Cisco Meraki access points and security appliances deployed at 115 sites state-wide.
Separate network access for corporate users and guests via secure authentication.
Remote branches connect to core security appliance via site-to-site VPN.
The California Department of Fish and Wildlife manages and protects the state’s diverse fish, wildlife, plant resources, and native habitats. The department deployed Cisco Meraki APs, switches, security appliances, and mobile device management across a variety of sites throughout California. Given the remoteness of many locations, performance, ease of use, and scalability were important factors for the team in selecting a network solution.
Original Networking Challenges
Multiple remote locations and a small IT team required centralized management for ease of network configurations and troubleshooting
Reliable network connection and device visibility needed for devices connecting at over 115 distributed sites
Why Cisco Meraki
Supplemental resiliency allows remote sites to still operate in the event of a state-wide outage at the core
Flexibility to bring up and troubleshoot remote sites from anywhere via the cloud-based dashboard
Various levels of admin privileges for segmented IT support staff
Inventory tracking of network hardware and devices with Meraki Systems Manager
With Meraki, you can combine switches and security appliances all in one network view and get a nice, consolidated experience
Network Projects Consultant
Mix of indoor and outdoor MR family access points with separate SSIDs for testing networks and planning new sites
One-third of users based in Sacramento headquarters, one-third in branch locations around the state, and one-third in remote locations and field offices
Core MX400 security appliance located at HQ as a hub, with branch and remote sites using MX60(W), MX80, or MX90 security appliances for site-to-site VPN connectivity to core
Systems Manager MDM installed to easily manage all department devices, such as iPads used by field scientists, with visibility into software property and device location
Corporate users access network through 802.1X with RADIUS authentication, no bandwidth or SSID availability restrictions
Guest users log onto a password protected network with Layer 3 firewall rules blocking access to the local LAN
Hub-and-spoke VPN tunnels traffic to the core to access centralized services such as content filtering
Plan to add MS switches in a move to 802.1X to regulate devices/access on corporate network