Long story short, my wife has a business with 2 MV cameras and an MX64W. This business is a gym for little kids and we want to give the parents the "star bucks experience". Being that I am a Cisco employee I could not resist the discounts so purchased an MX64W, an MV32, and a MV12N. I ordered the enhanced security licensing too. So now I also have Umbrella and am trying to link it. I have gotten the APIs linked in the dashboards and think I have enabled all features.
I basically point the MX64W DNS to resolve to Umbrella and I think away we go for protection with Umbrella? My goal is to have it when customers connect in via wireless to the MX64W their client will then be protected by Umbrella. Am I understanding this correctly is that all there is to it?
What are your thoughts on my protected network? Might seem like overkill here because I am deploying a good / high end solution for a mom and pop shop but credit transactions are processed here so I thought I would add it.
MS gnome and MV gnome were here — they've been safely returned home!
Having a similar setup myself...even without a business behind it, I‘d say that‘s a pretty great line of defense. Levering Umbrella, I‘ve seen many things in the meantime, I didn‘t even think I‘d ever see in my own environment. Not only here but especially in client environments. It really adds a huge amount of security.
Just to put things in perspective when using MX and Umbrella without the roaming client; if you take the Meraki security solution and remove 3/4 of the monitoring and capabilities - you get what you have in Umbrella.
In your Meraki Dashboard:
- Set Traffic analysis to "Detailed"
Security & SD-WAN/Threat Protection
- Set AMP to enabled
- Set "Intrusion detection and prevention" to Prevention and Security
Security & SD-WAN/Content Filtering
- Enable at least
++ Everything else you think is not appropriate
Consider enabling Safe Search. Also consider enabling the similar option for You Tube on the same page.