I am at a stage now, where i need to know clearly when we put a MX device it comes with Enterprise License or Advance Security License.
I want to know with the Enterprise License MX is just a stateful firewall, whereas as soon as we apply the advance security license does the same MX becomes the NGFW - NextGen Firewall ?
Going by the definition of NGFW. I may say "YES".
Recent introduction is HTTPS inspection.
However I follow @PhilipDAth on his views on HTTPS Inspection.
However for additional security we recommend Cisco Umbrella to our customers which can be easily integrated with Cisco Meraki Solutions.
You may check the following url for complete information on Cisco Meraki Firewall.
Hard agree that HTTPS inspection on a firewall is bad news. It's extremely resource intense on the firewall, and stinks of "crunchy outside, squishy inside" security design to me. If your security design could also describe a delicious candy, you don't want to do that.
If you know what you need to have, then we can help you figure out if the MX might be a fit. If you just need an "NGFW" to check off the box, then I think you need to really think more about what exactly you need and why.
Check out this link. I'd put it as a hyperlink in my original comment: https://documentation.meraki.com/MX/Other_Topics/MX_Security_Appliance_FAQ#What_is_the_difference_be...
It tells you what the Enterprise license provides vs Advanced Security. If I'm selling an MX to a client, we always sell with the Advanced Security license.
@NashThe thing is that as soon as the cost of Advance Security License is added it becomes too expensive for client and client started to compare with the SOPHOS XG Firewall which is cheaper and one time cost.
>Needed to build an extra phase 2 tunnel instead of putting 2 subnets in one phase 2 configuration.
The unfortunate thing is this is outside of your control. You can simply put forward the solution you recommend.