Cisco MERAKI- What do we need to know

WHAT DO WE NEED TO KNOW

CISCO MERAKI has different variety product. Mostly I use is Security appliance, Wireless & Switch.

Mainly they are cloud base product which mean. Without internet, it is not much you can do on the devices. Such as you can change vlan trunk/ access or add DHCP on Security appliance. But you can configure IP address and turn other port to be WAN port.

License always come with the product when you buy, Normally is 1 year then you will need to renew. There is 2 method for Licensing

Per Device - A price per device, you will need to claim it each time. 
Annual - a price which is included all your devices
Without License mean, you can use their meraki cloud Service. 

With Licenses, they always come with very nice feature.

on Security Appliance, they will have intrusion detection, You can find it at “SECURITY & SD-WAN”-> SECURITY CENTER, MX will list what source of threat it has blocked. provide to you what is the signature and more information.

on Wireless AP, they will have WIDS/WIPS & Air Marshal. They can detect Rogue SSID, and smart enough to send broadcast message to deauthorizate client.

HERE IS FUNCTION I ALWAYS USE

ORGANIZATION -> SUMMARY REPORT

It is giving you an insight report, of the device in a specific period.

Usage over time – so that you will know is it over your client’s bandwidth capacity

TOP Clients by usage – just to narrow it down which is the most usage client. then do further investigation .

Summary Report

Traffic Analysis

You will need to enable Traffic analysis,  in order to information below:
Balance: you can see overall application, port 
Detail: Balance info + source & destination

analysis by application: By your client internet usage pattern, normally you can predict how is the application traffic like. is it normal or abnomral.
analysis by port: you can quickly find out, is there any other ports which is driven high traffic. 

TROUBLESHOOT

Change Log

ORGANIZATION -> CHANGE LOG
When there is a issues raise, first thing you want to know. Is there any configuration changes before and after. 

PACKET CAPTURE

 NETWORK-WIDE -> PACKET CAPTURE
This is a very handy tool, you can view the packet on screen or  you can download it as pcap file. 

EVENT LOG

NETWORK-WIDE -> EVENT LOG
When I troubleshooting site to site VPN/ Client VPN, that is the tool. I will always go first. To find out, why didn't establish vpn connection. Which part of ipsec got an issues...