Meraki

Community

Firewalls in Separate Org

Clarke_WD
New here
yesterday
yesterday

Firewalls in Separate Org

We are switching to Spectrum Managed services where we have them managing our firewalls.  Our switches, APs and sensors would remain in our current org while the firewalls would have to be in the Spectrum ORG.

 

We would have two separate dashboards, I am told by Spectrum this is totally fine to do and our current MSP that we should not do this as the system will not function as well.

 

I believe it creates a little more work for setting up rules and settings as they may need to be done twice in some instances.  

 

Has anyone else kept firewalls in their own ORG without issues?

0 Kudos
4 Replies 4
Mloraditch
Head in the Cloud
yesterday
yesterday

I don't recommend it, but I've been in a situation exactly like this with a client. You may experience some disparity in client tracking/traffic analytics data between the two dashboards and troubleshooting will be a bit harder, but it will work.

You are also right in that certain things like group policies may need to be created twice.

 

I strongly recommend crunching the numbers. I'm not familiar with Spectrum's pricing but the math doesn't usually math on these things, but some operations just like doing OpEx vs CapEx even if it's more in the long run.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
BlakeRichardson
Kind of a big deal
Kind of a big deal
yesterday
yesterday

I would strongly advise against this, it's much easier and safer to give the MSP a login to your Org.

 

What Spectrum are suggesting is not best practise.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
yesterday
yesterday

I'll offer a dissenting view.

 

Let's pretend you don't have access to the Spectrum.org or that you simply never log into it.

 

Now you are like every Meraki customer with just switches and MR (and I have customers like this who use MPLS WANs).  Do these customers ever have an issue, no.  They still get great rich visibility of their network, and still have access to a broad range of troubleshooting tools.

 

In your case, you will have that PLUS the option to log into another dashboard and see the network from the security appliance's view.

In response to PhilipDAth
Mloraditch
Head in the Cloud
yesterday
yesterday

I think there is a difference if you've never managed the firewalls and/or are coming from something besides Meraki. The way I'm reading OPs post is they already have Meraki in their own org and do day to day management and will still be doing day to day management and may actually own the hardware and/or licenses.

 

I presume Spectrum is offering some sort of MSSP type services and hence requiring they be in Spectrum's managed dash for integration reasons, but if you are in the scenario I think they are in, I don't know how that doesn't just make things harder for them.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.