We are currently having a problem with Meraki in the end product. They have two kinds of enterprise licenses and an advanced security license. The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection between these licenses. Even to do a full free trial run, we need the same kind of licenses. This is something we seek to change because it's not fair. With this license mode, we should be able to choose which sites we use and which sites we do not need. We often see a break in the connection between both modem and dish. We found that if we communicate with Cisco, we can find the right solution to solve this. Currently, we have found all the things we need for our company already. Only perhaps compatibility for mobile lines is still required. Meraki MX is the program for us. We should have enterprise licenses.
Network and Security Administrator at AJINOMOTO-OMNICHEM
Real User
2019-06-27T08:13:00Z
Jun 27, 2019
Currently, if you make a rule in the firewall you have to add all of the IPs. If I'm working with an object for, say, an object group, where I put every single IP that I want into it, and then I apply it on a rule, it's a little bit easier to configure because you have a better overview of that. The overview is not completely clear. It's a bit difficult. But control of network objects is something I really want because it makes it easier to maintain. Also, there's not enough control over system updates. Right now, you can postpone the update but eventually, if you don't do the update, it will install the updates automatically for you and that's something that is not working for me. It can happen during business hours, for example, and then you have a big issue.
If Meraki could handle more than one internet connection and a bonding formula then that would be valuable. Load balancing options and ability to manage a couple of Internet connections, that's it. This is the main thing I see that the solution needs.
This product has room for improvement. The main features not included with the firewall is the virtual domain. With Meraki, the interface for the virtual domain could be improved. The virtual domain is a concurrent session. The concurrent session is limited in Meraki, like FortiGate. In MX100, it's around 200 to 25,000 concurrent sessions. In the same model with FortiGate, it's around five million concurrent sessions. It's very important to improve in Meraki. In my view, it is very important that the number of concurrent sessions is increased.
What I would like to see in the next version is to have more interfaces for WAN links. For example, if we have three providers, we can't connect to Meraki because it has only two WAN ports. I would like to have on Meraki more WAN ports, i.e. one data internet port for two lines.
The product could improve most by improving the client VPN. The auto VPN works for site-to-site but they have an issue with the client VPN. For example, if I connect the client VPN, I cannot block clients for specific access inside of the company. Because of the limitation, you need to make a rule for everyone and it's not very easy to do. What you really want is to have a specific client VPN with specific (fine-grained) access to different areas. One other thing that they should have to improve product utility is some kind of templates. For example, templates for configuration of use in a vertical market would be useful. They have a very good product. If you contact technical support, they should already know more about your methods and your needs. Management of the firewall is on the cloud and to be so easy for the user to configure, they remove some of the more complicated options. If you want an option, you need to contact support in order to enable it. They could have, for example, a different dashboard for more advanced features that you would be responsible to pay more for.
From a subscription base or price perspective, there's some room for improvement. They also need more security features. There are good security features now, but I need more of the security features to offer UTM protection.
Some advanced enterprise features are missing, but for SMBs this solution is a dream to deploy and manage. Complex environments should look elsewhere, but I personally have not ran across anything that Meraki has not been able to handle so far. On the dashboard is a “Make a Wish” button to request new features. In three years, I have made three wishes and they were all were granted.
Cisco Meraki MX appliances are next-generation firewalls with all the advanced security services needed for today’s IT security. The appliances are ideal for organizations considering a unified threat management (UTM) solution for branch offices, data centers, distributed sites, or campuses. Since Meraki MX is 100% cloud-managed, installation and remote management are simple and zero-touch.
Meraki MX’s hardware and virtual appliances are configurable in Microsoft Azure, Amazon Web Services...
Expensive licensing and firewall stops immediately working if the licence is not renewed at the expiration date.
We are currently having a problem with Meraki in the end product. They have two kinds of enterprise licenses and an advanced security license. The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection between these licenses. Even to do a full free trial run, we need the same kind of licenses. This is something we seek to change because it's not fair. With this license mode, we should be able to choose which sites we use and which sites we do not need. We often see a break in the connection between both modem and dish. We found that if we communicate with Cisco, we can find the right solution to solve this. Currently, we have found all the things we need for our company already. Only perhaps compatibility for mobile lines is still required. Meraki MX is the program for us. We should have enterprise licenses.
Currently, if you make a rule in the firewall you have to add all of the IPs. If I'm working with an object for, say, an object group, where I put every single IP that I want into it, and then I apply it on a rule, it's a little bit easier to configure because you have a better overview of that. The overview is not completely clear. It's a bit difficult. But control of network objects is something I really want because it makes it easier to maintain. Also, there's not enough control over system updates. Right now, you can postpone the update but eventually, if you don't do the update, it will install the updates automatically for you and that's something that is not working for me. It can happen during business hours, for example, and then you have a big issue.
If Meraki could handle more than one internet connection and a bonding formula then that would be valuable. Load balancing options and ability to manage a couple of Internet connections, that's it. This is the main thing I see that the solution needs.
This product has room for improvement. The main features not included with the firewall is the virtual domain. With Meraki, the interface for the virtual domain could be improved. The virtual domain is a concurrent session. The concurrent session is limited in Meraki, like FortiGate. In MX100, it's around 200 to 25,000 concurrent sessions. In the same model with FortiGate, it's around five million concurrent sessions. It's very important to improve in Meraki. In my view, it is very important that the number of concurrent sessions is increased.
What I would like to see in the next version is to have more interfaces for WAN links. For example, if we have three providers, we can't connect to Meraki because it has only two WAN ports. I would like to have on Meraki more WAN ports, i.e. one data internet port for two lines.
The product could improve most by improving the client VPN. The auto VPN works for site-to-site but they have an issue with the client VPN. For example, if I connect the client VPN, I cannot block clients for specific access inside of the company. Because of the limitation, you need to make a rule for everyone and it's not very easy to do. What you really want is to have a specific client VPN with specific (fine-grained) access to different areas. One other thing that they should have to improve product utility is some kind of templates. For example, templates for configuration of use in a vertical market would be useful. They have a very good product. If you contact technical support, they should already know more about your methods and your needs. Management of the firewall is on the cloud and to be so easy for the user to configure, they remove some of the more complicated options. If you want an option, you need to contact support in order to enable it. They could have, for example, a different dashboard for more advanced features that you would be responsible to pay more for.
From a subscription base or price perspective, there's some room for improvement. They also need more security features. There are good security features now, but I need more of the security features to offer UTM protection.
The IPS, the Intrusion Prevention System, can be improved. If they can add I think the next generation firewalls, that would be great.
We feel that Cisco provides smaller features with fewer possibilities versus other solutions out there.
Some advanced enterprise features are missing, but for SMBs this solution is a dream to deploy and manage. Complex environments should look elsewhere, but I personally have not ran across anything that Meraki has not been able to handle so far. On the dashboard is a “Make a Wish” button to request new features. In three years, I have made three wishes and they were all were granted.