Description
Cisco Meraki MX Security Appliances are ideal for organizations considering a Unified Threat Managment (UTM) solution, for distributed sites, campuses or datacenter VPN concentration. Since the MX is 100% cloud managed, installation and remote management is simple. The MX has a comprehensive suite of network services, eliminating the need for multiple appliances. These services include SD-WAN capabilities, application-based firewalling, content filtering, web search filtering, SNORT® based intrusion detection and prevention, Cisco Advanced Malware Protection (AMP), web caching, 4G cellular failover and more. Auto VPN and SD-WAN features are available on our hardware and virtual appliances, configurable in Amazon Web Services.
FEATURE-RICH UNIFIED THREAT MANAGEMENT (UTM) CAPABILITIES
- Application-aware traffic control: bandwidth policies for Layer 7 application types (e.g., block YouTube, prioritize Skype, throttle BitTorrent).
- Content filtering: CIPA-compliant content filter, safe-seach enforcement (Google/Bing), and YouTube for Schools.
- Intrusion prevention: PCI-compliant IPS sensor using industry-leading SNORT® signature database from Cisco Sourcefire.
- Advanced Malware Protection: flow-based protection engine powered by Cisco AMP.
- Identity-based security policies and application management.
INDUSTRY-LEADING CLOUD MANAGEMENT
- Unified firewall, switching, wireless LAN, and mobile device management through an intuitive web-based dashboard.
- Template based settings scale easily from small deployments to tens of thousands of devices.
- Role-based administration, configurable email alerts for a variety of important events, and easily auditable change logs.
- Summary reports with user, device, and application usage details archived in the cloud.
INTELLIGENT SITE-TO-SITE VPN WITH MERAKI SD-WAN
- Auto VPN: automatic VPN route generation using IKE/IPsec setup. Runs on physical MX appliances and as a virtual instance within the Amazon AWS cloud services.
- SD-WAN with active / active VPN, policy-based-routing, dynamic VPN path selection and support for application-layer performance profiles to ensure prioritization of the applications types that matter
- Interoperates with all IPsec VPN devices and services.
- Automated MPLS to VPN failover within seconds of a connection failure
- Client VPN: L2TP IPsec support for native Windows, Mac OS X, iPad and Android clients with no per-user licensing fees.
BRANCH GATEWAY SERVICES
- Built-in DHCP, NAT, QoS, and VLAN management services.
- Web caching: accelerates frequently accessed content.
- Load balancing: combines multiple WAN links into a single highspeed interface, with policies for QoS, traffic shaping, and failover.
- Smart connection monitoring: automatic detection of layer 2 and layer 3 outages and fast failover, including 3G/4G USB modems.
Ironclad Security
The MX platform has an extensive suite of security features including IDS/IPS, content filtering, web search filtering, antimalware, geo-IP based firewalling, IPsec VPN connectivity and Cisco Advanced Malware Protection, while providing the performance required for modern, bandwidth-intensive networks.
Layer 7 fingerprinting technology lets administrators identify unwanted content and applications and prevent recreational apps like BitTorrent from wasting precious bandwidth.
The integrated Cisco SNORT® engine delivers superior intrusion prevention coverage, a key requirement for PCI 3.0 compliance. The MX also uses the Webroot BrightCloud® URL categorization database for CIPA / IWF compliant content-filtering, Cisco Advanced Malware Protection (AMP) engine for anti-malware, AMP Threat Grid Cloud, and MaxMind for geo-IP based security rules.
Best of all, these industry-leading Layer 7 security engines and signatures are always kept up-to-date via the cloud, simplifying network security management and providing peace of mind to IT administrators.