How Do You Configure MX67 Firewall to Fail Closed?

Solved
MKK
Conversationalist

How Do You Configure MX67 Firewall to Fail Closed?

I'm a newbie to Meraki and to hardware firewall set up.  I need to ensure my MX67 firewall is configured to fail closed if some type of security breach were to occur.  Hopefully this is possible on MX67 model.  Any helpful hints or tips would be greatly appreciated!  

 

Thanks!

1 Accepted Solution
BlakeRichardson
Kind of a big deal
Kind of a big deal

@MKK What you are asking isn't possible with any vendor, firewalls just don't simply work like that. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal

I think what your asking for is threat protection, do have IPS block threats.  This talks about how to enable it and the settings:

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Threat_Protection 

MKK
Conversationalist

Thank you - very helpful.  So, based on the article link below - it looks like the threat protection configuration options are only available with the advanced security license.  I have the enterprise license which includes "secure connectivity and basic security".  What I am really looking for is the ability to configure the firewall to default to closed and block all traffic when the firewall filtering function aborts or is nonfunctional.  Is this really something that is only available with the advanced security license or would I still be able to accomplish this with an enterprise level license?  Again - I'm a network newbie, so am trying to figure all of this out.  🙂

ww
Kind of a big deal
Kind of a big deal

That is not possible with any license.

 

There is also no status indicator if the fw or filter works or not. So its also not possible with the api.

 

MKK
Conversationalist

Ok - thanks for info and response - just working through my learning curve.  

BlakeRichardson
Kind of a big deal
Kind of a big deal

@MKK What you are asking isn't possible with any vendor, firewalls just don't simply work like that. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
MKK
Conversationalist

Ok - thanks for the clarification.  

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels