Traffic analytics without an MX

Adam2104
Building a reputation

Traffic analytics without an MX

I was hoping I could get some input into what I might loose from a traffic analytics perspective if I remove the MX from my full stack environment. Right now I have an MX67, several MS120-8 switches, and a few MR42 APs. I'm considering dumping the MX67 for a Firepower1010 for the increased performance and IPv6 capabilities. If I remove the MX67, will I be missing out on some traffic analytics? Or, will the MS and MRs fill in the gaps?

8 Replies 8
PhilipDAth
Kind of a big deal
Kind of a big deal

You probably won't notice much of a difference for traffic analytics.

SoCalRacer
Kind of a big deal

True you probably won't lose much, but not sure I would recommend the swap. 

cwf
Getting noticed

Just off the top..

* You would be adding an additional point of management and touch.

* vlan management would not be as straight forward

* loss of integrated packet capture on the WAN ports

* No more concentrating SSID's to your security appliance

 

I may be biased 😃

 

DarrenOC
Kind of a big deal
Kind of a big deal

Hi @Adam2104 

 

I personally would keep your design simple and leave the MX in place. If you want more throughout then increase the spec of the MX.

 

I find the traditional Cisco firewalls cumbersome to configure.  With the fullstack you have a single point of configuration, support, visibility etc

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Adam2104
Building a reputation

@DarrenOC Sadly, just up'ing the spec of the MX isn't really viable. The only MX that meets/exceeds the performance of the Firepower1010 is the MX100 which has a list price of $4995, without a license. The Firepower1010, without a license, lists for $1195. It also has a proper VPN client, IPv6 support, two PoE+ ports, a much smaller footprint, no fan, etc. I'm extremely familiar with Cisco's firewall line, so the configuration differences aren't really a concern.

DarrenOC
Kind of a big deal
Kind of a big deal

I think then you’ve answered your own question 😁

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Adam2104
Building a reputation

@DarrenOC Well, not really, the question wasn't "which hardware is better?" it was about traffic analytics and the impact of removing the MX.

Adam2104
Building a reputation

Just to follow up on this I decided to keep the MX67 in place. The FP1010, while faster and more capable in most areas seems to be particularly fragile, both in the FTD software for the FP1010 and the management center software. 

Get notified when there are additional replies to this discussion.