It starts from customer's question : "Can you control Windows update data via Meraki's SD-WAN feature?" When I got that question, I became quite curious too, so I asked about it here.
But even it was from Meraki employee's reply, I was little unsatisfied. I still cannot understand why answer was about contents filtering menu even though I asked about SD-WAN related features. However, as he suggested in second reply, I opened case to get details about SD-WAN policy categories. And it makes me write first ever ranting to TAC.
First thing that triggers me was TAC said almost exactly same thing as reply that I got from link above. And it get worse when TAC said to me to "test with L7 firewall rules to check whether Windows Update is included in Software & anti-virus updates category." Links to document about blocking app with L7 firewall was sprinkling salt on top. Both says that they misunderstood my question. But why on earth they misunderstood when I clearly wrote "SD-WAN policy".
Second, even I opened case as suggested, but TAC says that they don't have detailed list for SD-WAN policies. It doesn't makes sense at all to me. One person says that I can get desired information via opening case, but when I opened case as suggested, I got nothing. Is it that hard to have and provide details about features that Meraki is pushing really hard and made "another separate licensing" to support it?
At first, I agreed with Meraki's philosophy. It makes me quite easy to build and manage networks. Even customers are quite satisfied. Now their requirements are getting more complex and I want to keep suggesting Meraki to more customers. But these kind of black boxing about features makes me hard to suggest Meraki any more because I'm not sure whether Meraki can provide what they want, and can I adopt requirements using Meraki.
It became little ranting, but I felt that I have to say about this. I always agree with simpler network philosophy, but at least let administrators know what's under the hood. I'm sure that it will make Meraki more suggestable options to more customers out there.
Definitely understand how you feel! When speaking about Meraki to folks I constantly compare the good with the bad. If you look at some of my posts even on this forum, you will see where I am can be critical of what Meraki has to offer versus other competitors. I have had tense calls and in-person meetings with various people from Meraki.
The simplicity is nice, but administrators need a bit more.Why do I need to call into TAC to get a live view of my CPU utilization which is different from the device utilization? Sure, I can find all that via APIs, but if it's there in support's dashboard, why can't it be in mine? The answer I've always gotten is "If you run into a problem, support WANTS you to reach out", but that's not a satisfying answer. I don't feel great about having to call support for every little problem that I could easily diagnose or fix myself if I had the option to do it. It irks me when the SE tells me "Oh, that's only a change that can be made in the back end".
I will still pitch Meraki as a possible solution for some situations, but I am also pitching other things as well. Your feelings are valid.
I apologize for the trouble. I have checked the case and am working with the NSE on that case to get a report forwarded to our internal team to give us the answer regarding the Windows Update being a part of Software Update SD WAN Category. We will also be requesting for a KB detailing these categories, but the KB might take slightly longer time to be published.
@Kamome and @Mr_IT_Guy I understand that there are a lot of features and options in the services we offer that could have more customer facing detailing and documentation. We are working very hard on getting more features than ever built and opened for customer use. An example of this would be Firmware Version. This was not public facing until a few years ago but we have had some significant strides on this now. I understand the frustration when you have to call into support to get a change made or details on some internal logs.
That is why we recommend customers to submit feature requests and Meraki Product management continuously releases new features after looking at customer submissions. We love building and releasing new features for customers to use and simplify their networking.
I once again apologize for the trouble and confusion. Feel free to reach out to me here if you have any questions or concerns.
I appreciate you and all the other Meraki employees taking the time to respond and be active on the forums. It really does show Meraki's commitment to delivering a great product.
I was a part of the firmware version conversation. I remember meeting with the head of the MX line and having multiple hour long discussions about it. I remember being told that I just don't get Meraki's philosophy. I remember being told as the customer making the request that customers aren't requesting that feature. I remember hearing that this was something for internal use only because firmware numbers change so often. I remember fighting with the team for over a year and then we got firmware versions.
I currently have two other battles that I am facing: the event log is broken, a case I've had open for 2 years, and Geo-IP filtering isn't perfect yet. With the event log issue, I was told that this was something that was being worked on, but it wasn't a priority as it wasn't as profitable to Meraki. For the Geo-IP filtering, I was told that the system is working as Meraki intended but when I bring up how other companies do Geo-IP, I either get dismissed or "We'll work on it". That ticket has also been on-going for a long time.
I should NOT have to make a feature request for things that are broken, and yet I did. I have stopped for awhile because I was tired of going in every day to make the request.
All this being said, I generally do love the Meraki product! I pitch it to very often and when I do I speak of the good and the bad. It's okay that there's some bad, that just means it gives you time to listen to your customers. Just know that some of your customers want a few more advanced features.
This thread reminds me of a part of the definition of engineering: it's a matter of trade-offs.
As I understand it, the Meraki philosophy was something like:
The trade-off of that approach is what you're describing. Plus, because the UI is all web/cloud/browser oriented, everything that involves exposing a feature in the UI means non-trivial amounts of coding and UI/UX validation / regression testing effort.
Unfortunately, that means that, assuming the API is exposing a given feature, the fastest way to turn the nerd-knobs is via one-liner CURL commands against an API element. OMG-we're back to Linux again and hundreds of commands you have to research through MAN pages to find the ones you need, because you only use a few of them and only a few times a year, etc.
It would be interesting to see if Meraki would consider a feature that the Asus and Netgear-level SOHO device UIs have had for years: 'Advanced Mode'. This means they go ahead and build a UI for every possible feature in the product and hide it behind 'Advanced', maybe even with a click-thru warning 'this may break your network... you may get fired... your network may accidentally launch missiles if you mess this up...', etc.
Then, if an admin, MSP, or even customer needs a nerd-knob, it's already there, no (or hopefully fewer) TAC calls, and all is right with the world. Now we can just spend our time in the make a wish zone asking for features. ;0)