IT Central Station is now PeerSpot: Here's why

Meraki MX Room for Improvement

Craig Butler - PeerSpot reviewer
Central Services Engineer at Liberty Technology

There is not a lot of configurability for the notifications and alerts in Meraki. There are a lot of alerts to choose from, but no matter how you set them up, they are spam.

When we do API integrations with Meraki, they have always been hard as well as tedious to build. The data that we want out of the API integrations has been only recently available. Six months ago, it was hard to get someone to build something correctly or useful with Meraki APIs. Recently, they have made more data available on the API, but it is just a start. They need to do more.

There needs to be some improvement on the client VPN. They have been promising AnyConnect for years. Right now, they have only a handful of their device list able to support AnyConnect for the client VPN. So, the client VPN and API are where they need to refine stuff. Non-Meraki VPN clients are a problem where you have to share a whole subnet and more than one IP, which is not ideal.

For three years, we have heard that they have been working on AnyConnect. Only within the last year have seen possible betas on limited sets of devices for AnyConnect. It has become hard to believe, "We will see this in six months." They are working on it, but we need this already, which is a problem.

We use several automation tools, but almost nothing does automation with Meraki the way that we want. We are currently working with Solarwinds MSP/NCentral and possibly Symmetric to get more of an API management tool. As an MSP, I set up SAML certificates that are all the same across our 80 organizations in Meraki. That lets us manage them all from one console, which is great, but we still need to go make changes individually. So, we are trying to get to where we have an automated tool that can make changes for multiple organizations or firewall settings at the same time.

We use Meraki MX for harmonizing policies and enforcement across heterogeneous networks, but it is tedious. If you have four sites and all of them are behind their own firewall, then none of them are piping the Internet back to the same central site. They all are branch networks, but have their own access to the Internet. Anytime you change one branch's MX, then you have to do the same change on every MX manually. There is no replicated change between MXs.

View full review »
EC
Director with 51-200 employees

We use a Cisco LAN switch. Its model is CBS250, and it is a Cisco Small Business switch. It can be easily integrated, but the problem is that the other Cisco products are not in the same dashboard or cloud. Each one has a different management interface. I would prefer if both could be in the same cloud. If we use a switch from Meraki, it will be more expensive. Meraki switches are more expensive than the Cisco Small Business switches. For that reason, we prefer to use Cisco switches. With Cisco switches, we don't have to pay for subscriptions, whereas with a LAN switch from Meraki, we will have to pay for subscriptions.

We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem.

Their Technical Assistance Center (TAC) is slow to answer. Their response time should be improved. When we request support, their response time is long and not good. They still don't have the solution to the VPN problem. They established the VPN link, but the problem continues. They don't fix the problem. They just repair it, and the problem persists.

View full review »
PP
Supervisor of IT Infrastructure & Cybersecurity at a tech consulting company with 51-200 employees

Some advanced enterprise features are missing, so the Meraki MX is not for
demanding enterprise networks as it lacks high level features
(including SSL inspection and VPN client software)

As for SSL inspection I think this is better performed on the Client PC where the inspection can be performed before or after the SSL encryption is done. Look at a solution like SentinalOne for this. This type of solution is going to be less prone to problems with SSL inspection.

Additionally the client VPN uses native OS VPN connectivity in Windows, Mac OS X, and Linux. While this is nice from the perspective of no license fees to have a client VPN, there are sometimes issues when drivers or OS updates are released that impact client VPN connectivity. Draytek makes VPN client software that works with the MX but it is not officially supported by Meraki.

I'm not a fan of any security appliance's VPN as they typically allow access to everything on the corporate network. Specific VPN solutions like NetMotion allow you to create granular access control to resources inside your firewall. I think having that level of control is a huge security plus.

There are so many options available when you are looking to create your security stack. In my experience I've found that putting all your requirements on one solution will usually result in some level of disappointment.

On the Meraki dashboard is a “Make a Wish” button to request new features. I have made multiple wishes and they were all were with in granted.

View full review »
Buyer's Guide
Meraki MX
June 2022
Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
608,713 professionals have used our research since 2012.
AH
Group Network Specialist at a financial services firm with 5,001-10,000 employees

From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. 

The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy. 

View full review »
TD
President at TJD Consulting Inc.

Meraki has some hidden features and information that is only privy to their engineers. If that information became available to us, then it would improve our ease of management, and we would be able to make certain adjustments instead of having to go to them.

View full review »
MM
Senior Network Engineer at a computer software company with 11-50 employees

You can't set up complicated firewall rules, such as the ones that can be handled by Sophos. Sometimes you need to contact Meraki Cisco support for extra setup because as a normal user or administrator, you can't do it.

If you use the VPN to link Meraki with your onsite domain with Active Directory then it doesn't work properly. It will work for one or two weeks, then it will stop. They need to improve the link between Meraki and Active Directory.

When the internet connection is lost, you are not able to change any of the firewall rules because you cannot connect to the portal. This is unlike Sophos, where you can log on to it physically and change the rules.

It would be good if they allowed you to implement the certificate. At the moment, you can link Meraki with the self-signed certificate in your domain, but you cannot set up the active service VPN with Meraki on a certificate.

View full review »
TK
COO at a manufacturing company with 11-50 employees

It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services. Ideally, I would like to have one place to shop.

View full review »
StephaneFaure - PeerSpot reviewer
Engineering Manager at a tech services company with 11-50 employees

Currently, I don't see any big areas for improvement; although, It lacks some switching features. For instance, when you use MX to link the firewall to a stack, you cannot use LACP.  You cannot use switching behaviors as you see on the Meraki switch. This would be a really cool feature to have — real switching features on Meraki MX.

View full review »
MV
Managing Director at a tech company with 11-50 employees

While it's reasonably priced, it could always be lowered to compete with others.

In the next release, because the security is pretty basic, I think they could include additional security features.

View full review »
GB
Commercial Product Manager at a comms service provider with 10,001+ employees

The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better.

View full review »
MG
Solutions Specialist - Networking at a tech services company with 201-500 employees

In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past.

View full review »
SS
Director, Enterprise Products at a comms service provider with 201-500 employees

The security is not as strong as it could be. The lack of HTTPS encryption is a big challenge that I have with Meraki. Essentially, the Meraki device is blind to any threats that are encrypted, and currently, somewhere in the neighborhood of 3/4 to 80% of all internet traffic is encrypted. In other words, you basically have a blind security guard watching the network.

View full review »
Adnan Bastawala - PeerSpot reviewer
System and Network Administrator at Pharmatrade

There is room for improvement relating to third-party VPNs.

You can only have one tunnel in the whole infrastructure — one tunnel with one device. I cannot have multiple terminals running from each of the devices to the same third-party.

View full review »
CH
Chief Technical Officer at a tech services company with 11-50 employees

We prefer UTM solutions.

As far as what needs to be improved — nothing really comes to mind. It does what we need it to do.

View full review »
Ronnie Johnstone - PeerSpot reviewer
Group ICT Manager at a transportation company with 501-1,000 employees

Management can be improved in Meraki MX. 

View full review »
Buyer's Guide
Meraki MX
June 2022
Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
608,713 professionals have used our research since 2012.