizations worldwide have embraced this vision.

In the webinar, we briefly discussed how a few Meraki customers have taken unique advantage of our MX models with built-in LTE. Here are a couple of examples:

  • A globally distributed food processing company previously paid for an expensive secondary uplink to augment its primary uplink, afraid of the downtime that could occur if the primary uplink failed. After deploying new MX models with built-in LTE, the company not only saved money by replacing the secondary uplink with a less expensive LTE backup, but also gained centralized visibility via the Meraki dashboard of all uplinks.
  • A media company with numerous locations around the United States needed the ability to stream multiple streams of live video from branch sites back to headquarters. Relying solely on one ISP simply wasn’t an option, so the company deployed MX security appliances as well as Z-Series teleworker devices, both equipped with LTE connections, to arm employees in different locations with reliable connectivity back to HQ.

Watch the webinar for additional ideas of ways your organization can leverage the power of MX + LTE.

3. Endpoint management becomes even simpler

Since its debut, Meraki Systems Manager (SM) has offered customers a comprehensive endpoint management solution that brings device management, application management, content management, and mobile identity under a single umbrella. This past quarter, the Systems Manager team was hard at work at making SM even easier and more powerful. These improvements include:

  • A revamped Applications page that makes it simpler to perform bulk operations (e.g., update or delete) and search for just the right app
  • A new Target Groups feature that gives admins more flexibility in delivering apps, profiles, and configurations to the right groups of devices
  • Support for tvOS, enabling education, retail, and hospitality customers to manage and deploy Apple TVs en masse
  • Enhanced Windows 10 support and smoother enrollment processes for Android devices

Finally, we highlighted a new Customer Success Training program available for customers who purchase at least 200 SM licenses. This training gives customers the opportunity to engage one-on-one with a Systems Manager expert for assistance with deploying and configuring SM across different devices.

4. MV smart cameras make massive moves

Meraki MV smart cameras took a major leap forward last November with the launch of two new hardware models, extensible analytics capabilities, and a new cloud archive option. Since then, the MV team has hardly rested on its laurels, continuing to work hard to bring new improvements to the experience of managing cameras in the Meraki dashboard.

In addition to the aforementioned ability to place MVs on maps and floor plans, admins can now use up to 12x digital zoom to get a close look at live and historical footage and set up rotating video walls to monitor multiple scenes from one place. Additionally, admins can gain access to more detailed analytics with configurable zones. As an example, a large department store could organize multiple MVs scattered throughout the men’s area under a single “Men’s Zone” and use the MV’s people counting capabilities to see how many people navigate through the men’s area in a certain timespan, whether they’re looking at men’s pants, shirts, or shoes.

Finally, during the webinar, we took a deep dive at MV Sense, a set of integrations that let admins build interesting business solutions that leverage the data collected by MV cameras. To provide a bit of inspiration, we highlighted a few fun use cases that Meraki has built involving Nerf guns, a piano, and a light that changes color based on how many people are detected in the frame!

5. A deeper look at APIs

Did you know that one out of every five Meraki customers is using APIs? We’re incredibly pleased with the uptake of our API offerings. During the quarterly webinar, we walked through a whole host of new features and enhancements recently made to the Meraki dashboard API. For example, webhook alerts now let you subscribe to cloud-based alerts in any receiving service, and admins can use templates to configure many different syslog servers at once.

Visit apps.meraki.io for turnkey solutions developed by Meraki and third-party developers. To learn how to create your own solutions using APIs to build on the Meraki platform, visit create.meraki.io.


The full recording of the January 2019 Meraki Quarterly contains tons more detail, and we encourage you to watch it if possible. If you weren’t able to make it this time around, no worries — we’ll be back in April with another quarterly.

Want to sound off on something we covered? Head to the Meraki Community and let us know your thoughts!

BGP, the Meraki Way

By Steve Harrison & Mitchell Gulledge

header_BGP


Introduction


If you have heard of BGP, then you will likely know it as “the protocol that makes the internet work.” And if you have ever tried to configure it in a
multivendor environment, as one of the most frustrating things you can configure in networking. So, the fact that Cisco Meraki, a company known for simplifying powerful technology, is releasing BGP as a feature might have some people scratching their heads.

In this blog post we will explore how even the most esoteric technologies can be “Merakified” into simple, scalable solutions.

What?


“Hold on,” I hear you saying. “Firstly, what exactly is BGP?”

Well, Border Gateway Protocol (to give BGP its full name) is an IP routing protocol, in the same vein as OSPF or EIGRP. Except that it is an exterior gateway protocol as opposed to an interior gateway protocol like OSPF or EIGRP. The exterior bit simply means that it is intended to operate outside of your network gateway, which in most cases means the internet. As opposed to OSPF and EIGRP, which are run inside your network gateway.

BPGDiagram

Thus all ISPs run BGP, so that your boss’s iPad can be connected to the latest news article/cat video. But that’s not all BGP is used for. In various guises BGP is ultimately responsible for the provision of nearly all of that bandwidth and services that corporations consume, including but not limited to IPVPN, MPLS, VPLS and EtherVPNs.  

There is one commonality to all BGP use cases — scale — and that is no different for Meraki.  The Meraki BGP implementation allows for stable bilateral integration of Meraki AutoVPN and SD-WAN-enabled organisations into broader MPLS and hybrid Cisco SD-WAN deployments.

How?


Anyone familiar with BGP knows that there are a plethora of ways to influence the routes it decides to use and propagate, anything from
AS Path to Multi-Exit Discriminator (MED) to local preference. Some variables are global, some are locally significant, and some are vendor-specific, all of which means that the Meraki implementation has to distill all of those elements to their most fundamental.

BGP at its heart is a distance vector protocol, except that instead of tracking an IP path through many routes, it tracks a path through collections of routers under a single organization’s administrative control. Such organizations are referred to as Autonomous Systems and they all have a number, an ASN.  

When a BGP router propagates a network (also known as a prefix) to a neighboring router (also known as a BGP peer), it appends its own ASN to the AS Path for the prefix. The BGP peer then decides how to route to that prefix by choosing the shortest AS Path for the prefix (if it has more than one path to the prefix) or the only path if it has only one.  

The Meraki implementation does exactly that, just bilaterally. When sharing any prefixes it simply adds its own ASN to the AS Path.  

BGP Dashboard

Meaning that the router 1.2.3.4 in the above example will receive updates from the MX with an AS Path of 64512 and 5.6.7.8 will receive an AS Path of 64512, 64512. Whereas the MX could receive updates for the 10.0.0.0/8 network from both of its BGP peers (1.2.3.4 & 5.6.7.8), but only the prefix with the shortest AS Path will be used (in the event of a tie the first configured peer is preferred, as the second router offers a longer AS Path due to double AS Path pr).

The fundamental reason to choose BGP over the currently OSPF-based solution, though, is that BGP allows for bilateral propagation of prefixes, means that when networks are added in the Meraki domain they are instantly shared into the wider/SP domain and vice versa.

When?


Now! As you can see from the above graphic, this functionality has been available in beta for some time (over a year at time of writing) and will soon be enabled in a generally available code release. Whilst this event is the culmination of a lot of work from a lot of people, it is only the tip of the spear.  
Traffic engineering with AS Path prepending, route leak prevention, and route table security are currently available on the MX. However, more advanced features including segmentation are coming in future phases.

BGP - Meraki

Conclusion


At Meraki, we take the most complex routing protocol in the industry, extrapolate out the vendor-specific elements and layers complexity to make it usable and configurable in three clicks (and a little typing).  

Meaning that with Meraki, organizations can scale from mom & pop to megacorp without switching platforms. Click here to find out more.

References

https://documentation.meraki.com/MX/Networks_and_Routing/BGP

https://www.cisco.com/c/en/us/about/press/internet-protocol-journal/back-issues/table-contents-37/103-multivendor.html

http://www.ciscopress.com/articles/article.asp?p=2738462

http://www.ciscopress.com/store/routing-tcp-ip-volume-1-9781587052026

http://www.ciscopress.com/store/routing-tcp-ip-volume-ii-ccie-professional-development-9781587054709

How Nash-Rocky Mount Schools Went 1:1 with Meraki and E-rate

With over 16,000 students and 31 schools, Nash-Rocky Mount Schools (NRMS) in North Carolina is continuously growing its technology stack in order to provide the best experiences for students. The IT team started this journey with a 1:1 program, but with an aging network that provided limited visibility and control, the team needed a new, more reliable wired and wireless network. They chose Cisco Meraki, not only because they knew a cloud-managed solution could support the increased technology demands, but because Meraki was also easier to manage and maintain.

NRMS has paved the way for schools across the nation by pioneering a cloud-managed networking solution to support new digital learning technology. But don’t just take it from us — hear directly from Tremaine McQueen, Chief Technology Officer, and James Williams, Senior Network Engineer at NRMS about how they transformed digital learning with the help of Cisco Meraki. You’ll learn:

  • Why NRMS chose a cloud-managed solution over a traditional, controller-based network
  • How their revamped network is able to support a district-wide 1:1 device program, giving teachers the confidence to bring new technology into the classroom to improve student learning
  • How NRMS used E-rate funding to upgrade their Meraki network several years after their initial deployment to continue supporting new digital learning initiatives

NRMS is joined by John Harrington, CEO of Funds for Learning, to deliver an overview and best practices about the U.S. Federal funding program, E-rate. This is especially timely, since schools need to submit their Form 470s by February 27. Learn more about the E-rate filing window for FY19.

Watch the webinar now:

CÁMARAS MÁS INTELIGENTES PARA ESCUELAS MÁS SEGURAS

Hacer que los colegios, institutos y universidades sean más seguras con cámaras inteligentes y confiables, es posible con Cisco Meraki.

Imagine administrar las cámaras de seguridad de su escuela desde un tablero intuitivo basado en la web sin NVR, sin descargas de software y acceso remoto seguro. ¿Suena demasiado bueno para ser verdad?

Las cámaras de seguridad de Cisco Meraki MV están cambiando la forma en que las escuelas piensan acerca de la videovigilancia. Con Meraki MV, las escuelas pueden mantener a los estudiantes más seguros al ayudar proactivamente con la detección de amenazas y la seguridad, y los equipos de TI pueden tomar decisiones informadas con análisis integrados, que no requieren servidores. MV es fácil de implementar y administrar, y está específicamente pensando para los equipos de TI.

 

 

Aquí tiene 5 razones por las que debe considerar las cámaras de seguridad Meraki MV para la próxima implementación de su escuela o campus:

  1. Implementación simple: con la implementación de cero toque, usando solo números de serie, un administrador puede agregar dispositivos al Dashboared de Meraki y comenzar la configuración incluso antes de que el hardware llegue al campus. Envíe cámaras directamente a cada escuela o espacio y póngalas en funcionamiento rápidamente.
  2. Sin NVR: todas las imágenes de video se almacenan y se cifran localmente en la cámara, lo que elimina la necesidad de los costosos y complicados NVR o DVR. Esto no solo agrega seguridad adicional, sino que también permite una sencilla implementación y administración de la cámara. También significa que el equipo de TI  puede escalar fácilmente sin complicaciones.
  3. Monitoreo basado en la Web: administre sus cámaras de seguridad desde el mismo panel de control intuitivo y basado en la web donde administra el resto de sus productos Meraki. MV elimina la necesidad de una sala de monitoreo de seguridad o una configuración de VPN compleja, todo lo que necesita es un navegador web para ver y monitorear secuencias de video. Además, el Dashboard reduce el tiempo de capacitación para los administradores y el personal que interactúan con el sistema.
  4. Controles de acceso granular: ya no es solo el guardia de seguridad el que necesita acceso. Desde el director hasta el maestro pueden tener acceso personalizado a todas las cámaras de la escuela, o seleccione las cámaras por etiqueta, con solo unos clics.
  5. Análisis integrados: MV va más allá de la seguridad; utiliza un potente procesador integrado para analizar el video y proporcionar información valiosa sin la necesidad de enviar esos archivos de video a la nube o un servidor local. Vea fácilmente dónde los estudiantes se congregan o caminan con mapas de calor de movimiento. Detecta cuántas personas hay en un aula o en un pasillo con la detección de personas.

Las escuelas de todo el mundo están implementando Meraki MV para mantener a sus estudiantes más seguros de forma sencilla y eficiente. En Estados Unidos, el Distrito Escolar de Reading utiliza la herramienta de búsqueda de movimiento para aislar incidentes y encontrar lo que están buscando en menos de 20 minutos, en lugar de pasar buscando durante  horas de video almacenado. Además, los guardias de seguridad, los directores y los administradores escolares pueden ver imágenes desde una tableta o PC, sin tener que ir a la sala de monitoreo de video.

Conozca más de Meraki MV conversando con su representante de ventas y participando en nuestro próximo webinar en vivo. 

Stop, Shop, and Go with Meraki at NRF 2019

The beginning of January brings a fresh sense of optimism, plenty of revelry, and a respite after the hectic holiday shopping season. But for the retail industry, that respite is short-lived: the start of a new retail year also means another National Retail Foundation (NRF) BIG Show.

Cisco Meraki has long had a presence at NRF, and this year, we’re bringing fun new people, exciting new sessions, and innovative new hardware to the Javits Center. Here’s the who, what, where, when, and why about Meraki at NRF 2019.

Mall

Who from Meraki will be at NRF 2019?


Meraki employees from a wide range of departments will be at the show hosting speaking sessions and engaging with people at the booth. Representatives from our product management, marketing, sales, and channel teams will all be there, ready to demo our latest and greatest and answer any questions you may have about Meraki.

What products will Meraki be showcasing?


Retailers love Meraki IT solutions because they’re straightforward to manage and have a wide range of capabilities to engage customers. This year, you’ll receive a firsthand look at the latest products from our core networking stack (wireless, switching, and security) as well as our SM endpoint management tool and MV smart cameras. Don’t miss the new MV12, MV22, and MV72, all of which were introduced in 2018 and are capable of advanced analytics, including motion heat maps and people detection.

Where can I find Meraki?


Meraki will be part of Cisco’s booth (#2254), a roomy 20 x 30-foot space. It’ll be easy to spot Meraki employees: we’ll all be wearing signature green Meraki t-shirts! Three screens in the booth will be dedicated to demos of the Meraki dashboard, and a few iPad Pros will also be strewn around the booth for mobile demos.

When is the Meraki “Big Ideas” speaking session?


You won’t want to leave NRF without having attended our “Big Ideas” session. This year, we’ll feature Marty Dempsey, VP of Global Retail at Estée Lauder Companies, a Meraki customer. In conversation with Imran Idrees, Portfolio Product Marketing Manager for Meraki, Dempsey will discuss how new digital technologies like mobile apps and cloud-based solutions are revolutionizing the traditional brick-and-mortar retail environment. Be sure to attend the session on
January 14 at 1:30 PM right on the expo hall floor!

Another “Big Ideas” speaking session we’re proud to be a part of is CDW’s. George Bentinck, the product manager for Meraki MV smart cameras, will discuss how retailers can turn sight into insights and maximize the value of their investments in video security. You can learn more about our smart cameras on Tuesday, January 15 at 10:15 AM.

Why should retailers stop by our partner booths?


The Meraki party doesn’t stop as soon as you step out of Cisco’s booth. For the first time ever, six partner booths will play host to Meraki gear. Visit these featured partners, sprinkled around the show floor, to get a Meraki demo and enter a raffle to
win a full stack of Meraki gear!


We can’t wait to see you from January 13-15, 2019. In the meantime, feel free to chat with us in the Meraki Community. See you in New York City!