IT Central Station is now PeerSpot: Here's why

Meraki MX OverviewUNIXBusinessApplication

Meraki MX is #2 ranked solution in top Unified Threat Management (UTM) tools. PeerSpot users give Meraki MX an average rating of 8 out of 10. Meraki MX is most commonly compared to Fortinet FortiGate: Meraki MX vs Fortinet FortiGate. Meraki MX is popular among the large enterprise segment, accounting for 47% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 26% of all views.
Meraki MX Buyer's Guide

Download the Meraki MX Buyer's Guide including reviews and more. Updated: June 2022

What is Meraki MX?

Cisco Meraki MX appliances are next-generation firewalls with all the advanced security services needed for today’s IT security. The appliances are ideal for organizations considering a unified threat management (UTM) solution for branch offices, data centers, distributed sites, or campuses. Since Meraki MX is 100% cloud-managed, installation and remote management are simple and zero-touch.

Meraki MX’s hardware and virtual appliances are configurable in Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform, and private cloud support is offered through Cisco NFVIS and Alibaba Cloud.

Organizations of all sizes and across all industries rely on Meraki MX to deliver secure connectivity to hub locations or multi-cloud environments, as well as application quality of experience (QoE) through advanced analytics with machine learning.

Cisco Meraki’s advanced QoE analytics offers:

  • End-to-end health of web applications at a glance across the LAN, WAN, and application server.
  • Autonomous machine-learned smart application thresholds applied to identify true anomalies that are based on past behavioral patterns.
  • Ability to monitor the health of all MX WAN links across an entire organization.
  • Ability to detail hop-by-hop VoIP performance analysis across all uplinks.

Cisco Meraki’s SD-WAN offers:

The Meraki MX’s SD-WAN is unique in that it can be easily extended to deliver optimized access to resources in public and private cloud environments with virtual MX appliances. Its SD-WAN lowers operational costs and improves the performance of remotely-accessed resources. Users can ensure the availability of the apps and services their employees use most through dynamic path selection, policy-based routing, support for application-layer profiles, and VPN.

Meraki MX offers industry-leading cloud management that has template-based settings which can scale easily from small deployments to tens of thousands of devices. It features an intuitive web-based dashboard for managing mobile devices, united firewalls, switching, and wireless LAN. Users can also benefit from role-based administration, configurable email alerts for a variety of important events, and easily auditable change logs. Meraki MX is capable of producing summary reports with device, user, and application details archived in the cloud.

Meraki MX Key Features

MX has a robust suite of network services in an all-in-one device, which saves you money by eliminating the need for multiple appliances. These services include:

  • SD-WAN capabilities
  • SNORT®-based intrusion detection and prevention
  • Layer 7 fingerprinting
  • Web caching
  • Application-based firewalling
  • Anti-malware
  • Geo-based firewalling
  • Content filtering
  • Site-to-site auto VPN and client VPN
  • Web search filtering
  • Cisco Advanced Malware Protection (AMP)
  • 4G cellular failover
  • Dynamic path selection
  • Web application health and VoIP health

Reviews from Real Users

Meraki MX stands out among its competitors for a number of reasons. Two major ones are its easy management and its ability to be accessed remotely. Below is some feedback from PeerSpot users who are currently using Meraki MX as their firewall security solution.

Craig B., a central services engineer at Liberty Technology, writes, “The web console for managing everything keeps everything on Meraki and keeps us from going somewhere else. It is why I think a lot of people like Meraki. Comparing it to SonicWall or even a different Cisco firewall, like traditional ASAs, managing Meraki is a thousand times easier because of fluidity. You don't have to rebuild a table just to change one rule. It's much more readable for a human.”

Edgardo C., an IT director, notes,”By using the VPN, we can connect remotely. We have two offices, and we could connect them through the VPN. We could establish a network between two sites, and that has improved and increased communication and productivity. Our remote site is able to access the server remotely.”

Meraki MX was previously known as MX64, MX64W, MX84, MX100, MX400, MX600.

Meraki MX Customers

Hyatt, ONS

Meraki MX Video

Meraki MX Pricing Advice

What users are saying about Meraki MX pricing:
  • "Like any Cisco product, the license is really expensive for small business clients. It needs to be cheaper. If you look it up, you might go, "That doesn't make any sense.""
  • "We just have to pay for the product and the license. We have a license for three years, and it is renewed every three years. It costs $1,200 for three years for one endpoint. Meraki had a good promotion for remote workers or remote workforce. The discount is very good. This promotion continues till the next fiscal year of Cisco."
  • "​Other content filtering solutions that I have used had more bells and whistles, but given the cost, complexity, and management overhead, I am very pleased with Meraki’s solution."
  • "The license cost depends on the box. We acquired a different product line. We are dealing with MX appliance now, that is, MX6, MX54, MX100, MX250, MX450. Every box has got an identity, and it has got its own specification. Every box has got a different license fee. We deployed Meraki MX in UAE when it was not a mature product. We took a risk, but we were successful. We saved a huge amount of money after implementing and removing all the MPLS and leased lines. We got a broadband connection because Meraki MX could work on a broadband connection. We have drastically saved a very good amount of money, which was one of the successful things apart from the successful solution."
  • "I think the price is comparable with other solutions of the same kind. Depending on the use case it could be cheaper or more expensive, I think it offers good value."
  • "The price could be lower, but compared to the TCO of other products, it's not really that expensive."
  • Meraki MX Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Craig Butler - PeerSpot reviewer
    Central Services Engineer at Liberty Technology
    MSP
    Makes it easy to stay on top of everything for security
    Pros and Cons
    • "Meraki makes it easy to be secure and know where the holes are to fix them. We have been fixing anything that we have ever found for 20 years. We keep up-to-date with firmware upgrades. We just try to stay on top of everything for security, like maintaining updates and getting rid of old systems. I feel like we're on top of it."
    • "When we do API integrations with Meraki, they have always been hard as well as tedious to build. The data that we want out of the API integrations has been only recently available. Six months ago, it was hard to get someone to build something correctly or useful with Meraki APIs. Recently, they have made more data available on the API, but it is just a start. They need to do more."

    What is our primary use case?

    Meraki MX is great for WAN networking, e.g., when you have multiple ISPs at the one site or you have a large network that expands across a large physical area, like across a state or county. You use it to have a seamless VPN that you are not managing on devices or if you have a client VPN that needs to be easily integrated into the firewalls.  Our use case is anywhere from a 10-person company to a full-level enterprise, like a 1000-person company. You can use Meraki MX at any sort of level. They have different models, including for home use for remote workers. We only sell Meraki. As we get new clients, we switch them over to Meraki. A requirement that we have: If you are a recurring client, then you need to have Meraki MX because it is where we get our ISP data from. We are going to grow. We actively manage 40 organizations on a day-to-day basis as well as another 40 organizations/companies where we work with one-offs. Overall, close to 70 clients will have Meraki devices.  We are a managed services provider (MSP). I have it at my house. Then, at our headquarters, we have an MX100. Meraki doesn't have any on-prem stuff for software. We have a local portal for their network stuff, but they are exclusively managed online through a cloud portal. We are using Hosted ESA.

    How has it helped my organization?

    Meraki makes it easy to be secure and know where the holes are to fix them. We have been fixing anything that we have ever found for 20 years. We keep up-to-date with firmware upgrades. We just try to stay on top of everything for security, like maintaining updates and getting rid of old systems. I feel like we're on top of it. We are a mature organization in that regard; we are like a spry, almost middle-aged man. They are integrating with SecureX and have some built-in security alerts that work with Cisco AMP for antivirus. They give us visibility where they need to and don't overstep. I like it when Meraki MX focuses on routing and what a firewall traditionally is, like antivirus and anti-malware. I don't know how much more Meraki MX needs to be doing with that. I understand they are a firewall, but firewalls are for routing, not for base layer. I check something in Talos normally seven times a day. When I am working a normal day, I get new IPs or domains to review. Talos also feeds directly into Perch, AMP, and so many things. We rely heavily on Talos. I know they feed into Meraki MX as well. So, Talos is wonderful, and we could not do our job without them. Meraki has always made our security posture better. It has always given us more visibility in general. It has also made the ease of access to secure our network easier. For example, if you compare learning the Meraki certificate to the Cisco CCNA certificate, the Meraki certificate is about a third of the difficulty of the CCNA cert. So, the barrier to entry to manage Merakis is lower in IT than the barrier to entry to manage Cisco ASAs. The learning curve matches that.

    What is most valuable?

    The site-to-site VPN is really good. It keeps us going when we expand clients. We can just say, "Wherever you are, we can put you behind the same firewall or pipe your traffic somewhere. It is very easy to set up."  The web console for managing everything keeps everything on Meraki and keeps us from going somewhere else. It is why I think a lot of people like Meraki. Comparing it to SonicWall or even a different Cisco firewall, like traditional ASAs, managing Meraki is a thousand times easier because of fluidity. You don't have to rebuild a table just to change one rule. It's much more readable for a human. All of that ASA stuff and command line are great when you know how to use command line and worked on it for five years. However, if we are trying to train new people who are more used to a GUI on Windows, then Meraki will be a lot easier for everyone to learn, and even for salespeople to get data from it. It's better for the human environment and the human part of all of this. Webex and Meraki kind of work together. That is the whole layering thing. WebEx is for your team collaboration. We use analytical data from WebEx Control Hub and Meraki to figure out issues with calls. We have to route it the right way, then figure out if the ISPs are giving us packet loss. Almost anything goes out to the Internet 100 percent works with Meraki because you have to troubleshoot the ISP, and Meraki is how you do that. Meraki MX integrates stuff fairly well. We get the data we want out of it.

    What needs improvement?

    There is not a lot of configurability for the notifications and alerts in Meraki. There are a lot of alerts to choose from, but no matter how you set them up, they are spam. When we do API integrations with Meraki, they have always been hard as well as tedious to build. The data that we want out of the API integrations has been only recently available. Six months ago, it was hard to get someone to build something correctly or useful with Meraki APIs. Recently, they have made more data available on the API, but it is just a start. They need to do more. There needs to be some improvement on the client VPN. They have been promising AnyConnect for years. Right now, they have only a handful of their device list able to support AnyConnect for the client VPN. So, the client VPN and API are where they need to refine stuff. Non-Meraki VPN clients are a problem where you have to share a whole subnet and more than one IP, which is not ideal. For three years, we have heard that they have been working on AnyConnect. Only within the last year have seen possible betas on limited sets of devices for AnyConnect. It has become hard to believe, "We will see this in six months." They are working on it, but we need this already, which is a problem. We use several automation tools, but almost nothing does automation with Meraki the way that we want. We are currently working with Solarwinds MSP/NCentral and possibly Symmetric to get more of an API management tool. As an MSP, I set up SAML certificates that are all the same across our 80 organizations in Meraki. That lets us manage them all from one console, which is great, but we still need to go make changes individually. So, we are trying to get to where we have an automated tool that can make changes for multiple organizations or firewall settings at the same time. We use Meraki MX for harmonizing policies and enforcement across heterogeneous networks, but it is tedious. If you have four sites and all of them are behind their own firewall, then none of them are piping the Internet back to the same central site. They all are branch networks, but have their own access to the Internet. Anytime you change one branch's MX, then you have to do the same change on every MX manually. There is no replicated change between MXs.
    Buyer's Guide
    Meraki MX
    June 2022
    Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
    610,518 professionals have used our research since 2012.

    For how long have I used the solution?

    I have been using the solution Meraki firewall since day one of working with Liberty Technology, which has been almost three years. Liberty Technology has been using Meraki for closer to 20 years.

    What do I think about the stability of the solution?

    Client VPN is the only unstable thing that we have found. When we need to do re-audit firmware updates for a bunch of clients, that takes 10 people. Day-to-day, zero to one person maintains it.

    What do I think about the scalability of the solution?

    It is very scalable. For active security, we have about 15 to 30 security tools, like XDRs and firewalls. There are a lot of things that we need secured. We have physical doors, email, networking equipment, phones, and Windows devices, like physical machines. If you just go down the list of hosts, those take different types of security, like hosts for VMs. So, if you layer that, then you have layers of security where these are your base layer. Then, on top of that, you start layering on authentication protocols, like your domain controllers, authentication, LDAP, or wherever you want to have your directory live. We have a few places where our directory can live and switch between. There are different security setups depending on what we want to fallback to or actively use.  Everyone accessing Meraki is either IT personnel or serving an IT personnel goal. There are also some salespeople who go over inventory, billing, and procurement on the sales side. Anyone in security and working on the network in general can access Meraki. Anywhere in-between the IT director and the IT to our line can access Meraki to do something in it. There are different thresholds in which those people do different things. Tier 1 will just go look and make sure something is connected. Tier 3 will go make sure that things are set up correctly and change things if needed. Engineering will look at an issue if it gets escalated beyond that. That is your normal, typical IT stuff.

    How are customer service and support?

    Most of the time, the technical support works out. One in seven times, I will get a tech working the case where I close the ticket, then reopen it. Every once in a while, you are just going to run into someone who doesn't know what is going on or they don't have enough sense to escalate it. Both of those situations are concerning when we run into them. It doesn't happen too much with Meraki. Sometimes, it is a language issue or you get someone who is in the wrong mindset to fix your issue. If you have an extremely urgent issue, you don't want them to be like, "Hey, I don't know. I don't feel confident." Or, the person already said something, then is double guessing themselves. However, this is not the norm.  We were looking at CDO for a while. I don't really know what happened there, but the talks stopped all of a sudden, which isn't uncommon for us with Cisco. We will be looking at a product, then they won't get back to us or I won't hear about it again.

    Which solution did I use previously and why did I switch?

    A medical provider had a terrible network going in. We swapped out all their old solutions: Fortinet switches and SonicWall Firewall routers. Sonic Firewall routers' user interface feels as if, with anything you do, that you could be lost at the next second. You don't feel like it is stable. It is very clunky and slow. So, we switched that out, and instantly saw, "We have loops here and bad traffic going this way." We started getting analytics on how we needed to route the network better and where we needed to put actual physical drops. They had a cable between two switches that should have been an aggregate cable or aggregate port, and it wasn't. It was just an Ethernet cable that was piping about a half or third of their organization's network, which was terrible. A big deal with Meraki MX is phone systems. If you have to maintain a phone system with Cisco ASA, it is a lot harder than maintaining it with a Meraki switch due to the malleability of the Meraki switch, firewall, and router. Because you got to communicate with the phone gateway, and that all comes back on the Meraki firewall. Usually, the military uses Palo Alto. I might have used Palo Alto at a different job, not this one. My experience with Palo Alto will be similar to any Cisco ASA device. The GUI is not there. You have to do everything with command line as well as rebuild Access tables. That is the only way to modify those things, which is not fun. It is not something that anyone wants to learn or go do. It always has that extra level of effort. Meraki MX removed that.  Maintaining firewalls will never be joyful, but Meraki has made the quality of life for someone who has to maintain a firewall much better.

    How was the initial setup?

    The initial setup is straightforward. When we are rolling stuff out, it is always fine. When we have redundancy or multiple networks to configure, that takes time and is tedious. However, the setup itself is not complex. There is plenty of documentation on it. There are two schools of thought on implementation strategy:  We clone out from a very similar organization, then try to mirror it and switch the hardware, e.g., the actual inventory in the organization.  We build a new org from the ground up, if it's a small organization, then we just throw Meraki in, and we are good. I find it is easy. There is a standard practice that we are developing. It is so easy that once you have done it once, then you can train someone the first time that they do it. It wouldn't be something you would need documentation to reference, because of how simple it is. It takes one to three hours to set up. If it is a larger organization, then we will take three hours and refine things. If it is one site, then it is about an hour, just to make sure we are not screwing anything up.

    What about the implementation team?

    For Meraki MX, it takes just one person to set it up. If we are training someone, then it takes two people.

    What was our ROI?

    The ROI comes from when we switch out phone systems. If you had an AT&T phone system, but switched out to your own Meraki gear and phones, then you would see a giant bill reduction getting off that AT&T contract. This includes your ISP and phones because you don't know what is hidden in that contract.  Anytime you are working on a very large, physically-wide network, like statewide or countywide, you want it for bandwidth data, unless you have unlimited bandwidth. 

    What's my experience with pricing, setup cost, and licensing?

    Like any Cisco product, the license is really expensive for small business clients. It needs to be cheaper. If you look it up, you might go, "That doesn't make any sense."  If you want good security, this solution is what you need. It is worth it, even though it is expensive. I do think they should really look at making cheaper options, and not making people who already have the hardware find new hardware to get a cheaper option.

    Which other solutions did I evaluate?

    We are always evaluating new products, and this includes MFA. There are multiple types of MFA that we employ for different services. It's not like everything uses every product. It is that there are layers, like your email is probably behind five to six layers of security or different products that you don't even know about. I have very little experience with Fortinet. Fortinet has almost like a home network GUI, where you don't have a consolidating console for your whole organization. Fortinet does not have a solid cloud console. Meraki's cloud console and interface are just so sleek, and they work. I know where to get the data out of the solution now. It saves everyone time and makes them feel better when looking at something. Meraki has already won the race, but I feel like they have kind of stagnated. They just need to keep going, making every bit of data that they have accessible within one API call or having very clear directions of what to do to get that data. That is not there anymore. It used to be. They were going in that direction, then they stopped. Meraki is good and has a better GUI than anyone else, but they need to get more data visibility in there. 

    What other advice do I have?

    Duo Security integration is fantastic and really shines, but that is really on the Duo Security team for putting it altogether. Cisco AMP integration is lackluster where it is doing it, but we don't see a lot of what it's doing. When you use Meraki with an XDR, then you get a lot of good data that way. When you have options to get Meraki for port mirroring with a good XDR, then you will get a lot of data. So, its integration is very good. However, your base insights from Meraki will not come from Meraki itself. You have to integrate Meraki MX with an XDR or Stealthwatch NetFlow analysis. Meraki MX struggles to give you the alerts for data it already has. Meraki is very future-proof. They are ahead of the curve, but they have slowed down. So, they might average out to where some people will catch up. However, they are so far ahead on where I believe people are going that it is hard to see sometimes. The ease of use and learning curve are a big deal because you will always have turnover in IT that you have to deal with. The best thing you can do is make something easier for newer people to get into, maybe not some of the more complex things that you can do with Meraki. The big lesson learnt: I don't have to spend days training someone up in Meraki. They can do it pretty quickly in a day themselves. I would rate this solution as a nine out of 10.
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
    Director with 51-200 employees
    Reseller
    Top 10
    Provides good visibility, easy to configure and manage, and good for small businesses
    Pros and Cons
    • "Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature."
    • "We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem."

    What is our primary use case?

    We use it for the protection of our network and for access to our network Wi-Fi. 

    We mainly use two products of Meraki. We use the MX Series router and Access Point MR. MX is a router, and its deployment is installed on-premises, but the management or administration is done on the cloud.

    How has it helped my organization?

    It protects our network and does content filtering. It monitors our network for threats, and it also monitors the performance of the network. We also use it for the VPN.

    The visibility that it provides is very good. It is the most valuable feature of Meraki. It allows us to easily monitor threats, internal users, and internal and external networks. We rely a lot on this facility.

    Its ability to provide visibility into threats is good. By using the dashboard, we can watch and be aware of any threats and also take action if needed. 

    By using the VPN, we can connect remotely. We have two offices, and we could connect them through the VPN. We could establish a network between two sites, and that has improved and increased communication and productivity. Our remote site is able to access the server remotely.

    Meraki has improved our security posture. Before Meraki, we didn't have any security. Now, we are protected by the firewall. It is our first perimeter protection. It has increased security, but we know that we need more security. The maturity of our organization's security implementation is low because we don't have many tools for security. Meraki is at the beginning of our security stack. We use the Meraki firewall, and that's all. We need more tools for security, but the problem is that tools are expensive. So, currently, we are protected by just the Meraki firewall and the antivirus for the endpoints.

    What is most valuable?

    The visibility through the cloud dashboard is most valuable. We can access the dashboard remotely anytime for configuration and monitoring. 

    Its ease of configuration and management is very useful for us and for other companies that don't have an onsite IT person. It is easy to configure and easy to manage. It is easy to configure the VPN with the Auto VPN feature.

    What needs improvement?

    We use a Cisco LAN switch. Its model is CBS250, and it is a Cisco Small Business switch. It can be easily integrated, but the problem is that the other Cisco products are not in the same dashboard or cloud. Each one has a different management interface. I would prefer if both could be in the same cloud. If we use a switch from Meraki, it will be more expensive. Meraki switches are more expensive than the Cisco Small Business switches. For that reason, we prefer to use Cisco switches. With Cisco switches, we don't have to pay for subscriptions, whereas with a LAN switch from Meraki, we will have to pay for subscriptions.

    We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem.

    Their Technical Assistance Center (TAC) is slow to answer. Their response time should be improved. When we request support, their response time is long and not good. They still don't have the solution to the VPN problem. They established the VPN link, but the problem continues. They don't fix the problem. They just repair it, and the problem persists.

    For how long have I used the solution?

    I have been using this solution for about five years.

    What do I think about the stability of the solution?

    It is currently not stable for us. Its stability is not good. Its configuration could be the reason for the instability. 

    What do I think about the scalability of the solution?

    Meraki has a lot of different products, and it is scalable with Meraki products, but its scalability with another brand is not good.

    We have two administrators who are currently using this solution.

    How are customer service and support?

    Their Technical Assistance Center (TAC) is slow to answer. We called them two times. Their time of response was one hour and fifty minutes for one call, and it was one hour and seven minutes for the other call. Our experience was not good.

    When we can get support, their attention is very good, but they haven't been able to find a resolution. The problem is still there.

    How was the initial setup?

    It was straightforward. It is easy to configure. Meraki dashboard is intuitive. Of course, you need to know about networking, but it is intuitive and very fast to do the initial configuration. It took two hours.

    In terms of the implementation strategy, we planned the network, the addresses, and the segmentation before starting the configuration. We planned the ports that should be opened and the ports that must be closed for security. We also planned the rules of the firewall.

    We just configured Meraki through the dashboard. In switches, we configured the segmentation and the addresses. In Meraki, we configured the rules of content filtering. We then blocked the required things. The VPN configuration is supposed to be easy, but the problem is that if the VPN goes down when we are using it, it is too complex to bring it up.

    Its implementation is very new, and it was done around one month or two months ago. At this time, no maintenance is necessary. If required, our administrators or a third party can take care of maintenance. Once configured, there is no need to change anything. Its usability is very good, and it is not common to make any changes or do any maintenance. It just works.

    What about the implementation team?

    We used a third party to help with its deployment. Our experience with them was medium. 

    What's my experience with pricing, setup cost, and licensing?

    We just have to pay for the product and the license. We have a license for three years, and it is renewed every three years. It costs $1,200 for three years for one endpoint. 

    Meraki had a good promotion for remote workers or remote workforce. The discount is very good. This promotion continues till the next fiscal year of Cisco.

    Which other solutions did I evaluate?

    We evaluated FortiGate. FortiGate is a very good firewall. It is better than Meraki, but it is more complex to configure and manage. In terms of security, FortiGate is better to integrate. We chose Meraki because of its ease of management.

    FortiGate has good visibility and control through its own local interface. If you need to access the cloud, you need to go for another subscription.

    FortiGate has good monitoring, visibility, and control, but Meraki is easier. Meraki has fewer security functions than FortiGate. You can monitor more in FortiGate.

    The problem with FortiGate is that you need to buy FortiManager to have more visibility, which is a separate license. You can gain visibility of threats inside of the local interface of FortiGate by using FortiManager. 

    What other advice do I have?

    It is a very good platform for small businesses. It is easy to configure and manage, and it has Talos. It is easy to integrate with other Meraki products. Its contact filtering is also good, and the VPN is very easy to configure with the Auto VPN feature.

    It provides good security, but it is not the best. It is for small businesses, and it doesn't have the same functionality as Firepower or other brands, such as Fortinet. It doesn't have the same security as Firepower or FortiGate. I would recommend complementing the security provided by Meraki MX with an endpoint security solution. If you need more security, you can add sandbox security.

    I would rate Meraki MX an eight out of 10.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
    Flag as inappropriate
    Buyer's Guide
    Meraki MX
    June 2022
    Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
    610,518 professionals have used our research since 2012.
    PeerSpot user
    Supervisor of IT Infrastructure & Cybersecurity at a tech consulting company with 51-200 employees
    Reseller
    Top 5Leaderboard
    Great SD-WAN solution. Manage multiple Meraki devices (security, switches, APs, Cameras) with a single pane of glass.
    Pros and Cons
    • "Point-to-point VPNs can dynamically follow IP changes with no need for static IPs."
    • "Dual WAN connections are greatly simplified and point-to-point VPNs automatically connect regardless of what WAN connection is active."
    • "Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times.​"

    What is our primary use case?

    Security appliance/firewall and SD-WAN. With an advanced security license, the content filtering, IDS, and geographical blocking features are surprisingly good compared to using alternative solutions with no noticeable performance hit. 

    The geographical blocking is a great security feature but you have to use with planning. I’ve managed to block a few vendors websites and mail servers without realizing what country those vendors were located in. When you’re not use to having geographical blocking the first time I had the problem it took a while to troubleshoot why the connectivity was missing.  Sorta over secured myself. Not the MX’s fault.

    How has it helped my organization?

    • Easy of use
    • Remote management

    We are an MSP and Meraki provides MSPs with a combined management dashboard to centralize all clients under one single pane of glass. They offer a dynamic DNS, so Client VPNs and point-to-point VPNs can dynamically follow IP changes with no need for static IPs. The SD-WAN VPNs are also the easiest VPNs to setup in either a mesh or hub-and-spoke configuration that you will find. It works with non-Meraki VPN equipment too.

    What is most valuable?

    The dashboard brings all management features with you wherever you are. All you need is an Internet connection and a browser and you can manage the solution. The dashboard tracks your uplink connectivity to the dashboard and double checks with you all changes impacting the connectivity, making it much safer to enact changes remotely. Dual WAN connections are greatly simplified and site-to-site VPNs automatically connect regardless of what WAN connection is active. 

    Site-to-Site VPNs are the easier to setup than any other vendor’s solution. You simple pick two or more devices to tunnel together and then select what network subsets should be allowed to cross the tunnel and you are done. The solution handles all the details. Site-to-site VPNs can dynamically follow IP changes with no need for static IPs.

    For MSPs the dashboard is even more convenient as all your clients are on the same MSP account. Switching between managing different clients Meraki equipment is a few clicks once you login to the dashboard. Two-factor authentication is available for enhanced dashboard security. 

    Options for teleworkers include the Meraki Z3 product. This device is great for extending your workforce into homes. It has a POE port built-in and can power a VoIP phone for your office communications as well as the AutoVPN capability. We have deployed a lot of these since COVID-19 emerged.

    What needs improvement?

    Some advanced enterprise features are missing, so the Meraki MX is not for
    demanding enterprise networks as it lacks high level features
    (including SSL inspection and VPN client software)

    As for SSL inspection I think this is better performed on the Client PC where the inspection can be performed before or after the SSL encryption is done. Look at a solution like SentinalOne for this. This type of solution is going to be less prone to problems with SSL inspection.

    Additionally the client VPN uses native OS VPN connectivity in Windows, Mac OS X, and Linux. While this is nice from the perspective of no license fees to have a client VPN, there are sometimes issues when drivers or OS updates are released that impact client VPN connectivity. Draytek makes VPN client software that works with the MX but it is not officially supported by Meraki.

    I'm not a fan of any security appliance's VPN as they typically allow access to everything on the corporate network. Specific VPN solutions like NetMotion allow you to create granular access control to resources inside your firewall. I think having that level of control is a huge security plus.

    There are so many options available when you are looking to create your security stack. In my experience I've found that putting all your requirements on one solution will usually result in some level of disappointment.

    On the Meraki dashboard is a “Make a Wish” button to request new features. I have made multiple wishes and they were all were with in granted.

    For how long have I used the solution?

    Eight years.

    What do I think about the stability of the solution?

    Meraki hardware seems to be very stable. Their update process can be automated and I have not had any issues with stability. Also redundant Internet connectivity automatically fails over reliably. AutoVPN rebuilds the site to site VPN tunnels after a Internet connectivity failover without any admin action. 

    What do I think about the scalability of the solution?

    During the Intel CPU clock signal component issue in early 2017 Meraki’s MX84 product line was impacted. Once Meraki started getting replacement CPUs they shipped a replacement  MX84 to swap my production unit. I was very impressed to learn how easy a hardware swap works with the Meraki dashboard. It was very simple to add the replacement unit. It began to function as a warm spare so I could then remove the old serial numbered device. A few minutes later and the replacement unit downloaded the production configuration and we were up and running on the replacement hardware. I also on a separate project upgraded to a larger MX and it was just as simple.

    How are customer service and support?

    Tech support is available from the dashboard. Meraki tech support staff have a lot more visibility into your network than you do, which is frustrating at times. I understand the approach is to keep the dashboard easier to understand. This will frustrate more advanced users at times.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    Previously I managed Cisco ASA equipment and enjoyed these firewalls. The need to train other admins and deployment at MSP clients were at the top of my list for switching to Meraki MX. The learning curve is much less steep for new security admins and the central dashboard allows collaborative efforts when admins are in different locations. Built-in change management makes it easy to see who made specific changes as changes are logged on the dashboard.

    How was the initial setup?

    Setup is rather easy but with templates or using an existing MX as a template to create an new MX configuration setup becomes even easier.

    What about the implementation team?

    We perform all Meraki implementation in-house.

    What was our ROI?

    ROI is huge on Meraki products for admins. The learning curve reduces the amount of training required and the dashboard makes administration of MX appliances simple and that impacts ROI in a big way.

    What's my experience with pricing, setup cost, and licensing?

    Other content filtering solutions that I have used had more bells and whistles, but given the cost, complexity, and management overhead, I am very pleased with Meraki’s solution.

    What other advice do I have?

    I was very worried when Cisco purchased Meraki, but surprisingly, they have not changed the organization or product lines for the worse. However recently they did a co-design with the MS-390 switch product and that model switch appears to have some issues. I haven't deployed one but heard others warn to be aware of the issues prior to purchase.

    Which deployment model are you using for this solution?

    On-premises

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Group Network Specialist at a financial services firm with 5,001-10,000 employees
    Real User
    Top 5Leaderboard
    Cost-effective, simplified, easy to manage, and reliable with advanced security features and granular visibility
    Pros and Cons
    • "It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services. You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues."
    • "From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy."

    What is our primary use case?

    We have migrated all wide area network (WAN) links from the conventional connection to the cloud-managed SD-WAN. 

    We have all ranges. We are using the lowest model MX65 and the highest model MX450. We have deployed on-premises and on the cloud because the hardware requires an on-premises placement and then it works on the cloud.

    We have more than 1500 users. We have approximately 1500 employees, and we also have guests who are bringing their own devices. Some of the users have got multiple devices, so the number of users increases. When you look at the dashboard, you might find more than 3,000 end-user devices across the group.

    How has it helped my organization?

    Meraki MX has not only simplified our wide area network connectivity operations. It also gave us a very cost-effective solution. As compared to the most expensive MPLS and leased-line circuits, it works on a broadband connection.

    What is most valuable?

    It has the most advanced security features, for example, layer 3 and layer 7 firewall capabilities and the end team and IPS protection. It also has IPS, and it has very good functioning of cloning services.

    You don't actually have to touch the device. If you have multiple companies in different countries, you don't really require this device to be touched. You can get it delivered directly to any office of a country, and then you can simply put your configuration over the cloud. It's very simplified and easy to manage. 

    It gives a very good granular visibility about your network. Earlier, a lot of things were lacking in the network. We were unable to identify where the problem was, but after implementing Meraki MX, we are able to dig down and identify where is the problem. We can easily and quickly identify the sources and the root causes of the issues.

    What needs improvement?

    From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. 

    The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy. 

    For how long have I used the solution?

    We have been using Meraki MX for more than two years. We deployed this product two years ago.

    What do I think about the stability of the solution?

    Stability is there in Meraki MX. The availability is 99%. We have been monitoring the organization for the past two years, and we haven't got any downtime because of Meraki MX. It is either because of the ISP link being down because of non-payment or maybe some issue with ISP link or power outage. We haven't got any problem with Meraki MX itself. 

    How are customer service and technical support?

    Their technical support is satisfactory. I would not say very satisfactory, but it's okay. We are only covered with the support license. 

    They are good up to some extent, but because we have been using these devices or this product, sometimes, we know better than their support team. In fact, we had a problem related to active data integration with Meraki MX during the implementation, and the support team was unable to resolve it. We resolved it ourselves. We would expect better support from Meraki MX.

    Which solution did I use previously and why did I switch?

    We used the conventional Cisco routers.

    How was the initial setup?

    The initial setup was straightforward. Before deploying Meraki MX, we did a POC for three months, and this POC was successful. In fact, we were given only 60 days, but we took over 90 days to do a complete assessment to see whether this fulfills our needs. When we were sure that this is the right solution for us, we deployed it across the group.

    What about the implementation team?

    Initially, we required an integrator. There was a vendor who deployed this service, but after the first-time implementation, it was very easy because it's a very quick thing to do. We did not require any assistance from any of the vendors. 

    We have got in-house resources. When we get a new device, we don't require any implementation or installation support. We do it ourselves. It's very simple. We've been doing this deployment across the group. Initially, we had about 30 sites. Now, we have 40 sites, and the number of sites is increasing.  

    What's my experience with pricing, setup cost, and licensing?

    The license cost depends on the box. We acquired a different product line. We are dealing with MX appliance now, that is, MX6, MX54, MX100, MX250, MX450. Every box has got an identity, and it has got its own specification. Every box has got a different license fee.

    We deployed Meraki MX in UAE when it was not a mature product. We took a risk, but we were successful. We saved a huge amount of money after implementing and removing all the MPLS and leased lines. We got a broadband connection because Meraki MX could work on a broadband connection. We have drastically saved a very good amount of money, which was one of the successful things apart from the successful solution.

    What other advice do I have?

    From the IT perspective, people are more relying on the cloud for cloud hosting. Instead of having the data center on-premises or hybrid, people are moving towards cloud hosting. The integration with cloud managed services is there. We have some services hosted on Azure. We also have some services hosted on Amazon. We have a plugin with the cloud manager, Meraki MX. It has VMS features available so that we can have the security and our own private cloud connected to Amazon, Azure, or any cloud services, which is a future proof solution.

    I would, of course, recommend Meraki MX. Everyone should have this cloud management solution. We never had any problems after the implementation. This solution also gave us the confidence to deploy across the group. If we had experienced, for example, sluggishness, slowness, or some unreliability, we would have not continued deploying it. Based on this, I would strongly recommend that any company in the world can deploy this product without any hesitation or doubt. It's very reliable. 

    They are continuously updating the firmware and resolving the issues. They're always there to help you out. So, we should not be worried about this product. I would highly recommend that the Meraki MX appliance should be deployed.

    I would rate Meraki MX an eight out of ten. It has got pros and cons, but the pros are more.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    President at TJD Consulting Inc.
    Reseller
    Offers simple cloud-based management in a stable, scalable solution with responsive technical support
    Pros and Cons
    • "I think cloud management is key. The cloud management and support are the two things that make the product great."
    • "Meraki has some hidden features and information that is only privy to their engineers. If that information became available to us, then it would improve our ease of management, and we would be able to make certain adjustments instead of having to go to them."

    What is our primary use case?

    We deploy for customers including automobile dealerships, medical locations, manufacturing, and cannabis. We implement the solution to allow easier management of the equipment involved in these industries. 

    How has it helped my organization?

    The solution makes firewall management simple and easy, so other people in my organization can manage the firewalls, not just me. 

    What is most valuable?

    I think cloud management is key. The cloud management and support are the two things that make the product great.

    What needs improvement?

    Meraki has some hidden features and information that is only privy to their engineers. If that information became available to us, then it would improve our ease of management, and we would be able to make certain adjustments instead of having to go to them.

    For how long have I used the solution?

    I have been using this solution for about four years. 

    What do I think about the stability of the solution?

    I've been working with the solution for four years and have never had a stability issue. I did have one unit fail, but it got drenched with water. 

    What do I think about the scalability of the solution?

    The solution is highly scalable, there are different models available depending on how many users will be behind the firewall. That can be a few users or thousands. 

    We have deployed in locations that have one site with two or three users, and we have deployed in other places that have ten locations with ten firewalls and behind each firewall might be 50 people, so up to 500 people or more. Then we create site-to-site VPNs between each of the locations.

    I put in Meraki for every customer in need of a firewall who does not have this product. I have some customers with Cisco ASA contracts lasting another one or two years, so when they expire, I will put in a Meraki.

    How are customer service and support?

    They're quick, responsive, and easy to get ahold of. They're usually on the phone within minutes. 

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We previously used Fortinet FortiGate and Cisco ASA Firewall, we switched because Meraki MX offers ease of management. The Cisco and Fortinet firewalls are more complicated, requiring more knowledge and involvement to manage. 

    How was the initial setup?

    The initial deployment was very straightforward and simple. The solution doesn't require much knowledge and the customer support is readily available. We don't have to do any maintenance at all, the vendor notifies us of scheduled firmware updates and they handle everything. 

    Setup requires deploying the firewall to the internet, setting up the inside addressing, and possibly a DHCP scope or VLANs.

    What about the implementation team?

    We implemented in-house with just one person.

    What was our ROI?

    I have definitely seen an ROI with this solution, it makes changes much quicker. Creating a site-to-site VPN with a Cisco ASA Firewall would take me one to two hours, but it takes me about two minutes with a Meraki MX appliance. 

    What's my experience with pricing, setup cost, and licensing?

    I think the price is comparable with other solutions of the same kind. Depending on the use case it could be cheaper or more expensive, I think it offers good value.

    Which other solutions did I evaluate?

    We tried SonicWall and Sophos firewalls and we had more challenges with them.  

    What other advice do I have?

    I've been in this industry for 40 years and this is the simplest and easiest product that I've ever used. What's important to me is it makes my people more capable. Instead of having to rely on one or two people within the company that know the firewalls, this solution is so simple that anyone with a small amount of technical capability can manage it.

    Most of our solutions are on-premises, but we do have one MX in the AWS cloud. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    Flag as inappropriate
    Senior Network Engineer at a computer software company with 11-50 employees
    Real User
    Top 5
    Good support, easy to set up, with web-based centralized management
    Pros and Cons
    • "The technical support people from Meraki are brilliant."
    • "They need to improve the link between Meraki and Active Directory."

    What is our primary use case?

    We are a solution provider and Meraki is one of the firewall products that we implement for our customers.

    What is most valuable?

    Meraki is very easy to set up. It has a cloud-based setup where you log into a portal and it communicates with your device.

    What needs improvement?

    You can't set up complicated firewall rules, such as the ones that can be handled by Sophos. Sometimes you need to contact Meraki Cisco support for extra setup because as a normal user or administrator, you can't do it.

    If you use the VPN to link Meraki with your onsite domain with Active Directory then it doesn't work properly. It will work for one or two weeks, then it will stop. They need to improve the link between Meraki and Active Directory.

    When the internet connection is lost, you are not able to change any of the firewall rules because you cannot connect to the portal. This is unlike Sophos, where you can log on to it physically and change the rules.

    It would be good if they allowed you to implement the certificate. At the moment, you can link Meraki with the self-signed certificate in your domain, but you cannot set up the active service VPN with Meraki on a certificate.

    For how long have I used the solution?

    I have been working with Meraki MX for five years.

    What do I think about the stability of the solution?

    Stability is not a problem, although we did one time have a Meraki device that was dead on arrival.

    How are customer service and technical support?

    The technical support people from Meraki are brilliant. When you call, you reach them quickly and it's like you are talking with second-line support. By comparison, with Sophos, it's not always like that. The people from Meraki really try.

    Which solution did I use previously and why did I switch?

    We sell the Sophos UTM solution to protect some of our customers. I am a certified Sophos architect and it is easier to set up than Meraki.

    We are also resellers of FortiGate.

    When it comes to reading the logs of other devices, it is much easier with Meraki, FortiGate, or even the Sophos XG firewall.

    At the moment, all of the firewalls on the market are doing the same thing. Once you buy the license, it will cover everything.

    How was the initial setup?

    I have never had a problem setting up a Meraki device, other than one time when the unit was dead on arrival. Once they are set up, they work fine.

    What other advice do I have?

    The suitability of this product depends on the customer's needs. If they don't need really complicated firewall rules, yet want to protect the network and want really good web filtering, then I recommend using Meraki. If on the other hand, they have a really complicated setup and want better filtering, then Sophos is the better option.

    Also, if you have your own web server or mail server on-site, then I recommend Sophos. If instead, you have a normal office network with mail stored in the cloud, then I recommend Meraki.

    Overall, this is a good product but it does have some limitations. Sophos UTM gives you more options, for example.

    I would rate this solution an eight out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    COO at a manufacturing company with 11-50 employees
    Real User
    Good support, cloud-managed with a nice web interface
    Pros and Cons
    • "They have very good technical support and I have relied heavily on them."
    • "It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services."

    What is our primary use case?

    The primary reason we implemented this product is as a gateway router. That is the first functionality that we sought out for. It also has all of these built-in intrusion detection and malware protection firewall features. So, we are also using it for the firewall capability that is built into it.

    What is most valuable?

    The whole selling point for this product is that it's cloud-managed.

    They have very good technical support and I have relied heavily on them.

    The ports can be VLAN separated, so we use that feature, or we used it in the past.

    What needs improvement?

    It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services. Ideally, I would like to have one place to shop.

    What do I think about the stability of the solution?

    This is a stable product.

    How are customer service and technical support?

    They have very good technical support.

    Which solution did I use previously and why did I switch?

    We also have a Barracuda.

    I worked with the previous, older router than was in the company and it was command-line driven. That was terrible, so I find that the Cisco Merki is a great improvement. Overall, I'm really happy with it, although I cannot compare it to any others.

    My understanding is that all of the products have evolved from a command-line interface to being web-based and cloud-managed.

    How was the initial setup?

    The initial setup is pretty straightforward.

    What about the implementation team?

    I deployed this product, although I relied a lot on Cisco support when I set it up.

    What other advice do I have?

    This is a nice device, although I find that when you speak with professionals about it, they put down these combined devices that have many different functionalities. They say that it is not like a bonafide firewall, the same way that they say the Barracuda IPS is not as good as a dedicated one. I wouldn't be able to tell you whether it's good or it's better unless something really bad happens. I don't know, for example, whether it works great or it's that we haven't been attacked yet.

    We have a SIEM SOC managed service and as part of it, they rely on the logs that the Meraki generates, so it can't be that bad of a product.

    Overall, this is a very nice product.

    I would rate this solution an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    StephaneFaure - PeerSpot reviewer
    Engineering Manager at a tech services company with 11-50 employees
    Reseller
    Top 20
    Addresses multiple use cases from an all-in-one device
    Pros and Cons
    • "I love the simplicity of Meraki MX — specifically, the simplicity of the dashboard."
    • "You cannot use switching behaviors as you see on the Meraki switch."

    What is our primary use case?

    Our company and clients use this solution. Our clients range in size from small, medium, and large organizations. Within our company, there are roughly 50 people using this solution. 

    What is most valuable?

    I love the simplicity of Meraki MX — specifically, the simplicity of the dashboard.

    What needs improvement?

    Currently, I don't see any big areas for improvement; although, It lacks some switching features. For instance, when you use MX to link the firewall to a stack, you cannot use LACP.  You cannot use switching behaviors as you see on the Meraki switch. This would be a really cool feature to have — real switching features on Meraki MX.

    For how long have I used the solution?

    I have been using Meraki MX for five years.

    What do I think about the stability of the solution?

    Meraki MX is very stable. We haven't experienced any issues relating to stability. It's also very scalable, too.

    How are customer service and technical support?

    We are in the first line of support, so we use the support differently than traditional customers — they are good.

    Which solution did I use previously and why did I switch?

    Yes. We used Cisco, Palo Alto, a bit of Fortinet, and others. Currently, we only provide Meraki and Meraki-related devices.

    What's my experience with pricing, setup cost, and licensing?

    The price could be lower, but compared to the TCO of other products, it's not really that expensive. When we sell it to customers, the first fee of the quote is often a bit odd; however, consider the small number of resources needed to manage it, there is an advantage to using Meraki MX.

    What other advice do I have?

    You need to be ready to change your mindset of classical firewalls. Meraki is really more powerful with the full stack, which is the real purpose of this solution.

    The real advantage with Meraki is the interaction between different prototypes, like Xpoint which is Amex — this is a game-changer. It's great when you have the full stack and you can play with the different settings and interact between Meraki devices.

    Overall, on a scale from one to ten, I would give Meraki MX a rating of eight.

    Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
    Buyer's Guide
    Download our free Meraki MX Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2022
    Buyer's Guide
    Download our free Meraki MX Report and get advice and tips from experienced pros sharing their opinions.