Posts Tagged ‘cloud’

Cisco Live Cancún 2019

¿Eres de los que constantemente está leyendo sobre lo último en IT? ¿Te has imaginado que nos espera en el futuro? Cisco Live Cancún, es un espacio único para conocer y experimentar la tecnología simplificada, segura e inteligente de Cisco Meraki que permite a las organizaciones transformarse digitalmente.

Cisco Live Cancún será del 28 al 31 de octubre y quisiéramos compartirte algunas razones para animarte a vivir esta experiencia con nosotros:

  1. Sesiones técnicas: Meraki está incluido en siete sesiones técnicas. Estas sesiones se centran en tecnologías, estrategias de arquitectura, aplicaciones de solución de problemas para las soluciones o tecnologías de Cisco. Regístrese para las sesiones, ya que serán 100% Meraki. Los asistentes de Cisco Live pueden registrarse para estas presentaciones iniciando sesión en su cuenta en línea de Cisco Live e ingresando al catálogo de sesiones.
  2. Vertical summits: hay un total de siete sesiones verticales en Cisco Live Cancún y Meraki es patrocinador de tres. Manténgase actualizado, conozca las historias de éxito de otras compañías que ahora son una referencia en su industria, haga crecer su red y comience o adapte su estrategia tecnológica para llevar a su compañía un paso por delante de su competencia en las sesiones para gobierno, educación y salud.
  3. Zona DevNet: visite las sesiones de Meraki DevNet para obtener más información. Meraki tendrá seis sesiones en la zona DevNet. Los asistentes de Cisco Live pueden registrarse para estas presentaciones iniciando sesión en su cuenta en línea de Cisco Live e ingresando al Catálogo de sesiones.
  4. Demos (World of solutions): como complemento a todas las sesiones de aprendizaje, en el World of Solutions, podrá ver las soluciones de Cisco y sus partners. También podrá encontrar a Meraki en una variedad de demos en todo el Cisco Showcase: 
  • Launch | WiFi 6 Launch
  • Security | Meraki Security
  • Branch | Branch Security & SD-WAN powered by Meraki
  • Branch | Work Simple, Digital Workplace
  • Campus | Assurance in the Cisco Meraki Platform
  • Campus | High Density Wireless for Campus 

        5. Certificaciones: si necesita certificarse en las soluciones Cisco y reforzar su currículum, durante Cisco Live tiene la oportunidad de presentar cualquiera de los exámenes de certificación.

Además de todo lo que podrá aprender en este evento, Cisco Live Cancún también ofrece actividades divertidas y de ocio, como la tradicional carrera de 5 km, sesiones de yoga, el cóctel de apertura del WoS y la fiesta de clausura del evento.

Para más detalles de la participación de Meraki en Cisco Live visite nuestra página del evento y síganos en Twitter @MerakiLatam

La innovación de Meraki

Cisco Meraki comenzó gracias a un par de estudiantes que querían proporcionar conectividad inalámbrica confiable en todo el campus de MIT. Se llamó RoofNet y fue un éxito instantáneo.

Nadie sabía qué vendría después, pero estos estudiantes estaban ansiosos por seguir resolviendo problemas. Se mudaron a California y decidieron formar una compañía llamada Meraki. La misión de Meraki era (y es) hacer que la red fuera más fácil, más rápida y menos complicada, y que la compañía continuará innovando. En 2012, Meraki fue adquirida por Cisco.

En la actualidad, Cisco Meraki es el líder de la industria en TI administrada en la nube. Meraki ha tenido éxito por su constante enfoque en la búsqueda de soluciones innovadoras para problemas complejos. Nuestro enfoque es simple: identificamos un desafío difícil, analizamos por qué ha sido tan difícil de resolver antes y creamos un enfoque novedoso que se enfrenta a lo convencional de forma no convencional.

Aquí algunos ejemplos que ilustran cómo Meraki ha innovado para hacer que la tecnología sea más rentable, más versátil y más inteligente.

LA NUBE

Antes de la llegada de la red administrada en la nube, las grandes redes inalámbricas dependían de controladores físicos para escalar la señal inalámbrica a través de la red. Pero los controladores físicos son un punto potencial de falla, son costosos de comprar y mantener y no se pueden configurar fácilmente. Decidimos probar algo diferente para hacer que la infraestructura de red sea más confiable y rentable. La arquitectura administrada en la nube de Meraki mueve el controlador a la nube, eliminando la necesidad de un controlador en el sitio.

Mover el controlador a la nube abrió un nuevo conjunto de posibilidades en cuanto a la administración y configuración de la red. Queríamos hacerlo mucho más simple para los administradores de TI, donde en un solo lugar, el Dashboard de Meraki accesible desde cualquier navegador web les permitiera administrar toda una red.

El Dashboard elimina la necesidad de una línea de comando, es fácil de usar y requiere poco o ningún entrenamiento. Su naturaleza visual permite nuevas funcionalidades, como diagramas de topología y la solucion de problemas de forma inmediata que hoy en dia es requerida.

EFICIENCIA

Durante la última década, hemos sido testigos de aumentos dramáticos en el tráfico de red, a medida que las personas usan más dispositivos y aplicaciones, más datos fluyen a través de la red y el requisito para una solución de seguridad robusta solo aumenta con el pasar de los meses. Al reconocer esta necesidad, Meraki introdujo el dispositivo de seguridad MX para llevar el modelo de administración de la nube al mundo de la seguridad de la red.

Pero la seguridad es solo una pieza del rompecabezas, los administradores de TI que manejan grandes cantidades de tráfico deben asegurarse de que el tráfico se entregue de manera rápida, confiable y eficiente. Tradicionalmente, los administradores resuelven esto mediante la distribución de tráfico a través de más de un enlace ascendente, pero a menos que el tráfico se distribuya de manera inteligente a través de los diferentes enlaces ascendentes, las ineficiencias y los costos pueden salirse de control.

SD-WAN, que significa WAN definida por software, soluciona este problema equilibrando automáticamente el tráfico de red a través de múltiples enlaces utilizando inteligencia y reglas predefinidas. Meraki, reconociendo que el aumento del tráfico en la red hace que tanto la seguridad de la red como el control inteligente de la ruta sea importante, decidió incorporar la funcionalidad SD-WAN en el dispositivo de seguridad MX sin costo adicional. No se requieren licencias ni hardware adicional.

VISIBILIDAD

El verdadero Meraki Magic™ (La magia de Meraki) sucede cuando el hardware y el software de Meraki funcionan a la perfección para hacer que la TI sea más sencilla e intuitiva. Con más dispositivos y aplicaciones que dependen de redes inalámbricas que nunca, los administradores de TI necesitan una mejor comprensión de cómo se está desempeñando la red.

Meraki comenzó observando el problema desde la perspectiva del administrador de TI. Nos dimos cuenta de que los administradores de TI necesitan una visión completa de la red, no solo la conexión entre un dispositivo en particular y un punto de acceso, sino también el rendimiento de las aplicaciones individuales y la carga de los diferentes enlaces. Solo este nivel de conocimiento puede proporcionar una comprensión completa del rendimiento de una red.

Meraki introdujo recientemente dos innovaciones para brindar a los administradores de TI una mayor visibilidad de la red: Wireless Health y Meraki Insight. Wireless Health simplifica la optimización de la red inalámbrica al ayudar a los administradores de TI a determinar si los usuarios pueden acceder a la red con éxito, si hay puntos de acceso sobrecargados, y si los usuarios están teniendo una buena experiencia.

Meraki Insight ofrece a los administradores de TI una visión completa de la salud de la red al utilizar el Meraki MX como recopilador de datos sobre la red. Con Meraki Insight, los administradores pueden determinar con precisión si el rendimiento lento de una aplicación en particular se debe a la red o algo completamente distinto. Al final del día, diseñamos Wireless Health y Meraki Insight para ayudar a los administradores de TI a alcanzar sus objetivos comerciales.

La misión de Meraki siempre ha sido simplificar tecnología poderosa para que las personas apasionadas puedan centrarse en su misión. Para asegurarnos de que realmente estamos resolviendo los problemas de la manera correcta, hacemos preguntas difíciles y nos ponemos en los zapatos del administrador de TI.. Es este enfoque el que nos hace ser innovadores cada dia.

SD-WAN con Meraki

 

Si trabaja en el sector de tecnología de red, probablemente habrá escuchado del término SD-WAN muchas veces en los últimos meses. En esta publicación, desarrollaremos algunos de los conceptos para ayudar a mostrar por qué SD-WAN podría ser de gran beneficio  para su negocio.

SD-WAN significa diferentes cosas para diferentes proveedores, sin mencionar todo el hardware dedicado, el software y las licencias necesarias para ejecutar estas soluciones. El objetivo de SD-WAN es permitir a las organizaciones ahorrar dinero y atender sus necesidades de conectividad más rápido.

En Cisco Meraki, tenemos una solución SD-WAN incluída con la licencia base (licencia para empresas) en todos los dispositivos de seguridad Meraki MX SD-WAN y no requiere de servidores ni hardware adicionales. Solo conéctelo, configúrelo en el panel de Meraki y comience a ahorrar dinero, agregue valor en otras áreas del negocio.

Registro para Webinar SD-WAN

SD-WAN es un acrónimo de (Software-Defined Wide Area Network) y es una tecnología que forma la familia de tecnologías de red definida por software (SDN), con otro ejemplo que es el acceso definido por software. El estar definido por software significa que las decisiones sobre cómo el tráfico puede enrutarse entre todos los sitios en la WAN están definidas por la política, y su comportamiento se adapta a la condición de la WAN en lugar de tener una configuración fija.

Las soluciones SD-WAN logran esto a través de una serie de funciones, tales como resistencia, seguridad, calidad de servicio, optimización de aplicaciones y mucho más. La solución Meraki SD-WAN utiliza una combinación única de estas tecnologías para crear una solución que sea fácil de configurar, implementar y administrar.

Si no está roto, no lo arregles

Si bien este suele ser un buen consejo, el dilema del innovador también nos enseña que si no introduces la tecnología disruptiva en un espacio establecido, como la WAN, ¡alguien más lo hará! MPLS ha visto mucha innovación, pero sería justo decir que esa innovación es, en su mayor parte, para los proveedores de servicios que ejecutan y ofrecen servicios WAN en la parte superior de las redes MPLS.

La simplicidad de Meraki SD-WAN significa que la potencia y la flexibilidad están directamente en manos del cliente o proveedor de servicios. Lo que significa que sin la necesidad de dispositivos, servicios o actualizaciones adicionales, los clientes pueden crear o beneficiarse de una conectividad de red más rentable.

Si bien este tipo de enrutamiento preferencial está disponible en las redes MPLS tradicionales, por lo general, solo está disponible a nivel premium, en un conjunto de clases limitadas y para redes o aplicaciones predefinidas. Mientras que Meraki SD-WAN combina la detección de aplicaciones basada en la capa 7 que viene en todo el stack de Meraki para lograr esto de una manera más breve

¿Por qué Meraki entonces?

A menudo bromeamos diciendo que la SD-WAN es solo un esparcimiento mágico basado en políticas construido sobre la VPN automática de Cisco Meraki. Sin embargo, utiliza tecnología abierta basada en estándares que probablemente ya haya usado. A lo que nos referimos específicamente aquí es una tecnología creada originalmente en Google, pero más tarde de código abierto, que está incorporada en la mayoría de sus productos (por ejemplo, Gmail, Google Drive).

Los dispositivos de seguridad y SD-WAN MX utilizan esta tecnología para inferir la latencia, la fluctuación de fase y la pérdida de paquetes de rutas virtuales entre 2 MX, como se muestra a continuación. Estas tres cosas juntas nos brindan la capacidad de calcular una Puntuación de opinión media (MOS), que se puede usar para calificar la aceptabilidad de una ruta WAN para el tráfico de voz.

Esto significa que una de las políticas que viene preconfigurada es la capacidad de elegir la ruta virtual que sea mejor para el tráfico de voz: una ganancia rápida para todos. En el caso de que cambie la mejor ruta virtual para la voz, el MX moverá automáticamente los flujos a la siguiente ruta más apropiada.

Para rastrear aplicaciones con diferentes características a la voz, simplemente puede agregar una clase de rendimiento personalizada que le permita establecer un umbral compatible para latencia, fluctuación de fase, pérdida de paquetes o cualquier combinación de las tres. A continuación, se puede hacer referencia a este criterio como criterio para la selección de ruta virtual en una única política de UI, como se muestra a continuación:

Finalmente, y completamente integrado en la solución, está la capacidad de ver cómo los flujos atraviesan las rutas virtuales de su red casi en tiempo real e históricamente de manera más poderosa:

Meraki ha estado simplificando tecnología compleja durante más de una década y SD-WAN es solo otro ejemplo en el que hemos aplicado la magia de Meraki para permitir que las organizaciones se centren en su misión. También vale la pena señalar que Meraki ha estado ofreciendo SD-WAN desde 2016, lo que la convierte en una de las plataformas tecnológicas más establecidas y estables en este espacio.

Miles de clientes en todo el mundo ya han elegido Meraki SD-WAN y miles más ya lo estan probando. Conoce más en nuestros webinars con demo en vivo de SD-WAN, registro aquí.

 

Introducing MV22, MV72, and MV Sense

When Cisco Meraki introduced MV security cameras two years ago, the goal was to create a product for an industry that had seen little in the way of fresh, innovative approaches to solving common problems in decades. MV featured a new architecture that fundamentally made the business of installing, managing, and interacting with security cameras easier, more enjoyable, and less resource-intensive.

A year and a half later, MV12 came into the picture and brought advanced analytics to the MV family, including computer vision powered by machine learning—all without the need for any servers or additional software complexity. But with the introduction of in-dashboard analytics came tons of questions about additional analytics capabilities.

Today, MV Sense joins the MV family as a tool to help users create better, smarter business solutions. MV Sense is the first installment in a broader analytics category called Meraki IQ, a powerful class of intelligently processed data delivered via simple APIs.

Further underpinning this dedication to enabling customers to make use of cameras as sensors, the MV lineup grows to include MV22 and MV72, indoor and outdoor varifocal cameras featuring the same powerful processor as MV12.

Let’s take a deeper look at these exciting additions:

 

MV Sense

The in-dashboard analytics tools found on MV smart cameras—motion heat maps and person detection/tabulating—can provide users a wealth of high level information about foot traffic and behavior patterns, but the use cases for MV’s machine learning algorithms are so vast and varied that we wanted our customers to be able to take advantage of it in their own way. Enter MV Sense, a new way for customers to interact with and build on top of the person detection data that comes out of MV12, MV22, and MV72 cameras. Each MV Sense license allows users to access person detection data produced by a camera (including location, time, and count) via a set of both RESTful and MQTT-based APIs.

This means that those once far-fetched or cost-prohibitive ideas can become a reality. MV Sense allows for solutions that do things like:

  • Trigger a special in-store media display to begin playing if there are more than 10 people in close range of the screens
  • Understand wait times in grocery queues around the world
  • Quickly understand and alert emergency personnel if there are people left in a building during a fire drill or evacuation
  • Set off an alarm if the person count next to a dangerous piece of machinery in a manufacturing facility drops below the safe minimum
  • Lots more!

The most exciting part? 10 MV Sense licenses will be included with every MV organization to allow for tinkering to begin right away.

Learn more about MV Sense by reading the datasheet.

 

New hardware

Advanced analytics are now available on two new hardware models—a duo of indoor and outdoor varifocal cameras, MV22 and MV72. They feature not only the same processor as MV12, but also many of the same hardware benefits: audio recording, wireless capability, and 256GB of onboard storage, all with the added bonus of optical zoom, which can be configured and adjusted simply via the Meraki dashboard.

MV72 also features increased weather- and impact-resistance ratings from the first generation, IP67 and IK10+. IK10+ happens to be the highest impact resistance rating available, meaning those advanced analytics can now be deployed anywhere and everywhere.

Read more in the datasheet.

 

Bonus: cloud archive for MV

The edge-storage architecture of MV smart cameras was created thoughtfully and deliberately to serve Meraki customers’ needs. This meant building a product that would accommodate those customers who had real-world bandwidth constraints and limitations. Still, there are times when it’s necessary for particular cameras in a fleet to offload their storage or have a backup of the data, and that’s where the cloud archive tool for MV comes in.

Cloud archive comes in 90- and 180-day storage options and can be enabled on a per-camera basis, allowing for custom-tailored storage solutions for every organization. This means that only critical cameras will back up their video to the cloud and bandwidth limits can be adhered to. Cameras will continue to retain footage locally in addition to the cloud copy, providing redundancy and greater peace of mind.

Read the cloud archive datasheet to learn more.

 

Tell us what you think!

With such a wide array of new products, we’re excited to see how they’ll be used. Let us know what you’re planning to do with MV Sense, MV22, MV72, and the cloud archive tool in the Meraki Community.

Or, get in touch with your Meraki rep today to learn more or start a risk-free trial.

Real-Time Alerting with Webhooks

Enterprise organizations and partners spend thousands of dollars per site deploying servers  for monitoring and reporting on infrastructure located on-site. With the total number of devices globally, including client devices, ever increasing and becoming more critical to business, monitoring and reporting  using traditional means such as SNMP simply aren’t cost effective or scalable any longer.

While the Cisco Meraki dashboard provides IT admins a single interface to monitor and manage their Meraki infrastructure, we appreciate that not all organizations will have deployed the entire portfolio of Meraki devices across all their locations. Moreover some customers may have unique use cases that fall outside of what the Meraki dashboard is intended for. For these reasons, Meraki has been heavily investing in APIs over the last few years. To date, Meraki has hundreds of API endpoints being called over 23 million times every day across three powerful APIs: the dashboard, scanning, and captive portal APIs.

The Meraki dashboard API
The Meraki dashboard API allows access to most monitoring and configuration functionality in the dashboard via a RESTful API. This allows customers and developers alike to:

  • Bulk provision thousands of Meraki devices and networks
  • Manage configurations
  • Build custom monitoring and reporting dashboards
  • Automate commonly used functionality of the Meraki dashboard

In February we introduced Wireless Health, a powerful tool that consolidates and intelligently utilizes multiple data sets to rapidly identify anomalies impacting end users’ experience. In September we added a collection of new API endpoints for Wireless Health to expand the monitoring and reporting capabilities to any external analytics system or platform.

The dashboard API is a great way to monitor and report on the state of a device, for example, over a period of time. However, if all you want to do is simply be notified when something changes, then the dashboard API might not be the most efficient way to do this. The dashboard API will perpetually ask “what’s your status” to a device and report back its findings. If calls are being made, say, every 5 minutes, that’s a lot of total responses that are being received, and likely only a handful of them will deliver useful information, i.e. when the device goes offline.

MERAKI WEBHOOK ALERTS
We’re pleased to announce the availability of Meraki Webhook Alerts for all alerts within the dashboard. Setting up Webhook Alerts is very straightforward:

  1. Add HTTP servers by defining their unique URL and shared secret
    [ network-wide  > alerts ]
  2. Added HTTP servers can now be selected as a recipient for any alert within the dashboard
    [ network-wide  > alerts ]

In addition to webhooks themselves, we’re releasing new API endpoints for configuring all alert settings, which will include support for configuring the above steps via the dashboard API.

Once set up, the webhook will send an HTTP POST to a unique URL, but only when a certain condition or criteria has been met to trigger an alert. So, for example, if you’re only interested in being notified when a device goes offline, Webhook Alerting will be more efficient since it will only transmit information when the status of the device goes from online to offline.

Meraki Webhook Alerts

Meraki Webhook Alerts sends HTTP POSTs to a unique URL that can easily be fed into a receiving service. A receiving service can be as simple as a Webex Teams space, a Google Sheet logging all network alerts, or something more advanced, such as PagerDuty and ServiceNow, that can take the POSTs and create support tickets, send SMS messages to concerned parties, or even automate corrective action.

A notification of a settings change to the Meraki dashboard posted to a Webex Teams space using Meraki Webhook Alerts

Both the dashboard API and Webhook Alerts have their merits and use cases, and together offer administrators, system integrators, and developers powerful and flexible options to create custom monitoring and alerting.

Real-time alerting
Webhook Alerts are fundamentally event-driven which makes them the most efficient option for setting up alerts for critical events.

“Tell me immediately when latency for any of my sites’ APs exceeds 200ms”
“Tell me as soon as any Meraki device across any location goes offline”
“Tell me when an important device on my network loses connectivity”

Webhooks example: real-time alerting based on a threshold or criteria

Monitoring and reporting over time
The dashboard API will provide a more complete picture and historical reporting since it’s continually probing for data. It’ll be the more appropriate option to use to answer questions such as

“How many times did the latency of my access points peak above 200ms over the last week”
“What was the latency of the access point in conference room 3 last Thursday at 3 pm”

The dashboard API example: continuous monitoring of a variable over time

The introduction of Meraki Webhook Alerts combined with the dashboard API means that customers and developers can now more easily address their custom reporting and alerting requirements without breaking the bank.

Learn more and try it out
Detailed documentation on Meraki Webhook Alerts
Step-by-step tutorial on how to use Meraki Webhook Alerts to post notifications in Webex Teams (as shown in the gif)
Step-by-step tutorial on how to integrate Meraki Webhook Alerts to post notifications in a Google Sheet

What makes MV so smart?

The “smart” descriptor gets tossed around the tech world so much today, it’s hard to know what, if anything, actually makes a device smart.

In the case of the Meraki MV security camera line, a mobile-grade processor on each camera means that the power of a smartphone is packed into each device, rendering onsite servers and special software unnecessary. Instead, users simply log into a browser-based dashboard to see rich person detection and motion-sensitive analytics. These tools can help with everything from keeping a campus safer, to streamlining processes in a manufacturing plant, to monitoring foot traffic in even the tiniest of retail locations.

Listen to MV’s product manager George Bentinck describe the benefits of a cloud-based smart camera system and see him demo the dashboard at newsroom.cisco.com.

To take a deeper dive, join a free webinar or check out the Meraki Community.

Meraki MR + Umbrella: A Match Made In the Cloud

The pace at which new security threats are being introduced and propagated online has reached exponential levels, gaining speed with each passing year. Organizations have more locations and devices to protect, and threats are using many different ports to try to gain access or exfiltrate data. Security teams are often understaffed and struggle with complex, siloed systems that do not integrate or share intelligence in a programmatic way. These teams need solutions that are easy to deploy, simple to manage, can scale exponentially, and can integrate with other tools.

Securing your wireless users from malicious attacks — particularly these “DNS blind spots” that exist in many networks and are exploited by 97% of advanced malware — is of paramount importance. Unfortunately, recent surveys indicate that 75% of organizations do not actively monitor and apply security for DNS.

It is within this context that we are excited to announce support for integration between Meraki MR wireless access points (APs) and Cisco Umbrella (formerly OpenDNS).

Umbrella is the industry’s first secure internet gateway, a cloud-delivered first line of defense against threats like malware, ransomware, and phishing.  Umbrella enforces security at the DNS layer by identifying requested web domains hosting nasty stuff — malware, phishing, etc. — and block end user access to them. Umbrella also enables more secure DNS querying through a tool called DNSCrypt, which automatically encrypts DNS queries between your network and Umbrella’s servers, effectively eliminating the chance that your queries will be the victim of eavesdropping or man-in-the-middle (MITM) attacks. This secures the “last mile” of a client’s internet connection, which is often left exposed and vulnerable.

There is no additional cost or charge for taking advantage of this integration (which is available to all Meraki wireless customers who have upgraded to our latest MR26.x firmware), but Meraki wireless customers who wish to integrate with Umbrella will need a separate Umbrella license and account with that service.

 

Enabling Umbrella integration

So, what does this mean for admins of Meraki wireless networks? This integration with Umbrella enables Meraki admins who obtain Umbrella licenses (WLAN, Professional, Insights, or Platform) to seamlessly assign DNS filtering via Meraki group policy or SSID to specific subsets of wireless clients, or to them all.

Enabling Umbrella integration takes only a few steps. First, the Meraki and Umbrella dashboards must be linked via the Umbrella Network Devices API key. Once this API key is generated from within the Umbrella dashboard, it needs to be copied into the Meraki dashboard by navigating to Network-wide > General.

Enabling Meraki + Umbrella integration within the Meraki dashboard.

 

Once the Meraki and Umbrella dashboards have been configured, linking a Meraki SSID or group policy to an Umbrella security policy is easy (note: Meraki group policies must be set to use ‘Custom SSID Firewall & Shaping Rules’ to link an Umbrella policy to them). After this initial setup, a unique identifier is generated behind the scenes for the specified Meraki SSID or group policy and is used by Umbrella to determine how to evaluate traffic from that Meraki network moving forward.

To link a Meraki SSID to an Umbrella policy, navigate to the Wireless > Configure > Firewall & Traffic Shaping section of the Meraki dashboard. There, you will find a button to link Umbrella policies.

Linking an Umbrella policy to a Meraki SSID.

 

By default, the last policy physically listed in the Umbrella dashboard’s ordered policy list will be inherited by a Meraki SSID unless a different policy is selected from the dropdown list.

To link a Meraki group policy to an Umbrella security policy, navigate to the Network > Configure > Group policies page in the Meraki dashboard and choose the specific Meraki group policy that you want to link. Under the ‘Layer 7 firewall rules’ section of that policy, you’ll be able to choose which Umbrella policy you’d like to apply.

Applying an Umbrella DNS policy to the Meraki ‘VIP Umbrella Clients’ group policy.

 

Once a Meraki SSID or group policy has been successfully linked to an Umbrella security policy, clients connecting to that SSID or who have been applied that group policy will have their DNS queries encrypted (if the AP supports 802.11ac) and verified against the corresponding Umbrella policy. Encrypting DNS queries between Meraki APs and Umbrella DNS endpoints helps secure the ‘last mile’ of client web browsing and protects against devastating MITM attacks or packet snooping that can reveal which websites client devices are browsing.

An example Umbrella policy may prohibit access to known malicious web domains or websites that host specific types of content, like gambling or peer-to-peer domains. If the client’s request for access to a given website is allowed, Umbrella will return an encrypted DNS response with the appropriate IP address. If the request is denied, then an encrypted DNS response pointing to the Umbrella block page will be returned instead.

Taken together, Meraki wireless and Umbrella integration provide a significantly more robust security framework for IT admins looking to protect clients from web threats in a more proactive way. Instead of waiting for a malicious site to infect a machine and then using tools like antivirus to detect and remediate, Meraki MR customers can rest easy knowing that they are protected from ever reaching harmful sites in the first place.

Interested customers should contact Meraki Support to have this feature enabled. This feature requires an early-release MR firmware version that can be enabled with Meraki support assistance.

To find out more, speak to a Meraki sales representative today.

Stumptown Coffee Roasters: an MV Case Study

When Portland-based Stumptown Coffee Roasters needed a security camera and monitoring solution for their distributed and rapidly growing operation, they quickly settled on Meraki MV. Stumptown was already using Meraki wireless, switching, SD-WAN, and networking security solutions in their retail environments, so exploring security cameras was an easy decision for Travis Luckey, Stumptown’s former Director of Technology. With their core focus on product quality, Stumptown’s team found real value in having the ability to monitor remote sites and processes while also minimizing the need for onsite visits and troubleshooting. Their cafes and roasting facilities are scattered across the U.S., making centralized management, ease-of-use, and straightforward monitoring from any geographic location key features of the solution they would need.

Original Challenges

  • Stumptown’s headquarters are in Portland, along with some major operations facilities and cafes, but they also have facilities in New York City and Los Angeles, plus a distribution center in Seattle.
  • They needed a solution that would cut down on installation and configuration time while allowing the team to manage the entire operation from a centralized and/or remote location, if needed.
  • Luckey’s team loved the Meraki IT solution and wanted a camera solution with the same benefits.
  • The IT team wanted to be able to give different levels of camera access to various members of the executive, management, and respective operational teams.
  • Existing legacy systems were selected and installed ad hoc by local managers over many years, making it difficult to manage everything.

“Meraki cameras gave us the ability to deploy nationwide and centrally manage a single product platform for security footage.” – Travis Luckey, Director of Technology


An MV71 deployed at Stumptown’s Southeast Portland cafe and roastery location

The Deployment

  • The team installed over 50 indoor and outdoor Meraki cameras.
  • The company has standardized on Meraki cameras for their nationwide deployment.
  • MV cameras are used for both retail security as well as monitoring distribution centers (ten locations in total).
  • Anywhere from two to four cameras were installed at each site alongside a full stack of Meraki networking gear.
  • The IT team loved that there was no DVR infrastructure to install.

“[It’s so easy]…most junior level IT staff are able to do just about all of the configuration and management across our entire Meraki deployment.” – Travis Luckey, Director of Technology

 

Results

  • A small number of dedicated IT staff are able to monitor locations all around the country with minimal training time.
  • Installation is easy enough that the IT team can stage cameras and then ship them to a non-technical Operations Manager for installation, at which point the IT staff helps walk them through the physical deployment.
  • Both Tier 1 technical staff (IT, technical operations, systems administrators) and Tier 2 non-technical staff (Operations, Retail Managers, and company executives) are able to have differing levels of access to video pertinent to their respective roles.
  • During a footage recovery exercise following a bank robbery near a Stumptown location, administrators were able to pull video footage in a matter of minutes; the police officer told Travis this was one of the easiest footage recovery cases he had ever worked on.
  • The IT team now has full visibility into the full deployment from coast-to-coast and can troubleshoot any potential issues with cameras or the network before they grow into bigger business problems.
  • Firmware and security updates roll out seamlessly, with little to no effort required by Travis’s team.
  • Using Meraki cameras, plus the rest of the Meraki networking portfolio, has changed the Helpdesk staff’s roles dramatically. They spend significantly less time troubleshooting, and more time on new projects. The change has been so dramatic that they have changed their titles to IT Business Partners.

“It was really remarkable how easy it was to troubleshoot a potentially business-interrupting problem. I fell in love with the platform at the moment I realized that.” – Travis Luckey, Director of Technology


To learn more about Meraki MV security cameras and how they provide both physical security and advanced analytics in a single package, check out our catalog of free webinars or get in touch with your Meraki rep today.

Meraki at IFSEC 2018

It’s hard to believe, but IFSEC 2018 is just around the corner, and the Meraki team will be back for a second year. From 19 – 21 June, stop by Booth D520 at ExCeL London to chat with the team, ask for a demo, and see some of the newest MV security camera developments and feature releases in action. Get hands-on with MV12 hardware and see the tiny camera that’s shaking up the surveillance and video analytics worlds with built-in computer vision and machine learning.

The Merakians staffing the booth will be happy to answer all your burning questions about the rest of the Meraki portfolio as well!

We can’t wait to see you there!

Meraki’s first time attending IFSEC in 2017

 

Who? What? Where?

Since Meraki launched the MV family nearly a year and a half ago, the wishes coming in from the Make a Wish tool in the dashboard have not stopped flowing. One of the most consistently requested features? Motion alerts. Today, this handy tool is available across all MV hardware models.

Whether for keeping tabs on valuable merchandise in a retail store, increasing the efficiency of a shipping and receiving dock, or keeping school grounds clear of trespassers, motion alerts have enormous business potential across all verticals. The engineering team behind MV has created an exceptionally straightforward way to implement alerts and we can’t wait to see how our customers use them.

Once a camera’s alerting schedule, minimum event trigger length, and alerting region have been selected, alert behavior can be configured on the Alerts page (alongside offline device alerting). The default alerting email(s) can be used, or add a motion-alert-specific email address for more granularity.

Each alert generated by the dashboard will link directly to the relevant video clip, no manual video scrubbing needed. Take a peek below.

Pro-tip: most major mobile carriers allow you to send emails to an SMS phone number (see the list of phone number “conversions” by carrier below). Take advantage of this “hack” in the dashboard to get motion alerts sent directly to a mobile device as a text.

  • Alltel: phonenumber@message.alltel.com
  • AT&T: [email protected]
  • T-Mobile: phonenumber@tmomail.net
  • Virgin Mobile: phonenumber@vmobl.com
  • Sprint: phonenumber@messaging.sprintpcs.com
  • Verizon: phonenumber@vtext.com
  • Nextel: phonenumber@messaging.nextel.com
  • US Cellular: phonenumber@mms.uscc.net

If you’re an MV user, take motion alerts for a test drive and let us know what you think in the Meraki Community. If you still haven’t gotten your hands on an MV, be sure to contact your rep today or sign up for a webinar to learn more.