Meraki

Community

Meraki MX is a NGFW or not

SCC
Building a reputation
‎Oct 9 2019 3:59 PM
‎Oct 9 2019 3:59 PM

Meraki MX is a NGFW or not

Hi All,

 

I am at a stage now, where i need to know clearly when we put a MX device it comes with Enterprise License or Advance Security License.

 

I want to know with the Enterprise License MX is just a stateful firewall, whereas as soon as we apply the advance security license does the same MX becomes the NGFW - NextGen Firewall ?

0 Kudos
7 Replies 7
AjitKumar
Head in the Cloud
‎Oct 9 2019 4:28 PM
‎Oct 9 2019 4:28 PM

Hi @SCC 

 

Going by the definition of NGFW. I may say "YES".

 

Recent introduction is HTTPS inspection.

However I follow @PhilipDAth on his views on HTTPS Inspection.

https://community.meraki.com/t5/Security-SD-WAN/MX-HTTPS-Inspection-Coming/m-p/45870

 

However for additional security we recommend Cisco Umbrella to our customers which can be easily integrated with Cisco Meraki Solutions.

 

You may check the following url for complete information on Cisco Meraki Firewall.

https://www.syndicateinfo.com/post/why-cisco-meraki-firewall

 

 

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network
In response to AjitKumar
Nash
Kind of a big deal
‎Oct 9 2019 6:15 PM
‎Oct 9 2019 6:15 PM

Hard agree that HTTPS inspection on a firewall is bad news. It's extremely resource intense on the firewall, and stinks of "crunchy outside, squishy inside" security design to me. If your security design could also describe a delicious candy, you don't want to do that.

 

@SCC What features are you looking to have? The advanced security license will get you access to AMP for HTTP-based downloads, an IDS/IPS, easy l7 geoblocking, and URL-based content filtering. 

 

If you know what you need to have, then we can help you figure out if the MX might be a fit. If you just need an "NGFW" to check off the box, then I think you need to really think more about what exactly you need and why.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
SCC
Building a reputation
‎Oct 9 2019 6:17 PM
‎Oct 9 2019 6:17 PM

@NashWith Enterprise License, Does I have any kind of security or not ? Does it not work or act like a Firewall with Enterprise License.

0 Kudos
In response to SCC
Nash
Kind of a big deal
‎Oct 9 2019 6:35 PM
‎Oct 9 2019 6:35 PM

Check out this link. I'd put it as a hyperlink in my original comment: https://documentation.meraki.com/MX/Other_Topics/MX_Security_Appliance_FAQ#What_is_the_difference_be...

 

It tells you what the Enterprise license provides vs Advanced Security. If I'm selling an MX to a client, we always sell with the Advanced Security license.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
SCC
Building a reputation
‎Oct 9 2019 6:40 PM
‎Oct 9 2019 6:40 PM

@NashThe thing is that as soon as the cost of Advance Security License is added it becomes too expensive for client and client started to compare with the SOPHOS XG Firewall which is cheaper and one time cost.

0 Kudos
In response to SCC
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 9 2019 8:06 PM
‎Oct 9 2019 8:06 PM

>Needed to build an extra phase 2 tunnel instead of putting 2 subnets in one phase 2 configuration.

 

The unfortunate thing is this is outside of your control.  You can simply put forward the solution you recommend.

0 Kudos
In response to PhilipDAth
SCC
Building a reputation
‎Oct 9 2019 10:14 PM
‎Oct 9 2019 10:14 PM

@PhilipDAthOhh Is it , this is on SOPHOS XG Firewall.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.