Multi-Site Cloud Management
The Cisco Meraki Cloud Networking architecture enables plug and play branch deployments and provides centralized visibility and control across any number of distributed locations.
MX security appliances self-provision – automatically pulling policies and configuration from the cloud – enabling branch deployments without on-site IT. The Cisco Meraki cloud delivers seamless firmware and security signature updates, automatically establishes site-to-site VPN tunnels, and provides automatic network monitoring and alerts.
Since the MX is managed entirely through the Cisco Meraki web-based dashboard, configuration and diagnostics can be performed remotely just as easily as they can be performed on-site, eliminating costly field visits. Even firmware updates are performed seamlessly, over the web.
Cisco Meraki's unique auto provisioning site-to-site VPN connects branches securely with complete simplicity. Using IPsec over any wide area network, the MX links your branches to headquarters as well as to one another as if connected with a virtual Ethernet cable.
Site-to-site connectivity is established through a single click in Cisco Meraki's dashboard. Gone are the configuration headaches of traditional site-to-site VPNs: route discovery, key negotiation, authentication, security policies, crypto maps, and access lists are all handled automatically from the cloud.
Ease of use does not come at the expense of flexibility. Both full and split tunnel VPNs can be configured easily. New sites can similarly be added with a few simple clicks.
An integrated application-aware stateful firewall secures your network from malicious entities threatening today's networks. It's no longer enough to simply block protocols, hosts, and ports – a firewall must also be user, content, and application aware.
Protect your network using an integrated Snort-based intrusion detection system (IDS) featuring signature, protocol, and anomaly-based inspection. Use custom firewall rules to secure your network, allowing only approved, essential services and connections. Easily segregate voice, video, and data traffic, and deploy global firewall rules across VPN networks with a single click.
Every Cisco Meraki MX Security Appliance supports unparalleled threat prevention via an integrated Sourcefire engine. Networks can be secured in seconds from the latest exploits, vulnerabilities, viruses, rootkits and more, with threat definitions automatically updated for bleeding edge protection.
View comprehensive security reports, displayed directly in the intuitive Meraki dashboard, from any Internet-accessible device. Data is presented in real time, allowing IT admins to quickly gauge current threat status—as well as view historical trends—for informed decision-making.
Control Applications, Users, and Devices
The MX was purpose-built for modern, multi-use networks, providing extensive visibility and control over users, content, and applications. Far beyond simple host- and port-based solutions, the MX's Layer 7 fingerprinting classifies evasive and encrypted applications including P2P. Block unwanted web traffic with CIPA-compliant content filtering, throttle bandwidth hogs like Netflix and BitTorrent, and even prioritize productivity apps like VoIP.
The MX also provides insight into the users on the network, identifying clients by device type (e.g., iPads) and even username. Inspect, throttle, or block users, and integrate with Active Directory to apply different policies to different classes of users.
The MX's CIPA-compliant content filter enables administrators to block categories of content (adult, drugs, gambling, etc.) as well as individual URLs. Active Directory integration allows for different content filtering policies for different groups of users. The MX automatically refreshes its filtering lists from the cloud, so that your rules are always up to date, even as websites change.
Built-in Google SafeSearch and YouTube for Schools enable a safe and secure learning environment without additional appliances or complex configuration. Integrated web caching dramatically accelerates browsing for users watching videos or using online apps.
Reduce intersite application bandwidth by up to 99% and accelerate CIFS, FTP, HTTP, and TCP traffic by up to 209x with the MX. A state-of-the-art WAN optimization engine uses advanced algorithms, deduplication, compression, and hard-disk based caching to make the WAN feel like a LAN.
Integrated web caching dramatically accelerates browsing for users watching videos or using online apps.
Built-in WAN optimization aids in server consolidation and private cloud initiatives, as well as any distributed network where end-user bandwidth costs or performance are a priority.
Smart Link Bonding
Connect your branch with multiple WAN links, e.g., cable, DSL, T1, or even 3G/4G. Configure the MX to balance traffic between primary uplinks and failover to 3G/4G if those connections go down.
The MX's Smart Link Bonding increases bandwidth and reduces cost. Supplement a T1 with an affordable DSL connection, increasing bandwidth for video and cloud applications. For maximum cost savings, forgo leased lines altogether by deploying the MX's site-to-site VPN over DSL, cable, or 3G/4G for secure, redundant, inexpensive connectivity.
The MX provides a complete networking solution, with a host of networking services for branch environments. Manage IP addresses with built-in DHCP and NAT. Enforce DMZs, punch firewall holes in seconds, segregate traffic with VLANs, and create routes through an intuitive web interface.
Networking features integrate seamlessly with site to site VPN, stateful firewall, and other services, eliminating the need for an external branch router in most environments.
The MX includes an integrated Bonjour gateway, enabling seamless support of Apple TVs, printers, AirPlay mirroring, and any other Bonjour server device. Selective bridging of services with subnet filtering allows for Bonjour support without overloading the network with multicast traffic.
The MX's intuitive configuration interface simplifies management of large-scale networks with many Apple devices, allowing for Bonjour support to be enabled with just a few clicks.