A puzzle is a picture broken up into hundreds of pieces. An individual piece doesn’t offer much insight into the big picture, but as more pieces are connected, the story becomes clearer. Physical security is similar in that one piece of information about a single event doesn’t always provide a clear picture of what actually happened.
Say that a security team receives an alert with two pieces of information:
A door was propped open for 60 seconds.
An employee badge, Sarah’s to be specific, was used to unlock the door.
What should the security team do? The answer depends on the circumstances. Was it actually Sarah using her badge? Why was the door open for so long? Was there tailgating, and if so, who else came in? Video can help answer these questions, but how do you know when and where to look? To make sense of events faster and get the complete picture, video and access control systems need to work together.
Get Answers More Quickly
Fortunately, Meraki MV smart camera APIs make it easy to provide video context to establish the validity of things like access control logs. The video link API can be used to pair video footage with access control events. The snapshot API can retrieve a snapshot from the relevant camera for more immediate context on a given event, in this case a person badging in.
This means when there is an alert, or an event needs to be reviewed, it’s easy for the user to quickly understand what happened. With this type of integration in the scenario above, security could have easily looked at the snapshot or accessed the relevant video in the dashboard to verify that it was Sarah using her badge, and that she propped open the door to carry in a couple of boxes.
The Sequr Platform make it easy to access relevant video from your MV smart cameras
MV Integration is Built into the Sequr Platform
While the APIs are available for anyone to use, Sequr has made it even easier for customers using their cloud access control system. The Sequr platform integration with Meraki MV smart cameras make it quick and easy to get started. Once the API key has been entered, simply map cameras to doors and start monitoring access control logs with Meraki MV smart cameras.
In the Sequr platform, a video link to the relevant feed will appear next to each event. Selecting the link will launch the camera in the Meraki dashboard and play video for the event. Sequr users can also configure the system to create a short video clip, viewable in the Sequr platform. The videos can also be included in alerts, sent via email or to a messaging platform, making it even easier for teams to quickly assess events.
MV smart camera video clips can be included with alerts on the Sequr platform
From move-in day to graduation day, students require reliable Wi-Fi to be successful. Not only does Wi-Fi enable effective collaboration and creativity, but it can also be a driver to attract and retain students and faculty to campus. As the need for seamless connectivity on college and university campuses continues to expand, are schools measuring up to student expectations? We wanted to find out.
In partnership with the Center for Digital Education, Cisco Meraki conducted two surveys, one of higher education decision-makers and one of college students — to better understand students’ habits and needs regarding network use and technology and how that compares to what their counterparts in leadership perceive. We asked almost identical questions of these two audiences and compared the results.
The results were fascinating. While the full survey report outlines many interesting findings, three key things stood out that warranted further analysis:
1. Students aren’t utilizing campus to its full potential because of unreliable Wi-Fi
We asked students where they complete their school work and use Wi-Fi the most. We then asked higher education leaders where they think students complete their school work and use the Wi-Fi the most. Both audiences were also asked how reliable they thought the Wi-Fi was in those areas. Surprisingly, the study showed a large discrepancy between the students actual Wi-Fi use and the leaders perception of what the students use. While the vast majority of students ranked the school library, on campus housing, and off-campus housing as the top three locations to work and use Wi-Fi, the leaders listed study rooms and dining/common areas as primary student work locations. Why aren’t students completing school work and using Wi-Fi in all of the areas leadership thinks they are?
When asked how reliable the Wi-Fi was in the same locations, the discrepancy was shocking. In every location highlighted, more than half of leaders thought Wi-Fi was very reliable, yet less than 25% of students thought so (with the exception of the library). More specifically, 40% of leadership versus 22% of students think Wi-Fi is highly reliable in dorms and 42% of leadership think Wi-Fi is somewhat reliable outdoors, while 57% of students say there is no outdoor Wi-Fi. To top it off, when students were asked “What technology would you like to see your campus provide to enhance the student experience?” the top answer, getting 54% of the responses, was reliable Wi-Fi.
While students want to seamlessly roam from their dorm room, to class, to the outdoor quad and have reliable connections in order to socialize and work, this isn’t being provided to the standard students expect. In order to provide the best experience for students, reliable Wi-Fi everywhere on campus is key.
2. While Wi-Fi is important, schools can’t forget about the wired network
Students are bringing more and more wireless devices with them to campus, especially when they live in dorms. On average, students who live on campus bring 9 devices with them to school, while those who commute bring an average of 3. The survey showed that students and higher education leaders were aligned on the top two devices students bring to campus (laptops and smartphones), but the third device was surprising. For students living on campus, 43% bring a desktop computer, a large difference from the 18% predicted by education leaders. Instead, leadership overestimated students bringing other wireless technologies, like tablets, video game consoles, and smart watches.
While the number of wireless technologies students bring to school will continue to increase, schools can’t forget about the wired network. Students still demand a wired connection, especially in their dorm rooms. Plus, a reliable network backbone is key to supporting high-density wireless access points everywhere on campus. Ensuring the underlying wired network is ready for what students will throw at it is just as important as the wireless.
3. Improving campus Wi-Fi can greatly reduce the number of help desk tickets
Students on average submit 11 help desk tickets per year, on par with higher education leaders’ estimations of 13 tickets a year. This means that students are submitting help desk tickets around once a month, and when you multiply that by the number of students, the amount of tickets is staggering. It’s no surprise that students and leaders agree that most tickets are submitted when the Wi-Fi goes down.
By providing always-on connections, students will complain less about the Wi-Fi and in turn, submit less tickets. This not only saves on IT resources, but gives those teams time back in their day to work on more proactive and impactful projects that can benefit the university.
Overall, the surveys found that students want to see reliable Wi-Fi on campus to enhance their experience, and they are not getting the always-on connection higher education leaders believe they’re providing. But it’s not too late to turn this around – higher education institutions can start by evaluating solutions that provide the access students deserve, while being easier for the IT team to set up and manage.
Wherever we look for evidence, it’s clear that the topic of security is consistently top-of-mind for IT organizations around the world. The media uncovers a security story with predictable regularity, so that even as consumers we’re all well aware of the ongoing tussle between those of us trying to secure infrastructure and applications, and those who seek to expose weaknesses. Looking at this positively, this ever-present reality helps minimize complacency and ensure products and apps are constantly improving.
The word ‘security’ conjures up different images to different people. For some it will be the protection of their web account credentials while connected to a cafe Wi-Fi hotspot. For others it will be ensuring physical safety for their employees or those in their care. Security is a broad topic, and it’s no surprise that it’s the first consideration when implementing technology of any kind.
At Cisco Meraki we firmly believe that our core value of simplicity is the best approach to help ensure a broader adoption of good practices. Anything we can do to simplify good security hygiene will help to level-up its implementation by our customers. Let’s take a look at three areas where thoughtfully designed infrastructure can truly make a difference.
Let’s face it, we’re a fallible species. There’s a mountain of evidence to support this, with estimates anywhere between 60 and 95% of network security issues being due to something we humans got wrong. We may not like to admit it, but the data proves we’re the weakest link when it comes to security.
The more complex an IT solution is, the more likely that humans will make mistakes. Complexity can develop in many ways: it may be because an organization’s security infrastructure has developed from an assortment of ‘point solutions’ from different vendors. It may be because the technology is too difficult to keep reconfiguring as needs change. Complexity can lead to shortcuts, and in the world of security, shortcuts are bad. The image of a password on a sticky note comes to mind.
With Meraki, from user and device policies to firewalls to malware detection, we work tirelessly to not only provide a robust set of security features, but also pay particular attention to the implementation of these tools through a simple, unified, intuitive user interface (the Meraki dashboard). The easier it is to implement good security, the more likely that is to be the result.
Automated firmware and patch updates
Any tenured network administrator will be familiar with the reality of maintaining current, secure firmware on the equipment they maintain. Even in 2019, it is still common practice to find engineers visiting vendor websites to download firmware that must then be distributed manually to each individual box. Not only can this process be tedious, but it’s also time consuming. Most worryingly of all, network admins frequently exhibit inertia when it comes to upgrading equipment, preferring to stick with what they know works, rather than ‘risk’ an upgrade. Back to the human element again.
At Meraki we consider healthy firmware maintenance vital in protecting our customers and their valuable data, so once again we apply simplicity to the process by defaulting to automated firmware updates. The option remains to schedule updates at a convenient time, and either way, new firmware is downloaded automatically from the cloud. Implementation of the update is as fast as rebooting the equipment, and Meraki customers can have peace of mind knowing the option to be on current firmware, offering the best available protection, is on by default.
It would be easy to assume that a simple user interface has less to offer. Fortunately, nothing could be further from the truth, thanks to a security-first approach in our engineering organization, and crucially, the fact that we’re part of the Cisco family. With a wealth of world-class security offerings under its belt, Cisco is a dominant player with a huge global footprint.
Security will remain the number one concern for IT organizations around the world. At Cisco Meraki we want to play our part by combining the world’s best security armor with a thoughtfully designed combination of automation and intuitive management. By simplifying at every layer we’re helping to ensure the best possible protection achieves the widest possible adoption. To learn more about network and physical security solutions from Meraki, please come along to one of our live webinars, or check out an on-demand recording covering Meraki security.
The dashboard is sacred at Meraki. We’ve built it to be powerful, scalable, and above all, simple for our customers to use from deployment and beyond. That being said, we’ve seen a trend over the last 12+ years in cloud-managed IT: customers and partners are increasingly looking for ways to automate, integrate, and build on top of the Meraki dashboard. This requires access to our growing API services.
If you’ve seen the Meraki dashboard, you might be wondering why anyone would want to bother with APIs, when everything is so easy to use in the web interface! While many of our customers never need to check out our API services, there are some compelling reasons to consider looking under the hood. Here are four reasons why learning how to use the Meraki Dashboard API service could be beneficial to your organization or daily management:
1. Automate dashboard workflows
Do you always take the same 10 steps to set up a new AP, change port configurations, or update a password on an SSID? How much time would be saved in your next deployment or in your weekly/daily management if you could automate those steps across networks or dashboard organizations?
2. Quickly report on cross-organization trends, audit users/devices/status
If someone tapped you on the shoulder today and demanded an audit of all dashboard administrators (or uplink status across all deployed Meraki devices, or content filtering rules, or all of the above), how would you pull this information from the dashboard? How many clicks would it take to gather this from different networks/organizations? Learn how to use the API to save yourself the clicks!
3. Integrate dashboard data into other tools and applications
Would data from the dashboard provide insight in any internal applications or interfaces you’re using – to manage service desk tickets, access control, customer loyalty programs on your WiFi networks, etc.? Meraki API services can enable this rich integration with other technologies, through turnkey solutions pre-built by our technology partners or by providing the building blocks for other integrations.
4. Build new applications on top of Meraki technologies
Have you ever considered building a web form to allow your on-site staff to deploy new gear without logging in to the dashboard? Are there IoT initiatives in your office(s) that rely on network integrations? Learning to use Meraki API services will unlock a world of new possibilities for you to efficiently and creatively leverage dashboard data and services in new ways.
For the reasons above (and beyond!), we have doubled down on our vision to provide open and extensible API services across Meraki products. We know that many of our customers using the API today didn’t expect to have that need when they invested in Meraki, but as additional (and often non-network related) business requirements, projects, and initiatives get piled onto their plate, having a programmable network infrastructure has proven to be a lifesaver!
Most marketers are guilty at one point or another of hyping up a minor improvement as if it were a major innovation. Think of the relatively unimportant year-over-year changes made to mature household products: it’s unlikely that that new lawnmower you bought a few days ago is really as game-changing as the manufacturer wants you to believe, at least when compared to last year’s model.
The technology industry is by no means innocent in this regard — plenty of tech products are heralded as revolutionary upon release, even if their improvements are more iterative than transformational. Every so often, however, the tech world gives birth to a game-changing invention that moves the goalposts and results in rapid adoption.
For these types of generation-defining technological changes to happen, a whole host of forces needs to move. In the music industry, for example, the shift from digital downloads to streaming occurred quickly thanks to the rapid proliferation of smartphones, the availability of fast cellular data, and the decoupling of individual tracks from albums that services like iTunes had enabled in the early 2000s.
The creation of the newest generation of Wi-Fi, Wi-Fi 6, represents a similarly meaningful shift. Consumers are adopting network-connected devices faster than ever before; wireless vendors (including Cisco Meraki) are introducing Wi-Fi 6 enabled networking devices at breakneck speed; and a brand new cellular standard, 5G, is already making waves in the world of wireless. In other words, the whole ecosystem is moving in lockstep toward a faster, better wireless future.
If past patterns are any indication, Wi-Fi 6 will have a major impact on the entire industry and see quicker adoption than any previous Wi-Fi generation. Here are a few reasons why.
1. Wi-Fi 6: built on a set of proven, foundational technologies
While Wi-Fi 6 introduces a new collection of breakthrough technologies, like BSS Coloring and Target Wake Time (TWT), it is based on a number of foundational, trusted technologies that have been enhanced instead of being rebuilt from the ground up. For example:
Wi-Fi 6 makes the jump from 256 QAM (Quadrature Amplitude Modulation) to 1024 QAM. The higher the number, the greater number of packets that can be sent efficiently. This increase means up to a 2.5x increase in throughput and a 25% increase in spectral efficiency.
Multi-user MIMO (MU-MIMO), a technology introduced with Wi-Fi 5, allows APs to send and receive packets to and from multiple clients simultaneously. Combined with 8×8 support, this will result in significantly faster speeds in different directions.
OFDMA, which replaces the older OFDM, significantly reduces overhead and latency, especially when a multitude of clients are connecting to the network. OFDMA is based on trusted technology from LTE.
What’s the upshot here? Though Wi-Fi 6 will be a revolution in wireless, it’s also in many ways an evolution of existing technologies. The rollout of Wi-Fi 6 networking hardware and devices alike should be relatively smooth, so consumers will be able to start using Wi-Fi 6 quickly.
2. More devices — and more demands — than ever
There’s a good reason the Wi-Fi Alliance sat down way back in 2013 and started hashing out its plans for Wi-Fi 6. Since the mid-2000s, there has been an absolute explosion of smartphones, laptops, and tablets, and this trend shows no signs of waning: four billion Wi-Fi equipped devices will ship in 2019, and by the end of this year, the 30 billionth Wi-Fi device will have shipped — that’s three times the cumulative number (10 billion) reached in 2014! And all of these devices, of course, rely on consistent connectivity to function. For that reason alone, Wi-Fi 6, with its focus on high density coverage, is long overdue.
But Wi-Fi 6 offers even more than this.
First, it’s a much more power-efficient standard, because thanks to a feature known as Target Wake Time (TWT), devices will check for new data packets on a schedule rather than constantly pinging the network. This feature can help devices like phones, IoT devices, and applications achieve up to 67% lower power consumption.
Second, we’re on the verge of some incredible new technologies that will only reach their potential if there’s a Wi-Fi standard robust enough to match. Think IoT (plus its cousin, IIoT), augmented & virtual reality, and factories laden with smart sensors to make operations more efficient. The performance of these futuristic tools and applications is dependent on fast wireless speeds, since long latency times can completely ruin the experience. Wi-Fi 6’s speed increases are therefore instrumental in unlocking these new services.
3. The long-term consequences of Wi-Fi 6 + 5G are immense
There’s another wireless standard brewing that the entire industry can’t wait for: 5G. While cellular data in some form has been available for over two decades (remember GPRS?), it really grew in importance once smartphones exploded onto the scene in the late 2000s and cellular made its way into other devices, like tablets and mobile hotspots.
So what does 5G have to do with Wi-Fi 6, and what’s so special about it?
5G and Wi-Fi 6 are actually closely intertwined. They’re built on the same technical foundation, and as a result, they both bring significant performance improvements. As evidence of the close linkage between 5G and Wi-Fi 6, a Cisco technology calledOpenRoaming will allow consumers to roam seamlessly between 802.11ax and 5G networks without having to deal with service interruptions.
But both Wi-Fi 6 and 5G are about much more than speed — they represent a fundamental transformation in what’s possible with connected devices, whether they’re large automotive vehicles (like self-driving cars) or small IoT devices (like smart speakers). While 5G will reign supreme in most outdoor scenarios, Wi-Fi 6 will take precedence inside buildings and with devices that don’t move around too often. Also important to note is the fact that Wi-Fi 6 adoption will outpace the adoption of 5G by a wide margin for years, according to ABI Research.
At the end of the day, the combination of Wi-Fi 6 and 5G’s strengths will completely transform our wireless world, no matter where users or their devices are.
The hype around Wi-Fi 6 has reached a fever pitch, and for good reason: manufacturers and consumers alike will quickly adopt the latest Wi-Fi standard in droves. At Cisco Meraki, we couldn’t be more bullish on Wi-Fi 6, and we’re incredibly excited for what the future of wireless will bring.
Check out our recently introduced Wi-Fi 6 compatible APs and the latest Wi-Fi 6 content, including other blog posts and customer webinars.
Activation Lock is a security feature on Apple iOS devices that prevents unauthorized use of an iOS device after it has been factory reset, rendering the device useless. While this is an amazing feature for personal use, it has presented challenges for IT administrators trying to deploy iOS devices for enterprise use cases. While IT administrators desire the added security Activation Lock provides, they are often frustrated by the lack of enablement control and device status insight.
Cisco Meraki’s mobile device management solution, Systems Manager, fully supports management of Activation Lock on supervised iOS devices. Let’s pull back the curtains and see how Cisco Meraki Systems Manager can help you effectively manage the Activation Lock status of your device fleet.
How is Activation Lock enabled?
There are two different ways to enable Activation Lock:
Device Activation Lock: The device owner enables Find My iPhone/iPad on the device with their personal Apple ID account.
MDM Activation Lock: Meraki Systems Manager enables Activation Lock with an MDM command. This action is only available on supervised iOS devices enrolled using Automated Device Enrollment through Apple Business Manager (ABM) or Apple School Manager (ASM).
How do I check the Activation Lock status of iOS devices?
You can view the Activation Lock status for each device in the “Management” section of the device’s details page in Meraki Systems Manager.
If Activation Lock is “Enabled”, Find My iPhone/iPad is enabled and the device’s activation may be locked by an owner’s personal Apple ID. MDM Activation Lock indicates that Meraki Systems Manager sent a command to enable Activation Lock on the device. The device’s activation may be locked by the Apple ID of an IT administrator with management rights in the ABM or ASM portals.
You can also view the Activation Lock status in the Devices list in Meraki Systems Manager by adding the applicable column to your view.
I wiped an iOS device and Activation Lock is enabled. How do I bypass or disable Activation Lock?
There are several methods to bypass or disable Activation Lock:
Apple ID: Enter the email address and password of the account that enabled Activation Lock on the device. Depending on how Activation Lock is enabled, this may be the user’s personal Apple ID credentials or the Apple ID credentials of an ABM/ASM administrator.
Bypass Code: When Activation Lock is enabled on supervised iOS devices, Meraki Systems Manager stores a bypass code, a randomized 30 character string, which can be used to clear the device’s Activation Lock state. In situations where both device and MDM Activation Lock may have been enabled, Meraki Systems Manager stores the codes generated for each type. The bypass code can then be entered at the Activation Lock screen to clear the Activation Lock status.
Clear Activation Lock Command: Meraki Systems Manager can send a remote command to Apple to clear Activation Lock on supervised iOS devices using the known bypass codes.
How can Meraki Systems Manager help me manage Activation Lock settings?
Meraki Systems Manager can only manage Activation Lock settings on supervised devices. If devices are supervised, Systems Manager prevents end users from being able to enable Device (Find My iPhone/iPad) Activation Lock by default on enrollment.
Via the “Privacy & Lock” payload, Meraki Systems Manager can be configured to automatically allow Device Activation Lock, and/or automatically enable MDM Activation Lock when devices are enrolled.
Check out Meraki Documentation for more information on how to manage Activation Lock settings and behaviors with Meraki Systems Manager. If you would like to learn more about Systems Manager, join us for an upcoming webinar (where you can qualify to earn free System Manager licenses), or call the Meraki sales line to start a risk-free evaluation.
Imagine you are a network engineer responsible for supporting an office with 100 people, all of whom use Office 365. One afternoon, all of a sudden, you start to hear persistent complaints from your colleagues that the internet is slow. They can’t load their emails, Word docs, or Excel spreadsheets.
It’s hard to know where to begin. Is the issue due to a faulty wireless AP? Have you lost your internet connectivity? Is a user hogging all the available bandwidth by streaming Netflix? Is Microsoft experiencing a server outage? Or is it all of the above? How do you start troubleshooting? Running packet captures is one option, but it will take a lot of time, which is the one commodity you do not have, since everyone in the office is affected. Lost productivity equals lost money.
This hypothetical scenario became very real a couple of weeks ago in the Cisco Meraki Chicago office. During the afternoon of July 3, a few staff members started observing that Office 365 experience had noticeably deteriorated.
A quick look at Office 365 on the Meraki Insight dashboard suggested that there was a WAN problem affecting O365 traffic.
Closer inspection revealed that the internet connection was fine (i.e. no loss on WAN1 or WAN2), but starting at around 2:30pm, Office365 traffic on the WAN specifically was significantly degraded (~60-80% loss with >3s latency). So much so that almost every user in the office was affected.
Interestingly enough, only our Chicago office was affected where incidentally all traffic is routed through San Jose. This indicated that the root cause was localized to the network path between the Chicago office and the Office365 server local to San Jose it was trying to reach. Thus, in the short term, one workaround could be for a user to VPN into another Meraki location, so that the user’s Office 365 traffic flowed to a different Microsoft server and bypassed the local WAN problems.
Armed with this information from Meraki Insight, our IT team was able to proactively issue guidance to staff at the Chicago office: “Hi Folks, we suspect there’s a WAN outage near an Office 365 server in the San Jose area that is affecting us due to our network traffic being routed to San Jose. I will send an update once I receive more information regarding the outage, however some people have seen success by using VPN to connect to Outlook.”
Indeed, shortly thereafter, Microsoft posted this on their Twitter account, confirming what Insight had indicated.
Office 365 adoption is skyrocketing around the world. Yet, despite this increased adoption, IT admins do not have an easy way to know how or where to start troubleshooting. Without Meraki Insight an IT admin would need to painstakingly test each potential contributing factor one-by-one. This takes time, and since the network conditions keep changing, it becomes impossible to say with certainty which factor or factors is actually causing the problem. Meraki Insight reveals how much each factor is contributing to the problem whilst keeping network conditions constant.
Our customers can spend hours trying to identify the root cause of events like these. Meraki Insight can answer such questions in a matter of minutes, saving them a huge amount of time and money. Learn more and try out Meraki Insight for free here.
A couple of months ago we launched our podcast, Meraki Unboxed, where we discuss topics relating to the Cisco Meraki business and our technology.
The latest episode is a great listen for anyone looking to learn more about the ways in which IT infrastructure management and other business applications are steadily converging thanks to APIs. This approach is developing all the time, offering new opportunities in operational efficiency and customer engagement, so we had plenty to talk about on the show.
Whether you’re a network administrator looking to evolve your career, or a business owner seeking new ways to build loyalty in customers with digital transformation, there’ll be something of interest here.
Subscribing to the podcast is the best way to enjoy some great discussions at a time and place that suits you. Just search for ‘Meraki Unboxed’ in your favorite podcast app.
A link to the API episode is below. Let us know what you think! Oh, and if you’d like to take the next step on your API journey, we’ve got an in-depth webinar coming up soon. Click here to sign-up.