Technologies: Distributed Packet Processing

  • Security and QoS enforced at the access point
  • Decentralized processing scales without bottlenecks
  • Resilient architecture with no single point of failure

Cisco Meraki executes packet processing at the edge. Each wireless access point features a high performance CPU that enforces layer 3-7 firewall policies, application QoS, network access control (NAC), and more. Cisco Meraki networks scale seamlessly: add capacity by simply deploying more APs, without concern for controller bottlenecks or choke points.

Traffic shaping rules

Security and QoS enforced at the access point

Every Cisco Meraki wireless access point is built with the packet processing resources to secure and control its client traffic, without need for a wireless LAN controller. Cisco Meraki APs are built with a high performance CPU, hardware-accelerated encryption, and extended memory resources to implement stateful firewall policies, voice and video optimization, and even layer 7 traffic classification and QoS.

Decentralized processing scales without bottlenecks

Since each AP can independently enforce policies for the clients it serves, adding capacity to the network is as simple as plugging in more APs. These APs can extend coverage to new areas, add capacity to dense environments like auditoriums, or even light up new branches. While traditional WiFi controllers require forklift upgrades, Cisco Meraki is proven to scale seamlessly from a small branch with just once access point, to a large network with over 10,000 APs.

Resilient architecture with no single point of failure

By eliminating WiFi controllers, Cisco Meraki's decentralized architecture also eliminates the single point of failure inherent in traditional wireless LANs. Power outages, disrupted network connectivity, or hardware failures in one segment of the network have no effect on the wireless LAN as a whole. Cisco Meraki devices are designed to operate even when disconnected from the Cisco Meraki cloud, providing continued end-user LAN connectivity and security in the event of a WAN failure.