Confirming devices on our Meraki environment for Security and Audit concerns.

rhamersley
Getting noticed

Confirming devices on our Meraki environment for Security and Audit concerns.

Below is a report of all the devices on our network.  I am trying my best to identify each device on our network for audit and security concerns.   Anyone would know what devices are that I have Questions marks by?

 

I called Meraki support and they were no assistance on providing me any information.

 

Manufacturer-# Clients
Meraki-62
Other-226 (I am assuming this is all clients clumped into this category?)
Cisco Systems-1 (We dont have any other cisco hardware other than Meraki)
SILICOM-1 (??)
Edgewater Networks-1 (??)
Winstars Technology-63 (??)
LANNER Electronics-1 (??)

Adtran-1 (??)
Intel-65 (I am assuming this is intel processor but what devices make up this 65?)
Dell-7 (Im assuming Dell laptops?)
Wistron-4 (??)
Microsoft-4 (We have more than 4 microsoft products in our environment)
Wistron-1 (??)
RICOH-5 (We actually have 5 RICOH devices so this actually matches)
Universal Global-1 (??)
Polycom-32 (Our VOIP phones)
CLOUD Network Technology-1 (??)
infinias-21 (Badge readers)
LCFC(HeFei) Electronics-1 (??)
HP-2 (Printers)
CHONGQING FUGUI-1 (??)
Texas Instruments-1 (??)

5 Replies 5
rhamersley
Getting noticed

Also we are showing we have Windows 8 Operating Systems in our environment.  I know for a fact that we do not have Windows 8 Operating systems on our network.   Does anyone know why Meraki is showing we have Windows 8?   Another issue I need to explain our our auditors.

 

Would anyone in the world would know what "OTHER" category is????

 

 

OS# Clients
Meraki Network OS62
Other308
Windows 10279
Windows 839
Debian-based Linux1
Windows XP1
Ricoh Printer1

Meraki identify clients using a technique called OS fingerprinting. Each OS, and sometimes version of an OS, has a unique DHCP fingerprint. By examining a client’s DHCP request, we can tell which OS it is running.

 

Note: Some clients may misidentify themselves when specifying the User-Agent string field of an HTTP GET request. Device type policy enforcement is done on a best-effort basis, dependent upon the information that the client provides. 


 

In short, Meraki is not the best tool for identifying the type of OS.
 
You have to invest in an inventory or MDM solution to have more accurate information.
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Seconding this. Put 0 faith in whatever it is Meraki is telling you is on your network, and absolutely do not use this information for anything related to security or auditing.

 

I have 3 Nintendo XBox 360s on my network that can attest to this 🙂

 

Went digging through the Knowledgebase to see if this is explicitly called out anywhere that the client 'device types' are just semi-informed guesses. Closest thing I was able to find for reference is the following: Applying Policies by Device Type - Cisco Meraki Documentation

PhilipDAth
Kind of a big deal
Kind of a big deal

Are you seeing this under device manufacturers?  If so, then this is the company that made the NIC inside of the machine.

cmr
Kind of a big deal
Kind of a big deal

As @PhilipDAth said, it is the vendor who made the NIC in the device.  For the 63 Winstars technology items that you have, a quick Google leads to their site https://www.winstars.com/ and they make PC peripherals, in particular USB-C/Thunderbolt docking stations.  Would that make sense in your case? 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels