Meraki MX Advance Security License

Building a reputation

Meraki MX Advance Security License

Hi All,


One of the client has asked me if i would be paying for such a expensive license for MX which is Advance Security License. Does it mean i can have Machine without antivirus behind MX. Becasue Advance license does has AMP.


Please advise ?

Getting noticed

Hi @SCC 


I most definitely would ‘always’ have AV running on your desktop / server environment.


Security has and always will be a layered approach.


there is no silver bullet



Getting noticed

Endpoint AV and gateway security are complementary technologies, they are two layers of defense, not meant to substitute for each other.


As an example:


You need an endpoint AV because it’s easy to hide traffic from a network gateway. For example, if a virus uses a password protected ZIP file (or encryption) to download its payload, or even HTTPS , a gateway cannot detect that threat, but an endpoint AV can easily see the infected file as it’s being unpacked.


And an endpoint AV is potentially weak because a virus running on the endpoint can attempt to disable the endpoint AV, but because such a virus does not compromise your MX, it cannot disable protection on the MX.

Kind of a big deal
Kind of a big deal

Amen to what these two gentlemen said! Never ever try to concentrate on one single solution when it comes down to security. This is completely going to fail big time, hopefully the reasons already mentioned are already enough.

Kind of a big deal
Kind of a big deal

That's like saying do I need to pay for expensive airbags in my car if I use a seatbelt?  You want to have multiple layers of protection to keep you alive.


You want to have multiple layers of security to prevent compromise and infection.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.