Meraki MX security appliances are the simplest cloud-managed Unified Threat Management and SD-WAN solution.
FEATURES
PROTECTS NETWORK AND ASSETS
NGFW - Next Generation Firewall
Stateful Firewall - L3 and L7 aware
Geo-based firewalling
Allow or block traffic by country
Content Filtering
Over 85 website content categories
Over 4 billion categorized URLs [updated constantly]
Application based Firewalling
NBAR Version 2 [Enhanced Application visibility ]
Nearly 1500+ Application aware firewalling [NBAR 2]
Detailed application insights and policing
Traffic Inspection
L7 Firewall Rules
Traffic Shaping Rules
Strengthens security
Application Based Local Internet Breakout (In the future)
Application based Traffic Steering (In the future)
SNORT 3 - IDS/IPS
Snort IDS/IPS is #1 in the industry for many years. Gartner’s Magic Quadrant
The most widely deployed, with over 4 million downloads open-source variant alone. That doesn’t even take into account the variants running on FirePower, ASA , and MX security appliances.
Cisco AMP - Cisco AMP with optional Threat Grid integration
Cisco Advanced Malware Protection is the industry's leading malware protection solution.
With a database of over 500 million known files and over 1.5 million new incoming file samples every day.
Cisco Talos
The largest commercial threat intelligence teams in the world. Talos Intelligence
Talos threat intelligence leads to over 20 million blocked threats per day.
High Availability
Active / Passive with a single License.
Automatic Firmware Upgrades
SD-WAN - Ready
SASE - Ready [Can be integrated with various products to build a complete SASE Solution]
INTEGRATION
Cisco AnyConnect
Cisco ISE,
Cisco DUO
Cisco ThousandEyes
Cisco Umbrella - [First line of Defense] [Optional]
Enforcement built into the foundation of the internet. Fast and effective protection against threats such as Malware, Ransomware, Phishing & Command and Control call backs.
Resolves 620 billion internet requests a day.
Identifies over 60,000 new malicious destinations [domains, IPs, and URLs] daily.
Enforce/blocks more than 7 million malicious domains and IPs concurrently with no latency.
BANDWIDTH MANAGEMENT
Multiple WAN Port
Supports Upto 4 WAN Uplinks
3G/4G Failover
Copper/SFP/SFP+ Interfaces [For WAN and LAN]
WAN Link Management [Policy and performance based (WAN) routing]
Load Balancing
Automatic Fail over
Limiting upload and download traffic through the WAN ports
Traffic Shaping
Internet Speed limit for User/Device/IP/VLAN
Smart Path Selection on the basis internet performance
VPN SERVICES
Any-connect
TLS client VPN Support
Radius, AD and Client Certificate based authentication
Per user policy with RADIUS Filter-ID
Split Tunnel
Require Anyconnect PLUS License
L2TP for endpoints
IP-Sec - Tunnels to non-Meraki devices
AutoVPN - Zero-touch site-to-site VPN
OTHER SERVICES
L3 Services
Configurable VLANs / DHCP support
Mandatory DHCP
1:1 and 1:Many NAT and Port Forwarding
Multi-location configuration templates
Netflow support
Active Directory
Syslog integration
Remote Packet Capture tools
APIs - The CLI is Dead; the API is the new language
MODELS AS PER ENTERPRISE SIZE
LICENSES
RESOURCES
DEEP DIVE
MX WAN port will do NAPT for outbound traffic and it means that max session is 65k on each WAN port.