Meraki has revolutionized the experience of managing a network. Just ask anyone who’s made the switch.
Speaking of ‘switch’, and to illustrate what we mean, we’d like to present our latest video, Cloud Managed Switches. Every network administrator will recognize the experiences covered in this light hearted video, and for those who wonder what life is like for countless thousands of network admins around the world, here’s a rare insight into their reality.
There’s no doubt about it, managing Meraki network infrastructure is a breath of fresh air and will immediately begin to impact the running costs for any network, large or small.
They’re smart. They’re fast. They’re the technology partner your business has been waiting for. We’re talking, of course, about Meraki MS Switches.
With built-in enterprise security, virtual and physical stacking, Layer 7 visibility, intelligent network mapping, live troubleshooting tools, and more, MS switches are total game-changers for networks of all sizes. Meraki switch customers understand the health of their networks, deploy new devices, configure settings, troubleshoot, and create custom reports in significantly less time and with lower costs than their third-party switch counterparts.
Join the revolution! Until July 30, 2016, first-time Meraki switch customers are eligible for a special promotion on 5-year licenses. Buy any Meraki switch and we’ll give you a 5-year management license at the list price of a 1-year license*. That’s 4 years of smooth sailing on us.
Please check out meraki.com/setsail for more information, and reach out to your Meraki rep or reseller before this ship leaves port. All aboard!
*Detailed terms and conditions apply and are available here (US/LATAM/CA), here (EMEAR), here (APJC), and here (日本語).
The last decade has seen a drastic increase in the number of network-connected devices. Because of this, it has become more and more difficult for administrators to manage access, security, and traffic policies for all of the clients in their networks. As with a lot of other IT challenges, the key to solving this problem lies in automation – removing as much of the manual work as possible by creating ways to dynamically and intelligently assign policies to clients. One of the most effective ways to accomplish this is through a technology known as Change of Authorization (CoA).
At the most basic level, CoA is just a mechanism for changing the policy of an already-connected client. While that might sound pretty simple, there are actually a variety of ways that CoA can be used to solve complex problems in a wireless network. For example, you might want clients to have different levels of network access based on the current security status of the device, often referred to as its “security posture”. A device’s posture includes things like whether it has up-to-date antivirus and anti-spyware software installed, whether the latest operating system security patches are installed, or even whether a certain application is installed on the device. Using CoA, you can send information from Cisco’s Identity Services Engine (ISE) or similar solutions to a Cisco Meraki AP informing it of any changes to a device’s posture. The AP can then apply the appropriate policy to that client, even if it is already connected. You can also leverage ISE to perform Central Web Authentication (CWA) in order to implement automatic authentication and policy application for guest users.
Like all Cisco Meraki features, we took care to ensure that CoA is simple to implement. For administrators who wish to use Cisco ISE as their RADIUS and CoA server, it’s as easy as navigating to the Wireless>Access Control page and selecting ‘WPA2-Enterprise with my RADIUS server’ in the Association requirements section, and ‘Cisco Identity Services Engine (ISE) Authentication’ in the Splash page section.
Add your ISE server information under RADIUS servers, and you’re good to go! Your APs will now redirect users to the ISE web portal for authentication when they connect, and will respond to CoA messages sent by the ISE server.
For other popular solutions like PacketFence, the process is just as easy. Instead of selecting ISE Authentication from the Splash page options, set RADIUS CoA support to ‘RADIUS CoA enabled’ in the RADIUS server options on the same page.
The AP will now respond to CoA messages sent by the RADIUS server.
These features are currently in open beta. If you want to try them out, you can reach out to our Support team or to your Cisco Meraki Systems Engineer to join the beta. For more information on configuring CoA on Cisco Meraki MR access points or to learn more about this feature, check out our documentation.
With customers hailing from every corner of the globe, we wanted to find out how Meraki products were being put to use abroad. This week, we’re turning our attention to Switzerland, highlighting three very different use cases. From rugged mountain terrain to rehabilitation centers to product development and manufacturing, let’s take a look at how these Swiss companies are benefitting from the Meraki solution:
High in the Swiss Alps, Zermatt Bergbahnen provides visitors with breathtaking vistas and provides skiers access to 200km of pistas. The largest cable car and lift company in Switzerland, Zermatt Bergbahnen has placed its customers’ interests, and their desire for WiFi access, at the top of the priority list.
The company installed a mixture of Bluetooth-enabled 802.11ac MR32 indoor APs and MR72 outdoor APs throughout its resort and transport facilities. These APs withstand temperatures between -30℃ to -35℃, more than 4,000m above sea level, and provide free WiFi to guests and company-issued employee devices. Not only is the IT team benefitting from their newfound network visibility and Layer 7 application control in the Meraki dashboard, but they’ve also installed the Meraki MDM solution so employees have access to the Skidata system on their corporate devices.
Moving our focus to the Zurich highlands, Zürcher Höhenklinik is a rehabilitation centre seeing over 5,000 patients annually with both in-patient and out-patient services. The needs of this centre encompass more than traditional guest and corporate usage. The IT team has 6-8 wireless SSIDs configured at any time to provide access to patients, mobile workers, medical staff, and guests.
What makes the usage for this customer interesting are the WiFi-enabled medical treatment machines. By deploying Meraki wireless APs, the IT team can remotely customise the needs of each user group, providing additional bandwidth for mission critical uses, employing Layer 7 application limits for fair guest use, and isolating the LAN to ensure security of sensitive client information. The centres were able to create custom rules for each use without having to deploy additional devices or solutions.
This small, family-run business has exploded onto the market as one of the most important developers and manufacturers of shakers, bioreactors, and bioprocess software in the world. INFORS HT has a global footprint and was looking to refresh its network infrastructure to reflect and ultimately increase the innovation, collaboration, and ingenuity that had brought the company such success.
Over the course of just a couple days, the IT team installed Meraki wireless, switching, and security appliances in its Swiss headquarters and all of the distributed world-wide locations. Whether using personal or company-issued devices, employees can instantly access resources after inputting their security credentials and can communicate with the different sites seamlessly via the site-to-site Auto VPN functionality. Not only has the IT team made it a breeze for users to carry out their day-to-day activities, but they themselves are also benefitting from the ease of use in establishing custom settings and per-port configurations.
Here in Northern California, two names that are known in every household are Brookstone and Orchard Supply Hardware (OSH). What may be less widely known is the networking solution that helps power these organizations – you guessed it, these are both Meraki customers. Read below for a glimpse behind the scenes of these networking stories, or check out the full case studies here.
Specializing in innovative and useful consumer goods, the Brookstone team is dedicated to consistently improving the shopping experience for their customers. They are able to focus their efforts on this high-level mission with the reliable, no-nonsense network that Meraki cloud managed wireless and switching solutions provide.
Rock-solid WiFi coverage became increasingly important to the Brookstone store experience, where associates and customers required access to detailed information about the company’s thousands of products. Brookstone’s former WiFi network proved unable keep up with this increased need for reliability and traffic capacity. The team did a proof of concept with the Meraki cloud managed solution, and “fell in love with the Meraki technology, especially the ease of use, accessibility, and how simple it was to set up,” shared Doug Reczko, Operational VP of IT at Brookstone.
In each Brookstone store, there is now one MS 8-port Switch with a MR32 802.11ac Access Point wired into it. From there, depending on the size of the store, several other MR32 APs connect via wireless mesh to provide fast and seamless connectivity for all business users, without having to cable the entire store.
With nearly 225 stores across the United States, the simple, scalable mass-management inherent to the Meraki platform is a necessity for Brookstone. The team is able to log into their Meraki management dashboard and instantly see all of their locations, learn which sites are running smoothly and which need attention, and drill down into specific devices for further insight and troubleshooting.
“My goal as an executive is to bring our services to a higher level and do it better, faster, and for less; the Meraki tools allow us to do that,” said Doug.
OSH is a successful home improvement retailer with over 70 stores throughout California and Oregon. With a lean IT team managing the network for all locations, Meraki cloud managed access points and switches enable the retailer to focus on its customers and high priority projects, rather than routine network maintenance.
Challenged by limited IT resources and tired of traditional on-premise controller models, Moon Son, Senior Director of IT Infrastructure at OSH, initiated a proof of concept with Meraki wireless access points. OSH needed a reliable wireless network for inventory scanning, price look-up, and other critical retail functions. Moon and the team soon developed a close relationship with their Meraki sales team as they worked together to figure out the best setup for their unique environment and business initiatives. “Meraki was very attentive to our needs and provided great customer service, setting them apart from other vendors we were looking at back then,” Moon said.
Today, all OSH locations still boast the same MR16 802.11n APs that they purchased following that initial meeting. “The investment is still working for us, and I’m happy to say that all the features we have wished for have also been developed over the years,” Moon expanded.
The visibility and ease of management inherent to Meraki hardware and the cloud based management dashboard have been valuable assets for the OSH IT team. “Being able to schedule firmware and feature updates and not having to plan maintenance activities has been a huge benefit for my team, and a big cost saver in terms of resource allocation and time,” Moon shared.
However, Meraki proved most useful this past summer when the team set out to construct a new IP schema across their entire network for a new point of sale initiative, while also integrating new switches. “We touched every single network device, every single endpoint, put in new switches, re-did our routers to recognize the new IP scheme, everything,” Moon said. “This was a monstrous effort, and Meraki was a huge, huge help.”
Get more details on the ins and outs of this giant project in the full case study here.
We hope you enjoyed learning about these featured customers! Check out our Meraki for Retail guide to see how we can help businesses of any size leverage their networks in a scalable and flexible manner.
We’ll also be hosting a live webinar where a Meraki product specialist will give a tour of our cloud managed dashboard and tailor the capabilities of Meraki specifically to retail. Sign up for the webinar here.
We’ve just wrapped another hugely successful Meraki Quarterly, recapping everything we’ve been doing over the past 3 months. Since its inception last year, the Quarterly has grown to become the perfect vehicle for comprehensively reviewing what’s new and recent within each of the four product groups here at Meraki HQ. Assembling the team together in the same room at the same time is never easy – akin to herding cats – but when it happens the results never disappoint.
Here’s a quick recap of what we covered this time around:
Raviv shared information about our new integration of Advanced Malware Protection (AMP) on our security appliances. AMP provides real time protection against malicious files destined for a network user by checking them against a huge and growing database. AMP is currently in beta and will be a free feature upgrade for MX Advanced Security customers.
Tony provided a recap on our new stackable 1GbE fiber aggregation switch line, the MS410 and also took the opportunity to run through switch templates, a very exciting and powerful new management feature which we covered on the blog recently.
Enterprise Mobility Management
Systems Manager continues to see new features being added at a breakneck pace, truly exemplifying the high feature velocity for which Meraki became renowned. Paul ran us through the recent announcements which have extended feature support on iOS, Mac OS X, Android and Windows.
Matt took the opportunity to remind attendees of our exciting new developers portal. There are some extremely smart people out there, developing innovative solutions which leverage Meraki infrastructure and our range of APIs. There was also our new flagship MU-MIMO 802.11ac AP to shout about, the MR42. Finally, he generously put up a pair of limited edition Meraki socks as a prize in a selfie contest, because why not? There’s still a couple of days to submit photos.
We don’t want anyone to miss out on the Quarterly, so we’ve put a recording online. If you missed the session, or even a part of it, we hope you’ll find this useful.
We’ll be back in July with what promises to be an exceptionally exciting session. Look out for invitations nearer the time.
We offer a variety of live and recorded webinars hosted by Product Specialists focused specifically on K-12 environments and deployments. We were recently joined by Scott D. Miller, Director of Technology at Wayne Highlands School District, who shared his story on managing Meraki APs, switches, security appliances, and MDM. This webinar even features Scott adding a Meraki AP to their network on air!
Last minute E-Rate questions?
Check out our handy customer FAQ to answer your most pressing E-Rate questions. From the basics of the E-Rate program to how Meraki and E-Rate interplay, this will cover it all!
Who doesn’t love a deal?
E-Rate eligible schools and libraries can take advantage of the Meraki K-12 promo*, which offers a steep discount on 5 year licenses associated with new hardware purchases. Reach out to your Meraki rep to learn more about the promotion.
Interested in learning more about K-12 for Meraki in general?
Our K-12 solution guide and customer stories are great places to start! The solution guide provides you with a quick overview of what Meraki can offer K-12 environments, while our customer stories give insight on how current customers are using Meraki and why it’s their solution of choice.
Good luck finishing off the FY16 E-Rate season. Remember, summer break is just a few months away!
*All Meraki hardware and licenses are 100% E-Rate eligible with the exception of MX Advanced Security license (50% eligible) and Systems Manager licenses (not eligible) per the Funding Year 2016 eligible services list. Meraki K-12 Promo running through July 1, 2017.
Cisco colleagues and partners! What will you be doing at 9:00am Pacific Time this Thursday, the 7th of April? We hope you consider tossing your date book, setting your emails aside, and joining us for the second Meraki Quarterly Update of 2016.
During this live, one-hour session, Product Specialists from our Wireless, Switching, Security, and MDM solutions file into our webinar room and take turns delivering the latest news about their respective products. These are the technical evangelists who shape the direction of our products, and they are looking forward to sharing news with you and hearing any questions you have in return.
Whether you are just curious about what Meraki’s been up to, or would like to learn how your existing Meraki network has improved over the past couple of months, this webinar is valuable for anyone familiar with the Meraki cloud managed offering.
Partners: Sign up here (Listed under the ‘Training’ tab in the Partner Portal)
The fun doesn’t stop there! We want to share this event with our customers as well, and will be hosting a live viewing session on Tuesday, April 12th at 10:00am Pacific Time. We will play back the Quarterly from the week before, and will have Product Specialists on the webinar answering incoming questions live.
As many IT professionals already know, the Internet can be a dangerous place. The unfortunate reality is that not everyone out there just wants to show you adorable cat pictures. With the threat landscape continuing to evolve and the number of Internet-connected devices growing faster than ever, it has never been more important to have powerful security tools at your disposal to prevent malicious software from compromising your network.
It is with that in mind that the Meraki development team and the Advanced Malware Protection (AMP) development team have been hard at work to bring the best anti-malware solution in the industry to the MX Security Appliance. This integration will allow network and security administrators to take advantage of AMP’s global threat intelligence database alongside the unparalleled ease of use and powerful feature set of the Meraki MX.
Not only does the AMP database include over 500 million known files, it receives over 1 million new malware samples per day. Between file sandboxing, a variety of industry threat feeds, and the diligent work of our Talos threat intelligence team, we ensure that AMP customers are protected against even the most cutting-edge malware. You can learn more about AMP here.
So what does the AMP on Meraki MX integration add from a functional perspective? Here’s the breakdown of what’s new in the beta:
–AMP file scanning: the “Malware detection” selector on the Security Filtering page in Dashboard now enables AMP. When AMP is enabled, downloaded files will be checked against the global AMP database to ensure that they are not malicious before they are allowed to enter the network.
–New Security Center reporting page: to ensure that you have the latest information about malicious files or attacks on your network, we’ve completely overhauled the Security Reports page into the new Security Center. This page combines information from both the IPS and anti-malware features to give a holistic view of network security. We’ll have a separate blog post specifically about the use and capabilities of the Security Center coming soon, so keep an eye out for that.
–Retrospective alerting: no solution, no matter how powerful, can detect 100% of all malware. However, with retrospective alerting administrators will be notified retroactively of malicious files entering the network even when those files were not known to be malicious at the time. Through the Security Center, administrators can determine which clients downloaded the malicious file and take corrective action.
–Threat Grid sandboxing (coming soon): stay tuned for another update in the coming months about integration with Cisco’s Threat Grid malware sandboxing solution, which allows administrators to send unknown files to either a cloud or on-premises sandbox so that it can be executed safely in a virtual environment and inspected for malicious content. Threat Grid integration is not part of the current beta.
Here’s the best part: if you have an Advanced Security license, you can try out AMP on MX for yourself right now. Simply reach out to our Support team and ask to be added to the AMP beta, and they’ll work with you to schedule a time to perform the upgrade. Over 1000 MXs are currently running AMP, and the feedback we’ve gotten from that initial beta pool has been phenomenal. We want your feedback too, so if you’re interested in having these great new capabilities on your MX, give us a call! Don’t forget that you can always opt in to this and future betas by checking the “Try beta firmware” box on the Network-wide>General page in your Meraki Dashboard.
It is with great pleasure that we announce the publication of a new guide focused on the wired networking world. Our new Campus Access Deployment Guide is designed to help customers who are in the process of designing larger networks. There’s much to consider: security, redundant network architectures, power, Quality of Service, troubleshooting, traffic analysis, the list goes on.
Meraki switching is designed to be easy to configure, deploy and troubleshoot and there are many ways in which these attributes manifest themselves, like our helpful remote packet capture and cable testing tools, and our recently announced switch templates. Even with this simplicity, the design of a highly available, fast performing and well understood network is no trivial task, requiring a degree of skill. Our aspiration for the Campus Access Deployment Guide is to assist in the process and serve as a checklist for the network engineer.
We do hope the document proves useful, and as ever, please send your feedback so we can continue to improve its value.