Cisco Meraki MX Security & SD-WAN Appliances are ideal for organizations considering a Unified Threat Managment (UTM) solution, for distributed sites, campuses or datacenter VPN concentration. Since the MX is 100% cloud managed, installation and remote management are simple. The MX has a comprehensive suite of network services, eliminating the need for multiple appliances. These services include SD-WAN capabilities, application-based firewalling, content filtering, web search filtering, SNORT® based intrusion detection and prevention, Cisco Advanced Malware Protection (AMP), web caching, 4G cellular failover and more. Auto VPN and SD-WAN features are available on our hardware and virtual appliances, configurable in Amazon Web Services or Microsoft Azure.
The MX platform has an extensive suite of security features including IDS/IPS, content filtering, web search filtering, antimalware, geo-IP based firewalling, IPsec VPN connectivity and Cisco Advanced Malware Protection, while providing the performance required for modern, bandwidth-intensive networks. Layer 7 fingerprinting technology lets administrators identify unwanted content and applications and prevent recreational apps like BitTorrent from wasting precious bandwidth.
The integrated Cisco SNORT® engine delivers superior intrusion prevention coverage, a key requirement for PCI 3.2 compliance. The MX also uses the Webroot BrightCloud® URL categorization database for CIPA / IWF compliant content-filtering, Cisco Advanced Malware Protection (AMP) engine for anti-malware, AMP Threat Grid Cloud, and MaxMind for geo-IP based security rules.
Best of all, these industry-leading Layer 7 security engines and signatures are always kept up-to-date via the cloud, simplifying network security management and providing peace of mind to IT administrators.
- Application-aware traffic control: bandwidth policies for Layer 7 application types (e.g., block YouTube, prioritize Skype, throttle BitTorrent)
- Content filtering: CIPA-compliant content filter, safe-seach enforcement (Google/Bing), and YouTube for Schools
- Intrusion prevention: PCI-compliant IPS sensor using industry-leading SNORT® signature database from Cisco
- Advanced Malware Protection: file reputation-based protection engine powered by Cisco AMP
- Identity-based security policies and application management Auto VPN: automatic VPN route generation using IKE/IPsec setup. Runs on physical MX appliances and as a virtual instance within the Amazon AWS or Microsoft Azure cloud services
- SD-WAN with active / active VPN, policy-based-routing, dynamic VPN path selection and support for application-layer performance profiles to ensure prioritization of the applications types that matter
- Interoperates with all IPsec VPN devices and services
- Automated MPLS to VPN failover within seconds of a connection failure
- Client VPN: L2TP IPsec support for native Windows, Mac OS X, iPad and Android clients with no per-user licensing fees Unified firewall, switching, wireless LAN, and mobile device management through an intuitive web-based dashboard
- Template based settings scale easily from small deployments to tens of thousands of devices
- Role-based administration, configurable email alerts for a variety of important events, and easily auditable change logs
- Summary reports with user, device, and application usage details archived in the cloud
- Built-in DHCP, NAT, QoS, and VLAN management services
- Web caching: accelerates frequently accessed content
- Load balancing: combines multiple WAN links into a single highspeed interface, with policies for QoS, traffic shaping, and failover
- Smart connection monitoring: automatic detection of layer 2 and layer 3 outages and fast failover, including option of integrated LTE Advanced or 3G/4G modems