Cisco Meraki MX does the job well, but has a few caveats that could come back to bite you if you aren't careful
Overall Satisfaction with Cisco Meraki MX
Cisco Meraki MX is used by some of my clients for managing their internet connection between a few facilities. They have an ethernet handoff, and Cisco Meraki MX sits between their internet connection and their network, acting as a firewall, router, VPN endpoint, and content filter.
- Decent web interface
- Content filtering
- Threat detection (when using the higher license)
- Intranet management (inability to NAT between LANs limits flexibility)
- Multitenancy from one device
- Limited in VPN options
- Always a recurring charge
- Difficult to troubleshoot when internet is down
Do you think Cisco Meraki MX delivers good value for the price?
Are you happy with Cisco Meraki MX's feature set?
Did Cisco Meraki MX live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of Cisco Meraki MX go as expected?
Would you buy Cisco Meraki MX again?
- For my clients, it was easy to mark off a few items on their checklist so that we could move on to more important things
Cisco Meraki MX has allowed me and my team to maintain a few networks with relatively little effort. We didn't require a lot of training to use the core feature set, and it has served our clients well. It does what any good firewall should do, be set up, stay out of the way, and maintain security.
While the Cisco Meraki MX interface is scalable and handles things nicely, sometimes the hardware isn't quite up to the task. Scaling the hardware requires purchasing the higher model, as lower models can't be upgraded. Then users are left with an old model that is now an expensive paperweight, as you can't even redeploy at home without spending on a monthly license.
We continued using Cisco Meraki MX after taking over the client since they are familiar with it and enjoy the reporting it provides. We use pfSense for most new deployments as the controls it gives us are slightly better than the Cisco Meraki MX controls. That isn't to say Cisco Meraki MX is bad; it just isn't suitable for many of our clients that are multi-tenant, which is one of the weaker offerings from Meraki. For our clients that were already using Cisco Meraki MX when we adopted them, there was no reason to change, it does the job, and it does it well.
If a company wants a fairly turn-key solution and doesn't mind some limited functionality, Cisco Meraki MX works well. The content filtering/IPS system is effective, and the reporting is nice. It also allows for easy team management, and the VPN can easily be managed by integrating it into active directory or other authentication mechanisms.
Cisco Meraki MX Feature Ratings
Cisco Hybrid Work
- Cisco Meraki MX
- Working from anywhere (e.g., coffee shop, airport)
- Working from an office or other company space
- Working from home
We mostly needed a system that would let our workforce work on small documents from anywhere. Since the information is stored on our server at the office, having something that would let them securely connect and access server resources was critical. We also wanted something that would integrate with our local authentication server (Microsoft Active Directory in this case) and the Meraki unit works for that.
There weren't organizational challenges per se. Most of the difficulty came from ensuring those that needed to work remotely had the equipment to do so. We're an MSP, and the client already had a good idea of how they wanted things to work. We just needed a good way to make it happen.
The Meraki unit acts as a good endpoint for roaming clients. Setup is pretty easy and is easy enough for people to use that we don't have to expend a lot of effort training people. It has been secure, reasonable in setup, and performance has been as we expect. The only challenges we've run into with it have been Microsoft occasionally breaking things with an update. Those are few and far between, and would probably impact any VPN solution. So in short, it made solving the problem of remote network access very painless for us.
Being outside of the office does create some challenges. Having the VPN available to employees has done quite a bit for letting them check up on things, update documents, collaborate, etc. The VPN is one part of the hybrid work system in place, but it place a pivotal role and having it easy to set up made my team's life easier from an operational standpoint, as well as a training standpoint for our customer.
In this case, we were already using the Meraki for other services (IDS/IPS type work). We also implement pfSense and OpenVPN. They all have their pros and cons, but Meraki fits in well with the solutions that we've found. It is easy to use, has broad platform support, and maintains security well.
- Microsoft Teams
- Google Meet