hawaii tech day- meraki
TRANSCRIPT
© 2014 Cisco and/or its affiliates. All rights reserved. 2
Ever-changing Requirements Baseline
Reduce Costs Scalability Manageability
© 2014 Cisco and/or its affiliates. All rights reserved.
Sara La Torre- Systems Engineer
[email protected] February 2017
© 2014 Cisco and/or its affiliates. All rights reserved. 4
Video and rich media
New business applications
Billions of smart devices
Layer 7
Application QoS
Turnkey Security
and Guest Access
Integrated
Device
Management
Solving today’s IT challenges
© 2014 Cisco and/or its affiliates. All rights reserved. 5
2002-2006: Founding Team
MIT Ph.D. project (“Roofnet”)
Cover 10 km2 of Cambridge, MA
2006: Founded in April
Funded by Google & Sequoia Capital
1 product in market, 12 countries
2007: 2 products in market
4,600 networks, 36 countries
Popular Science: Best of Computing
2008: 10,000 networks, 100+ countries
4 products in market
World Economic Forum: Tech Pioneer
2009: Over 13,500 networks, 142+ countries
7 products in market
11 consecutive quarters of growth
(2002)
(2006)
(2009)
Meraki Founders
© 2014 Cisco and/or its affiliates. All rights reserved. 6
Ground-breaking applied research
- Centralized management through a simple, scalable dashboard.
- Automated firmware updates
- Software-based development @ the speed of business.
- Live feedback from every customer in the cloud.
As of December 2012, backed by the power of Cisco
© 2014 Cisco and/or its affiliates. All rights reserved. 7
100,000+ Active Orgs
700,000+ Networks
Over 142 Countries
… 300M+ Page Views per day
… 2B+ Clients Detected
… 20B+ Application Sessions
Victory
© 2014 Cisco and/or its affiliates. All rights reserved. 9
Secure
- No user traffic passes through cloud
- Fully HIPAA / PCI compliant (level 1 certified)
Reliable
- Highly available cloud with multiple datacenters
- Network functions even if connection to cloud is interrupted
Scalable
- Manage thousands of devices with no bottlenecks
- Remotely provision sites in minutes
Future-proof
- New features delivered seamlessly from the cloud
- Automatic firmware and security updates (user-scheduled)
meraki.cisco.com/trust
© 2014 Cisco and/or its affiliates. All rights reserved. 10
Data Center
Traditional campus architecture
Core
Distribution
Access
Core
Distribution
Access Access
NGFW
RADIUS
AD
DHCP
LDAP
NTP
CA
NAC
WLC
WIPS
MDM
Analytics
RTLS
VPN Guest
VM Hardware
Data Center
Network Management Overlay
DNS
Traditional campus architecture
© 2014 Cisco and/or its affiliates. All rights reserved. 11
Data Center
Simplifying the campus with Meraki
RADIUS
AD
LDAP
CA
VM HW
Data
Center
DNS
- Network monitoring
- Zero-touch deploy
- Site-to-site VPN
- Network topology
- Location analytics
- L7 traffic analytics
- RF spectrum mgmt
- Air Marshal WIPS
- Guest portals
- MDM / EMM
- SM Sentry
Meraki
Dashboard
The Meraki Campus Today
Core
Distribution
Access
Core
Distribution
Access Access
NGFW
© 2014 Cisco and/or its affiliates. All rights reserved. 12
Network-as-a-platform Network-as-a-service
Cisco Traditional
Highly customizable and
advanced feature set
Advanced professional services
Extensive integration capabilities
Flexible deployment and
configuration options
Cisco Meraki
Ongoing firmware upgrades and
feature enhancements
Lean IT and geographically
dispersed deployments
Simple to deploy with
centralized management
Out-of-the-box optimized feature
set for plug and play
© 2014 Cisco and/or its affiliates. All rights reserved. 15
Simplifying across IT with cloud management
© 2014 Cisco and/or its affiliates. All rights reserved. 19
Application Control
Web Caching, Traffic
Shaping, Content Filtering
Security - UTM
NG Firewall, Client VPN,
Site to Site VPN, IDS/IPS, Anti-
Malware, Geo-Firewall
Networking
NAT/DHCP, 3G/4G Cellular,
Intelligent WAN (IWAN)
© 2014 Cisco and/or its affiliates. All rights reserved. 20
Intuitive centralized management • No training, no command line
• Templates to configure at scale
• Packet capture, built-in tools and diagnostics
Industry-leading visibility • Fingerprints users, applications, and devices
• Network-wide monitoring and alerts
• Full stack: APs, switches, security, MDM
Designed for distributed enterprises, but
not just! • Single pane of glass visibility
• Zero-touch provisioning
• Seamless updates from the cloud
• Site-to-site IPSec VPN in 3 clicks
© 2014 Cisco and/or its affiliates. All rights reserved. 21
Stateful Firewall L3, L7 (NGFW)
IPS/IDS Snort
Content Filtering 4+ billions URLs
(Webroot BrightCloud)
Geo-based security Geo-filtering (Max Mind)
Malware Protection Kaspersky AV Cisco AMP
AMP Threat Grid
Client authentication AD, Radius, 802.1x
SOC Single pane of glass security center
Firmware freshness Continuous security updates
PCI compliance PCI 3.1 certified cloud-based
management
© 2014 Cisco and/or its affiliates. All rights reserved. 22
• Cisco’s Advanced Malware Protection
• Continuous analysis of files that enter the network
• Keeps a growing database of malicious file signatures
170M known malicious files 356M known clean files
1.1M incoming new malware samples per day
1.6M devices using AMP globally
1.4B lookups requests per day
• Alerts even if a malicious file is discovered in retrospect
• Included with MX Advanced Security license
• Dynamic file submission available through AMP Threat Grid UPGRADE
© 2014 Cisco and/or its affiliates. All rights reserved. 23
Enterprise License Advanced Security License
Stateful firewall
Site to site VPN
Branch routing
Internet load-balancing (over dual WAN)
Application control
Web caching
Intelligent WAN (IWAN)
Client VPN
`
All enterprise features, plus
Content filtering (with Google SafeSearch)
Kaspersky Anti-Virus and Anti-Phishing
SourceFire IPS / IDS
Geo-based firewall rules
Advanced Malware Protection (AMP)
© 2014 Cisco and/or its affiliates. All rights reserved. 24
All devices support 3G/4G
Where Adv Sec Throughput Key Features
MX64/64W
Small branches
(~50 users) 200 Mbps 802.11ac (MX64W),
802.1x
MX65/65W
Small branches
(~50 users) 200 Mbps 2 PoE+ ports, 8 LAN
ports, 2 WAN ports
Z1
Teleworker
(<5 users) 50 Mbps Dual radio WiFi,
no advanced security
© 2014 Cisco and/or its affiliates. All rights reserved. 25
MX84
MX100
MX400
MX600
Large branch/campus
(~10,000 users)
Large branch/campus
(~2,000 users)
Mid-size branches
(~200 users)
Mid-size branches
(~500 users)
300 Mbps 2x SFP ports
1 TB Storage for Web Caching
650 Mbps 2x SFP ports
1 TB Storage for Web Caching
1 Gbps
1 Gbps
SFP (1 Gpbs), and SFP+ (10 Gbps)
interfaces
1 TB Storage for Web Caching
All devices support 3G/4G
SFP (1 Gpbs), and SFP+ (10 Gbps)
interfaces
4 TB Storage for Web Caching
Where Adv Sec Throughput Key Features
Higher throughput MX600 / MX400 available in beta!
© 2014 Cisco and/or its affiliates. All rights reserved. 28
Gigabit access switches in 8, 24, and 48 port configurations, PoE available on all ports
1 Gigabit SFP aggregation switches in 24 and 48 port configurations
10 Gigabit SFP+ aggregation switches in 24 and 48 port configurations
Enterprise-class performance and reliability including non-blocking performance, voice/video QoS, and a lifetime warranty
Voice and video QoS
Layer 7 app visibility
Virtual stacking
PoE / PoE + on all ports
Remote packet capture,
cable testing
Feature
highlights
© 2014 Cisco and/or its affiliates. All rights reserved. 29
21 models
Enterprise-class performance and reliability
Including non-blocking backplane performance,
PoE+ support on all ports, 10GbE uplinks, and
voice and video QoS
Scaling from access to campus aggregation
© 2014 Cisco and/or its affiliates. All rights reserved. 30
Access Aggregation
MS220 MS320 MS350 MS410 MS420 MS425
Features
• 8, 24, 48 port models
• Layer 2
• Gigabit SFP uplinks
• 24, 48 port models
• Layer 3
• 10Gb SFP+ uplinks
• Hot-swappable,
redundant power
supplies
• 24, 48 port models
• Physical stacking
(160Gbps)
• High performance
Layer 3
• 1Gb & Multigigabit
• 10Gb SFP+ uplinks
• Hot-swappable fans
and power supplies
• Management port
• 16, 32 port models
• Physical stacking
(160Gbps)
• High performance
Layer 3
• 1Gb SFP interfaces
• 10Gb SFP+ uplinks
• Hot-swappable fans
and power supplies
• Management port
• 24, 48 port models
• Front-port stacking
• High performance
Layer 3
• 10Gb SFP+
• Hot-swappable,
redundant fans and
power supplies
• Management port
• 16, 32 port models
• Front-port stacking
• High performance
Layer 3
• 10G SFP+
• 40Gb QSFP+ uplinks
• Hot-swappable fans
and power supplies
• Management port
Positioning
• Branch access
switching (L2)
• Branch and Campus
access switching (L3)
• Stackable Branch and
Campus access
switching (L3)
• Stackable Branch and
Campus aggregation
switching (L3)
• Stackable Campus
aggregation switching
(L3)
• Stackable Campus
aggregation switching
(L3)
Meraki MS switching product families
© 2014 Cisco and/or its affiliates. All rights reserved. 34
MR84 MS350-24X
MU-MIMO vs. SU-MIMO: serve more devices simultaneously
Wider channels: transmit data faster, free up air time for more clients
Multigigabit: more bandwidth over existing cables
Why 802.11ac and multigigabit?
© 2014 Cisco and/or its affiliates. All rights reserved. 35
MU-MIMO 101 in under two minutes
Multi-User (MU-) MIMO communicates with devices concurrently.
Increased network efficiency for personal mobile devices
Single-User (SU-) MIMO communicates with devices consecutively.
© 2014 Cisco and/or its affiliates. All rights reserved. 36
Built-in location
analytics
WiFi with Facebook
Automatic Reports
Optimize marketing and
business operations
Analyze capture rate, dwell time, and new / repeat visitors to measure advertising,
promotions, site utilization, etc.
Built-in analytics Integrated into WLAN, no extra sensors, appliances, or software
Extensible API Integrate location data with CRM, loyalty programs, and custom applications for
targeted real-time offers
© 2014 Cisco and/or its affiliates. All rights reserved. 37
Apple Fast Lane – MR & SM
Intelligent, and
efficient roaming is
automatically configured
Makes critical apps
more reliable
iOS and Cisco devices
recognize each other and
enable special capabilities
© 2014 Cisco and/or its affiliates. All rights reserved. 41
Enterprise mobility challenges
Ensuring device compliance with network requirements
Tailoring access based on client needs and device type
Inventory and software license management
Tracking devices and licenses in real-time
Distributing and restricting access to applications and content
Providing and limiting access to applications and content
✓
© 2014 Cisco and/or its affiliates. All rights reserved. 42
Meraki Systems Manager
A multi platform EMM solution powered by the cloud and designed for next generation networks
Mobile Device Management + Mobile App Management = Enterprise Mobility Management
© 2014 Cisco and/or its affiliates. All rights reserved. 43
Systems Manager: Simple, Powerful, and Secure
Simple - Managed through the Meraki
Dashboard, industry renowned for its ease
of use with no onsite infrastructure required
Powerful - Scale to hundreds of thousands
of devices with a detailed and rapidly
updated feature set, only possible with the
Meraki cloud
Secure - Native network integration for full
visibility and control into your network, with
dynamic security controls
© 2014 Cisco and/or its affiliates. All rights reserved. 44
Deploy and manage BYOD and company-owned devices
• Rapidly deploy 100,000s of devices out-of-the-box
• Assign users automatically with Active Directory or LDAP integration
• Automatically push out applications, security policies, WiFi and auto-VPN settings
• Apply network policies using identity and compliance
• Secure data and track devices using Geofencing
• Apple Device Enrollment Program
• Apple Volume Purchasing Program
© 2014 Cisco and/or its affiliates. All rights reserved. 45
Secure your data
Ensure compliance with dynamic security
policies including anti-virus checks
Automatically trigger device entry,
quarantines, locks, or wipes
Manage file access permissions
Continuously monitor security posture to
prevent malicious attempts to compromise
devices
© 2014 Cisco and/or its affiliates. All rights reserved. 46
Bringing it all together
Combining a number of dynamic policies gives granular control of security requirements
allowing Systems Manager to provide custom functionality.
Meraki network integration automatically implements complex rules such as firewalling
based on Systems Manager MDM data.
The user can only access sensitive data over a client VPN when they meet all
requirements.
Owner assignment for corporate
profile inheritance
AD Integration
Jail break check and compliance enforcement
Security Policies
Site Specific Geofencing Scheduled
hours & days Time Based
Application access
restriction
Network policy
© 2014 Cisco and/or its affiliates. All rights reserved. 49
• Streamlined deployment
• Simplified management
• Delightful end–user experience
• Single pane–of–glass management with Meraki network
• First in a series
© 2014 Cisco and/or its affiliates. All rights reserved. 50
Internet
Managed and Configured Through Dashboard
Meraki MC launched May 17th in the US only with planned expansion to other regions and SIP providers
© 2014 Cisco and/or its affiliates. All rights reserved. 51
Support for third party USB headsets from Plantronics and Jabra
Built in switch so the entire desktop workstation only consumes one network port resulting in capacity cost savings
Two USB Ports
One 3.5mm Headset Jack
Gigabit switch for PC and LAN
Voice VLAN capable
High Resolution Touch Screen
Hardware Feature Highlights
Check the MC Datasheet for the latest features
© 2014 Cisco and/or its affiliates. All rights reserved. 52
Basic call features (hold, transfer, multiple
simultaneous incoming calls, caller ID)
Secure end to end calls via Secure SIP
(TLS) for signaling and SRTP for media
streams
Phones assigned extensions (4-6 digits)
and DIDs (10 digits)
Visual Voicemail
Conferencing
Workgroups
Music On Hold
Automated attendant/IVR Menus
© 2014 Cisco and/or its affiliates. All rights reserved. 53
Existing Meraki Customers
Dashboard for unified management of networking,
mobile devices, and communications
Combined visibility and analytics with Dashboard
Existing Cisco Collaboration Customer
Needs message and meet or video calling
capabilities
Highly customizable features for on-premises or
cloud managed solutions
Add on WebEx for enhanced collaboration and meeting capabilities
Cisco Spark Cisco Meraki
Our collaboration mission has not changed:
Deliver a no compromise experience to every room, every desk and every pocket
© 2014 Cisco and/or its affiliates. All rights reserved. 54
1. Assign phone numbers to users in dashboard
2. Deliver phones to users
3. Users plug in phone
4. Phones automatically register with cloud, pull configuration
5. Enable options, such as workgroups or queues, as needed
© 2014 Cisco and/or its affiliates. All rights reserved. 57
Meraki MV security cameras
The only video surveillance solution from a cloud leader
Simplified design for streamlined deployment
Fully managed through the Meraki dashboard
128GB of flash storage on each camera (about 20 days of footage)
Meraki MV
Introducing a brand new Meraki product family
© 2014 Cisco and/or its affiliates. All rights reserved. 58
Current video surveillance solutions
Meraki MV
Additional on-premise
hardware External recording
devices
Standalone software
packages
WITH MV, SAY GOODBYE TO
© 2014 Cisco and/or its affiliates. All rights reserved. 60
Linear scaling
Meraki MV
1:1 licensing for hardware
No additional on-prem hardware needed
Low barrier to entry
© 2014 Cisco and/or its affiliates. All rights reserved. 61
Powerful, intuitive features
Meraki MV
Motion search
Automatically isolate key motion
events and find out who stole
that laptop
Easily export important video
segments
Video wall
Resize, reorder, and monitor
video streams on the fly
Drag-and-drop functionality
Granular access controls
Choose who can view,
export, and change the
layout of your videos
© 2014 Cisco and/or its affiliates. All rights reserved. 62
MV is great for…
All existing Meraki customers Those with small or lean IT teams Where the IT team already manages or is being asked to manage cameras Distributed locations
Meraki MV
Education Manufacturing Construction Services Retail
© 2014 Cisco and/or its affiliates. All rights reserved. 63
All-inclusive, simple licensing model
Meraki MV
Two models – one license
3 year warranty on both models
Software updates for new features and bug fixes
24/7 end user support
Next business day warranty replacement of hardware
© 2014 Cisco and/or its affiliates. All rights reserved. 65
Pervasive connectivity
Ease of management
Visibility Reporting
Up-time
Reliability Redundancy
Flexibility
Density Scalability
© 2014 Cisco and/or its affiliates. All rights reserved. 66
Next steps
Risk-free evaluation meraki.cisco.com/eval
Check out our website & blog meraki.cisco.com/blog
Come see dashboard!