Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.
$595
per appliance
Cisco Secure Web Appliance
Score 8.0 out of 10
N/A
Cisco Secure Web Appliance (formerly Cisco Web Security Appliance [WSA]), powered by Cisco Talos, protects by automatically blocking risky sites and testing unknown sites before allowing users to link to them, helping with compliance. It is available models S690, S390, and S190.
Small office, small business, medium business even larger enterprise can work on Cisco Meraki MX if they can sacrifice some of the functionality that Cisco Meraki MX can not provide. To enhance security, I would advise combining with cloud delivered firewall.
We have both scenarios where we can describe that. For example, in the HQ, where we have about 3,000 users, Cisco IronPort Web Security Appliance is the ideal solution, because we can consolidate all the Internet access, policies, rules, etc. in the same box. However, if you have small offices with a few users, it's hard to justify one big and expensive box that could cost more than the whole office infrastructure.
The management is the best. I'm an old-fashioned networking guy, so I'm used to going to the site itself and connecting. For example, a console cable and start and start configuring. Now since the management is so easy on Meraki I can configure everything from the headquarters from where I sit in Israel and then just go to the site and connect and basically, it's plug and play. After I configure everything from my office in Israel, I can just go to the site for a few hours, and connect everything. Just the magic happens.
The way you need to segment devices by network causes you to need to go to different dropdowns to see everything at a single site. They have improved this and now allow you to add firewall, switches and wireless to create a single site, but still a bit clunky.
I think that the interface could need updates to adapt it to a much more current system, achieve quick access to necessary tools and adapt the platform to a much more customizable and comfortable system to work with.
It is undoubtedly a platform that is worth having, however, the license costs could be better adjusted to small businesses so that it can be accessed more easily.
It could be a bit complex to use, the use of codes is quite extensive, it could be adjusted to something much more practical but just as efficient.
As we have it in place now, we will continue to keep it at our remote sites. Future expansion is something we are reviewing, and may well start with some of the larger switches as they seem to offer good performance and management at a reasonable price. Wireless is also something we're investing in and their devices are great for that.
The Cisco Meraki MX series is very easy to use. Setting up user VPN access, site to site VPN to tie multiple locations together and managing all your devices. You can even download the latest firmware and install without ever leaving the dashboard. Meraki is the very definition of easy to use
Because it's one of those products you almost don't realize it exists from the end user. From the administrator perspective, you can do everything on its web interface and it's very intuitive to manage, once you know the concepts behind identities, acls, etc. Also, once you build the control structure, I mean, you link 'local' groups with your own Active Directory groups, as we did here, you don't need to be managing those things on the appliance itself.
I haven't ever had a bad experience with Meraki support. On the few occasions where I wasn't understanding the UI or needed some clarification about what a setting actually would do, I contacted them and they were very quickly able to provide help. Returns are simple and fast, too. We had to return a defective device one time and they shipped the replacement before we had even un-racked the one that was faulty. Unlike many other vendors, they didn't ask use to a do long list of scripted diagnostics, they just took my word for it that the device was broken and sent out a replacement immediately
Our experience with Cisco's support was terrible. Other than the fact that they don't respond to service-related emails with urgency, they also keep on changing the policies that affected us. Recently, they came up with a new look for the same software, which was insanely slow. Renewal of keys for the old interface took months. Overall, the support was not very friendly from the users' point of view.
Overall, for a new network admin or a non-IT person, the Cisco Meraki MX is much easier to configure for a single site than the Cisco ASA Firewalls. ASA can be quicker for those with a background in Cisco command line OS.
At home I have a McAfee service that does similar tasks and helps manage the users of my internet. McAfee seems more user friendly and easier to set exceptions.
The Cisco Meraki MX is basically a good product, but not perfect. If you compare the Cisco Meraki MX with a Fortigate or Cisco Firepower, you quickly realize that this system can do less than the reference product. The Cisco Meraki MX can be used in small environments, but in large environments you have to check carefully whether it really makes sense to use it.
VPN tunnel between locations has been up 99% of the time in the 7 years that I have used the Cisco Meraki MXs in my current position. That does not include ISP issues because, in my mind, that shouldn't dictate the performance of the Cisco Meraki MXs.
Sometimes we get phishing emails with malicious links in them. We are able to block the URLs on our network using the Cisco Meraki MXs, and the appliance configuration sets in less than a minute. Blocking that link for anyone over VPN or on the LAN.
The interface is really simple and configuration is a breeze, which makes deploying a new Cisco Meraki MX really fast and easy. Replacing an Cisco Meraki MX is even easier, Just remove the old and add the new and all the configuration stays for the new appliance to use. Saves so much time and money.
The biggest thing is we have not had really any issues with any of our Cisco Meraki MXs going down in the past 7 years. The reliability with these devices are amazing.
Security! Security! Security! We are financial company that work with very sensitive information. A lot of unsafe traffic was blocked on the Cisco IronPort WSA over years of using it. We did not earn on it but absolutely sure that we did not lose 'gazillion' of dollars being infected or scammed.
Easy to configure and use, no need to teach new personnel how work with this product (hopefully saving time = saving money).
Unfortunately the price of license subscription made financial managers push IT dept. to look for something cheaper.
