ECMS2 Curriculum

Meraki Employee

The ECMS2 curriculum is comprised of 15 lessons and supplemental lab exercises. Attendees will be familiar with the topics listed below after attending an ECMS2 session.

Lesson 1: Planning new Meraki architectures and expanding existing deployments

  • Identify optimal Meraki networks architectures (organization/network sizing and limitations)
  • Plan for and complete license renewals through the Dashboard


Lesson 2: Designing for scalable management and high availability

  • Design Meraki organization administrative structure using tags (network and device tags)
  • Design highly available and redundant networks through the use of MX warm-spare and MS physical stacking technology
  • Design high density wireless networks (access point calculations and SSID configurations)


Lesson 3: Automation and scaling Meraki deployments

  • Utilize SAML for scalable role-based access control
  • Explain the capabilities and limitations of Templates and Network Cloning
  • Explain and identify ideal use cases for the Dashboard API


Lesson 4: Routing design and practices on the Meraki platform

  • Design proper static and dynamic routing topologies based on network needs
  • Explain dynamic routing capabilities on the MX appliance platform
  • Explain dynamic routing capabilities on the MS switch platform
  • Configure OSPF across the network as the dynamic routing protocol
  • Leverage BGP to expand networks and improve WAN performance


Lesson 5: QoS and traffic shaping design

  • Identify the configurable quality of service (QoS) mechanisms across the LAN and WLAN
  • Prepare for VoIP and video traffic using class of service (CoS), DSCP tags, and wireless traffic shaping
  • Configure policy and performance-based routing on the MX appliance platform


Lesson 6: Architecting VPN and WAN topologies

  • Design highly scalable VPN architectures (full mesh, hub-and-spoke)
  • Explain the underlying mechanisms of Meraki Auto VPN (VPN registry, UDP hold punching)
  • Explain the fundamentals of Meraki SD-WAN and its processing algorithm
  • Design Meraki SD-WAN architecture with performance-based routing
  • Extend networks and services into the public cloud (Azure and AWS)


Lesson 7: Securing the network with Advanced Security features

  • Explain the default traffic flow and layer 3/layer 7 rules processing order of the MX appliance platform
  • Identify the security intelligence engines and definition databases the MX appliance platform leverages for network protection services (Cisco AMP, Threat Grid, Snort)
  • Identify and enable content filtering at various levels for desired traffic refinement


Lesson 8: Switched network concepts and practices

  • Prepare access policies (802.1x) using Meraki authentication
  • Properly utilize templates, cloning, and switch profiles
  • Design guest access for LAN/WLAN utilizing Meraki best practices


Lesson 9: Wireless concepts and practices

  • Configure Dashboard maps and floor plans
  • Formulate RF profiles to prepare for challenging/variable RF deployments
  • Configure WLAN access control options based on design requirements
  • Enable the network for Bluetooth scanning and BLE beaconing
  • Utilize Air Marshal for intrusion detection and mitigation


Lesson 10: Endpoint management concepts and practices

  • Explain the different device enrollment and profile deployment methods
  • Design a native containerization strategy to separate work from personal data on endpoints
  • Identify and implement various application deployment methods
  • Assemble and implement security policies which cater to various restriction requirements
  • Construct a network deployment that leverages SM Sentry


Lesson 11: Physical security concepts and practices

  • Explain the MV platform’s edge architecture and underlying video delivery mechanism (local vs. remote video access)
  • Design a retention policy using various local or cloud-based storage strategies
  • Configure MV cameras for wireless deployments
  • Explain and demonstrate how to effectively utilize advanced analytics and MV camera APIs


Lesson 12: Gaining additional network insight through application monitoring

  • Explain how Meraki Insight is able to provide network assurance through the use of performance metrics and scores
  • Qualify and properly size Meraki Insight licenses
  • Configure, monitor, and track predefined and custom web application thresholds


Lesson 13: Preparing and setting up monitoring, logging, and alerting services

  • Explain Dashboard’s integrated historical log databases (event vs. change logs) to be leveraged for effective activity analysis
  • Identify the various monitoring tools within Dashboard (native analytics, Topology)
  • Demonstrate effective network-wide alerting best practices
  • Utilize the Dashboard API to monitor and maintain Meraki networks


Lesson 14: Setting up Dashboard reporting and auditing capabilities

  • Generate and interpret on-demand or recurring Summary Reports for key performance metrics
  • Track and manage firmware releases and prepare for staged upgrades
  • Recommend proper actions to meet PCI DSS (2.0 and 3.0) compliance


Lesson 15: Gaining visibility and resolving issues using Meraki features and built-in troubleshooting tools

  • Interpret event and change logs to troubleshoot client and network issues
  • Classify and compare security threats via the Security Center
  • Assess wireless intrusions, failures, and network access issues through Dashboard’s RF tools (Wireless Health, Air Marshal)
  • Assess root cause of application performance issues with Meraki Insight
  • Explain the detailed VPN tunnel information and the VPN Registry found on the VPN Status page
  • Utilize the Local Status Page as an alternate connectivity method to perform local troubleshooting