You may have heard of our special ‘The World Is Not Enough…Without One-Hour Switching’ webinars, where our product specialists configure a switch network from scratch during a live, one-hour webinar. These action-packed presentations are a hit because of their fun theme, and the free MS220-8P switch offered to qualified attendees is just the cherry on top.
Good news! Starting next week, every ‘Introducing the Next Generation of Ethernet Switching’ webinar will also offer a free 8-port switch. All you have to do is sign up, tune in, and enjoy.
See the robust capabilities the Meraki dashboard can offer your switching network, at no cost to you. Check out the next live presentation here.
One of the most rewarding aspects of life at Meraki is the feedback we receive every day from our customers and fans, which we do our very best to stay on top of. There are many ways in which we listen. Firstly, there’s the ever–popular ‘make–a–wish’ box which enables existing customers to provide direct feedback on our management tool, the dashboard, to the very people who write the code that makes it work.
Then there’s that crazy, wild and opinionated place we all know and love, the Internet. We know that satisfying every customer is challenging, especially in the fast–paced world of technology and this era of instant gratification, but doing so remains our guiding star. The feedback we receive online, unsolicited and unfiltered, is an invaluable source of inspiration and we welcome it all.
With summer upon us here in sunny California, we couldn’t resist taking a few moments to sit back and bask in some of the comments we’ve seen lately. We hope you’ll allow us the indulgence of sharing some of our favorites with you.
“Troubleshooting in an organization with Meraki across the board is a dream” – via Reddit
“We have 15-16 hats we have to wear any given day. One of the hats we absolutely don’t have is the RF Engineer hat. Now, with the dashboard, we can look at the channel utilization and interference on each channel for each AP.” – Museum running Meraki
One for our French speaking friends…
“With Meraki, you’re gonna get the visibility, you’re gonna get the reliability, you’re gonna get a solid product.” Car dealership chain IT Manager
“I’m a triple CCIE and I gave up the CLI for Meraki” Diehard command line junkie
…and finally, one last classic from the archives…
We’re a deeply passionate team, as our name suggests…
…so it’s a constant source of delight for us when we see kind words like these written online.
Please keep the feedback coming and help us remain your favorite networking vendor. We’re easy to talk to via the dashboard and through our Contacts page. We’re also listening on our social channels: Twitter, Facebook, Google+, YouTube, Instagram, Reddit and others.
To celebrate the launch of our latest product video featuring the Z1, we are running another one of our popular promotions for subscribers to the blog. This time we are giving away Z1 teleworker gateways to five lucky subscribers.
To take part in the promotion, all you need to do is subscribe to the Meraki blog before the end of August 2015. Current subscribers are automatically entered into the promotion. To subscribe, visit the Meraki blog home page and press the subscribe button. Additional terms and conditions apply; subscription is not necessary to enter.
There is a lot of love for the tiny, but powerful, Z1 in the Meraki office. We encourage you to experience the Z1 for yourself and potentially grow as attached to it as we have.
The Meraki dashboard is a powerful, user-friendly platform that makes it simple to manage networks of any size. You can see it in action with the Meraki Challenge, but only for a few more days! The challenge officially wraps up this Friday, July 31st.
In the Challenge, deftly maneuver your way around the Meraki dashboard and answer questions about the sample network at hand. If you’re speedy, you could win an Apple or Android watch, or even a tropical vacation! Has IT ever been so fun?
If we asked you to name a Meraki product, which one would come to mind first? For most of you, odds are the answer isn’t the Z1 Teleworker Gateway (unless you’re cheating because you read the title of this blog post). While the Z1 is sometimes lost in the shuffle among its more physically imposing MX cousins, it stands on its own as a powerful enterprise-grade teleworker solution.
The Z1 offers a unique value in that it brings the Meraki dashboard to teleworker deployments, which by their very nature benefit enormously from the dashboard’s centralized management and monitoring capabilities.
Any teleworker solution has to meet three major criteria: it has to be easy to deploy, it has to scale, and it has to be secure. In this post we’ll explore how the Z1 addresses these challenges.
When deploying a teleworker solution, most administrators don’t have the kind of resources on-site that they would in a corporate location – after all, this is generally being installed in a user’s home. With the Z1, the only thing that the user needs to do is power the unit on and plug it into their ISP modem. Everything else can be done from headquarters by the IT team via the dashboard. This quote from a Z1 customer sums it up nicely:
“The fact that I was able to pre-configure [the Z1s] using Meraki’s cloud management and drop-ship them to users anywhere was awesome. Many of these users are not the most tech savvy people, so the fact that all I had to do was instruct them to plug in the power and plug in one ethernet cable and it just started working auto-magically was incredibly convenient.”
-Reddit user on /r/networking
Even VPN connectivity to headquarters is automatic – using Meraki’s AutoVPN technology, the Z1 can discover its configured VPN concentrator and build a VPN tunnel to it from anywhere. This is especially useful for traveling employees, since it means that they are never more than an ethernet cable (or USB cellular modem) away from their corporate resources.
Want to know how Cisco Meraki customers deploy the Z1? Here are a few examples:
One thing that administrators generally don’t want in their teleworker deployment is variety. The key to scalable management, especially for devices that are outside of the administrator’s physical control, is standardization. With an optional feature called configuration templates, multiple Z1s can use the same shared configuration. This drastically reduces the overhead involved in managing these remote devices. When a change is made to the template, that change is propagated to all of the networks bound to the template.
Wired and wireless access control
Security is critical any time remote devices are providing access to corporate resources. There are a variety of methods for managing wired and wireless access via the Z1, but the principal way is to use RADIUS authentication.
On the wireless side, this is accomplished with WPA2-Enterprise. Administrators can easily create a template with one corporate SSID on a VPN-enabled VLAN and secure that with WPA2-Enterprise.
Another SSID for personal use might be secured only with a passphrase. Different layer-3 and layer-7 firewall rules can be applied to these SSIDs to further augment security.
On the wired side, RADIUS authentication can be configured using built-in splash page functionality. The splash page is hosted in the Meraki cloud, so there is no need for the administrator to set up any servers or splash infrastructure.
Splash can be configured on a per-VLAN basis, such that users will only have to enter their credentials into the splash page in order to access the VLAN that is connected to the corporate VPN.
Meraki’s CMX presence API enables organizations to extend the functionality offered by Meraki location analytics. In this mini-series of blog posts, we explore the capabilities of some of our technology partners that integrate with the API. In our previous spotlight we covered Euclid Analytics and their capabilities with Meraki WLAN devices. In this blog post we take a look at Turnstyle.
Turnstyle’s WiFi marketing platform offers customer engagement, loyalty, and analytics capabilities that enable retailers to learn actionable insights about on-premise customers. This can be used to send real-time messages, coupons, and rewards directly to customers’ smartphones, without the need for a mobile app; thereby increasing customer engagement and loyalty.
Customer case study
A restaurant chain deployed Meraki with Turnstyle integration in 54 locations to learn about customer trends, to generate marketing lists, and to create a location-based marketing platform. This was then used to reward customers for their loyalty in an effort to increase visit frequency, and to re-engage with customers who had not visited for over a month.
Over four months, the restaurant chain generated over 12,000 customer opt-ins for marketing communications via email, SMS, and Facebook. Over 30% of the client’s marketing communications were read by its customers, and ~18% of all coupons delivered through the Turnstyle platform were redeemed. The contextual messaging had a dramatic impact on customer loyalty and visit frequency, which increased by 70% and resulted in an ROI of over 15x.
The Turnstyle platform
Turnstyle’s platform consists of three components that integrate into a Meraki WLAN network:
Audience Insights uses Meraki wireless APs to passively monitor customer foot traffic and trends. This information can be used to make operational decisions on things such as staffing schedules, marketing strategies, and customer rewards.
Social WiFi gives business owners the ability to offer customers a gated WiFi network, eliminating the need for cumbersome passwords. Meraki offers extremely simple out of the box integration with Facebook WiFi, but for customers needing Facebook, Google, Twitter, and email simultaneously, Turnstyle Social WiFi offers a solution.
Engagement provides business owners with the ability to set up location-based messaging to interact with customers in hyper-contextual ways. Turnstyle makes it easy to reward customers for their loyalty by enabling coupons to be sent based on visit frequency, or to help businesses re-engage with customers who haven’t visited a venue within a defined time-period. With all Meraki WLAN devices connected to a single cloud infrastructure, this engagement can stretch globally wherever you have a Meraki device.
Meraki wireless customers can sign up for Turnstyle by visiting this page. No additional hardware is required, and you can be up and running in less than 10 minutes. Cisco Meraki’s CMX location analytics is available today for all customers, with bespoke functionality enabled by the API and our technology partners. Visit our documentation portal for further information on CMX analytics and our API.
Over the past two weeks, over 1300 Cisco employees, partners, and customers tuned in to our Meraki Quarterly Update webinars. The Meraki Quarterly webinars are live presentations that bring our Wireless, Switching, Security, and MDM Product Managers into a room each quarter and give them 10 minutes each to share what’s new and upcoming for their respective solutions. For the full recording and PDF of the presentation, please check out our webinars page and the video below.
This past Quarterly swung into motion with a Switching update from Lawrence, a Meraki switch extraordinaire.
Lawrence explained what features Meraki MS Switches acquired over the past year, the newest of which are isolated ports (guest mode), network topology, and ethernet power reporting. With cloud-management inherent to all Meraki gear, all existing customers benefitted from these ongoing feature updates at no additional cost!
After a quick switch network demonstration in the Meraki dashboard, the presentation rolled over to Matt for a Wireless update.
Matt shared some photos and user interactions from the Meraki presence at Cisco Live 2015 in San Diego. Our team is always excited to meet Meraki customers, new and old, so please keep an eye out for our colorful green shirts at future events.
Matt also revealed dashboard UX enhancements that customers can try out any time. If you’d like to give it a shot, simply tack on ‘new_list’ to your URL when visiting your list of Access Points in the dashboard (example: https://n7.meraki.com/MyNetwork/n/aHhrel/manage/nodes/new_list/). We welcome any feedback you have about the new look in the ‘Make a Wish’ box, located at the bottom of every page in the dashboard.
A new look for wireless.
After wireless wrapped, we moved on to an MDM update from June.
What a few months it’s been for Systems Manager (SM)! With the updates to Systems Manager Sentry, networks will get to know devices like never before. Sentry offers simple, automatic security that is context aware. Sentry WiFi Security enables Auto-EAP-TLS in less than 5 minutes (this is also commonly referred to as magic). Systems Manager is able to generate unique certificates, generate the profile end user devices need to connect, and then form a link with the Meraki cloud-hosted RADIUS server for authentication.
In the education space, enhanced features such as single app mode, role-based admin, tagging, Backpack, and AirPlay, SM can become your new teaching assistant. Allow teachers to harness the power of IT – without causing any harm to your network.
Last, but certainly not least, was a lively Security update from Daghan.
Daghan announced that an IWAN beta is set to launch in late August. In-demand features are set to go live, including dual-active path with active-active VPN and active-active VPN & MPLS, performance-based routing (PfR) to ensure the best uplink is used based on latency and loss metrics, and policy-based routing (PbR) to allow uplinks to be intelligently assigned.
There will also be other improvements accompanying the IWAN release, such as the UX in dashboard and an updated firmware status report.
A new feel for dashboard security features.
In a bit of company-wide news, have you answered your Meraki calling yet? July is the last month for customers, partners, and employees to take the Meraki Challenge! Show off your cloud networking skills for a chance to win a smartwatch or even a tropical vacation.
As you can see, a lot has happened over the past few months, and this wrap up just skims the surface. For the full Quarterly update, check out the recording. This update airs live once every calendar quarter, so keep an eye on our webinars page to sign up for the next one!
Three quick facts about Todd Nightingale: “I’m from New York, but I’m a Red Sox fan. I travel quite a bit for work, but have never been to South America or Africa. And the hobby that has survived all my work and travel experiences has been cooking – my braised short ribs and mushroom risotto might possibly get by at a restaurant with minimal complaints. It just takes me all day to make.”
Todd’s flagship risotto, here topped with a citrusy salmon
There’s Todd for you — a man of culinary and global pursuits. Among his many enthusiasms is technology, and he has been working in the IT space for quite some time. In late 2014, Todd became the leader of Cisco Meraki, and we thought it was high time to feature him on the blog.
Prior to joining Meraki, Todd had been in the wireless networking space focused on large enterprises. Many of the features he was providing to massive, sophisticated networks were needed by everyone, but could not be provided to all organizations due to their cost and complexity. “This is why I was first drawn to Meraki,” explained Todd. “Meraki makes these top-of-the-top features available to everyone, even small networks with IT teams of just one or two.”
While researching Meraki, Todd got some gear into his hands with a free trial – “When I actually tried it, I truly believed that it could work for the biggest of the big… and the smallest of the small.” Todd made the move to join Meraki as a technical sales and product strategist, and the rest is history.
In the past year, Todd considers the globalization efforts and expanding product portfolio to be the biggest successes of Meraki. “The feature velocity here is remarkable, and it’s incredibly rewarding to find ways to introduce new features and new products to the market.” He noted the revamp of Systems Manager and the positive reception of Meraki in new countries as just two outstanding examples.
“In the coming years, we will be looking to see where IT managers are spending their time and pain. If there’s a way to significantly make their lives easier, we’re going to expand our portfolio to include that, in as many places around the world as possible.”
When asked what he believes the Meraki Magic to be, Todd responded: “Meraki is unique in the sense that we truly focus on simplicity. We make our products easy to use, manage, and monitor for our customers, and I believe we’re the only enterprise IT group that is truly focused on that as our number one priority. Take that and add a highly motivated and creative staff, and you’ve got magic.”
The Meraki space is a vibrant, open-office environment, and Todd can often be seen strolling around the floors, an accompanying whistle never far from the ears of lucky passersby. “My favorite thing to see in the office is two people standing behind one desk. The close collaboration that exists within our teams is a result of these real life interactions,” noted Todd. “I also like to see when an engineer is touching the first hardware sample of their new product – I think that’s an important moment in time.” A minute later: “I do also try to notice when there are new dogs roaming around – as long as they’re not interrupting my company announcements.”
“We’re going to be seeing a lot of new hardware platforms over the next six months, and sharpening up our new product introduction is a big deal to me. We need more awareness – when Meraki releases something new, it should be more like a new Jay Z album coming out.”
We asked Todd if there’s anything specific in the pipeline that he’d like to reveal, but he simply replied, “Hmmm…no,” and closed with a smile.
There you have it – a glimpse into the man behind the face of Meraki, Todd Nightingale. You can engage with him on Twitter @tnight. We encourage you to subscribe to our blog and check out our quarterly update webinars to keep up with all the new features and products hinted at throughout this interview!
A sweet farewell for now, courtesy of Todd Nightingale
All Meraki wireless products offer out–of–the–box, easy to use location features as part of Cisco’s location analytics technology, Connected Mobile Experiences (CMX). With CMX location analytics it’s possible to determine important business metrics such as how many people enter your location, how long they stay, and how frequently they visit.
Adding no additional cost, thanks to the Meraki all-inclusive licensing model, this data has become available to many organizations that could not typically justify deploying when there was an additional cost. This has led to innovative uses of the location data that has enabled smart city initiatives, and allowed educators to understand student movements.
An important component of empowering this creative use of CMX location analytics was the release of an Application Programming Interface (API). This lets organizations have access to the raw data used by the Meraki dashboard. With access to the raw data there are some major benefits. The first is that no data is summarized and full device identities are included, facilitating lookup by other applications, like CRM. The second is that the data is provided offered with only a short delay between it being created and presented to the API.
Thus the API allows for highly advanced software systems to be developed that are location and identity aware. User identity can be linked to devices, location awareness becomes bound only by the geographical dispersion of your access points (AP), and software systems can make decisions within a time span that is relevant to a device’s location.
One of the downsides of providing raw data is that it can be complex to manipulate for the application developer. For this reason, the engineering team at Meraki developed a second generation API and open source example code. The version two CMX API can be selected in the Meraki dashboard and offers X,Y coordinates and latitude and longitude values. With the first API, radio signal strength values are provided for trilateration of a devices location. Further details on what is available in the API can be found in the documentation here.
To hear more about the development of the location API, and possible uses of the source code, then you can do so by listening to the above podcast with George Bentinck (Solutions Architect) and Nathan (Member of Meraki technical staff).
If you are interested in building an application with Meraki location information, then it is worth checking out our example code on GitHub here. This provides a great way of getting started with the CMX API and can form the base of your future projects. You can try an application based on this code, with live data from the Meraki offices in San Francisco, by following this link, or by viewing example output data here.
In June we announced Systems Manager Sentry, a set of features which provide simple, automatic security that is context aware. It can do this due to the integration between the Meraki networking products and Systems Manager.
Sentry Wi-Fi security is a feature enabled on Meraki MR wireless networks with Systems Manager. It takes the typically complex Wi-Fi access control method, EAP-TLS, and simplifies it to a couple of clicks.
To understand the power of this feature let’s quickly review Extensible Authentication Protocol (EAP) – Transport Layer Security (TLS). EAP is an authentication framework that is used for providing access to a network. As the extensible part of the EAP acronym implies, the framework can support multiple authentication protocols, from basic passwords to more secure certificate based authentication. Think of it as a cook book for a cake. Depending on the ingredients in the recipe you end up with a different cake, but still a cake.
EAP with Transport Layer Security (TLS) is considered one of the most secure network authentication mechanisms (the tastiest cake recipe). This is because it uses certificates to authenticate and secure the network connection using asymmetric cryptography. The problem with certificates, as an ingredient of this authentication mechanism, is that they are complex to setup and deploy.
There are two main reasons certificates can be complex to setup and deploy. The first is the infrastructure that is needed, something called a certificate authority. This issues the certificates and allows devices to check if a service is genuine. The second reason is that every client needs its own unique certificate. With a handful of clients this isn’t too much work, but with hundreds of thousands of clients this could be a daunting prospect. The tastiest cake results from a bake time of weeks or months, and looks less attractive as a result.
Sentry Wi-Fi security provides EAP-TLS for a Meraki MR wireless network while eliminating all the complexity. It can do this because of the certificate infrastructure that already exists for every Systems Manager customer. This eliminates the need for the configuration of a certificate authority and distribution of certificates to clients. A gourmet cake from an
instant-bake ready-mix pack.
Make deploying EAP-TLS a piece of cake with Systems Manager Sentry. To find out more listen to Paul Wolfe (Product Specialist for Systems Manager) and George Bentinck (Solutions Architect) discuss Sentry Wi-Fi security in the following podcast. Alternatively attend one of our upcoming Systems Manager webinars, or if you already have Meraki MR access points, try Sentry out today by signing up for Systems Manager.