Cisco acquired Meraki, the leader in cloud controlled WiFI, routing and security late 2012. For those that haven’t heard of Meraki, the concept behind the technology is pretty cool. All device configuration and management is handled using a cloud / web accessible GUI. You can configure everything and ship equipment to where it needs to provide network access prior to first powering things on. Once you are ready, all you do is plug in the equipment and it works (IE all configuration is sent to the device via encrypted tunnel from the cloud) . It really is that simple.
I had the privilege of obtaining various Meraki products including their new teleworker gateway / home office wireless router known as the Meraki Z1. The price ranges from $160-225 from online sources. That may seem a bit steep compared to lower grade networking solutions however the value and quality of the Z1 can’t be beat.
Meraki’s design concepts reminds me of how Apple builds products focused on easy usability. The GUI layout and features just make sense. I set up my entire lab without referencing a configuration guide. I spent maybe 5 minutes setting things up and had my entire home network converted including remote VPN access in less than 10 minutes.
Meraki web login
The first step to setup a Meraki solution is creating an online account at https://account.meraki.com as shown above. This will get you into the main GUI. Once in the main GUI, the left column will show available options as you add different device types. The Organization tab represents global items such as login information, device inventory and licensing. Clicking Inventory lets you add devices by serial number using the Claim button. Meraki groups devices by the term network for management purposes. My lab has the Z1 in one network while all other gear is in a network called MerakiTestWireless.
My Meraki hardware
To add licenses, click the License info tab and click add license. A license should be issued once you purchase equipment. The next screenshot shows my Z1 has a separate license while the remaining Meraki equipment is sharing a license as they were separate orders. Once devices are added to a network, a Network: drop down will appear at the top used to select which network to manage. For my example, I can select my Z1 network or the MerakiTestWireless network containing the rest of my Meraki hardware.
Adding licenses in the Meraki GUI
The basic setup for a Z1 is creating a SSID name, enabling NAT, selecting which login security to use and passwords. The Z1 offers a standard layer 3 firewall, application firewall, site-to-site VPN and remote access VPN. The Z1 also has some traffic shaping capabilities such as my example showing how I’m prioritizing VoIP and Video traffic.
Configuring traffic shaping policies
Once setup, I can view traffic on my network by clicking the Monitor tab. The examples shown below displays my network data, what applications are used with associated bandwidth, clients on the network and operating system profiling. I can click any client and drill into how they are using my network. The Appliance status page shows ports and protocols as well as other network details such as public IP and even a map of where the physical Meraki device is located based on google maps. There is a rouge AP detecting feature showing all my neighbor’s devices including if they are Unencrypted.
Meraki Z1 overview dash
Meraki Z1 device management
Meraki Z1 Traffic Analytics page
Meraki Z1 showing rouge APs
Thats a short summary of using the Meraki Z1. There are some really cool features found in other Meraki products such as IPS/IDS, custom splash pages and even the ability to charge a price for guest wireless access leveraging a built in billing system. I’ll post on the remaining Meraki products in a few weeks.