Meraki

Community

Best Practices for Using Meraki Firewalls as Data Center Firewalls

jOMeraki2
Getting noticed
‎Jan 13 2025 12:14 AM
‎Jan 13 2025 12:14 AM

Best Practices for Using Meraki Firewalls as Data Center Firewalls

Hello,

I am considering using two Meraki firewalls (configured in High Availability mode) as data center firewalls to manage traffic between servers and other VLANs.

I would like to know:

  1. Is it recommended to use Meraki firewalls in this role within a data center environment?
  2. What are the best practices for configuring Meraki firewalls for this use case?
  3. Are there any specific considerations or limitations I should keep in mind when implementing them in such a setup?

Your insights and recommendations would be greatly appreciated!

Thank you!

Labels:
0 Kudos
6 Replies 6
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jan 13 2025 2:04 AM
‎Jan 13 2025 2:04 AM

As always…it depends!

 

 

 

- budget

- overall solution design

- Firewalling requirements within the DC

- what issues or business requirements are you looking to address by implementing DC firewalls

 

 

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
jOMeraki2
Getting noticed
‎Jan 13 2025 7:23 AM
‎Jan 13 2025 7:23 AM

I have a client with a flat network who wants to deploy a firewall in front of the servers without changing any IP addresses or configurations. He also wants to enable syslog on the firewall for traffic monitoring and analysis. I want to configure the firewall as a bridge (Layer 2).

 

0 Kudos
In response to jOMeraki2
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Jan 13 2025 11:01 AM
‎Jan 13 2025 11:01 AM

If you are wanting Syslog check out this documentation and make sure that it covers what you are wanting to capture.

 

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Server_Overv...

 

Meraki use to offer free trials of equipment (not sure if they still do or not) so I would reach out to your Cisco rep and see if you can get something to have a play with. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
In response to jOMeraki2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 13 2025 11:43 AM
‎Jan 13 2025 11:43 AM

If I understand, all the servers are in a single subnet and VLAN, and the client wants protection from the Internet.

 

The MX will be fine for this simple use case.

In response to PhilipDAth
jOMeraki2
Getting noticed
‎Jan 15 2025 7:05 AM
‎Jan 15 2025 7:05 AM

I want to protect the servers from the user. This is a requirement from a state security institution to have a firewall placed before the servers, not the internet. I also have an MX67 as an edge device.

 

0 Kudos
RaphaelL
Kind of a big deal
Kind of a big deal
‎Jan 13 2025 4:50 AM
‎Jan 13 2025 4:50 AM

As much as I love Meraki and the fact that I don't know how large your environnement is, I wouldn't use a Meraki MX for that.

Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.