Meraki MX with Umbrella SIG Advantage

JasonD_NSI
Here to help

Meraki MX with Umbrella SIG Advantage

 I was recently given an Umbrella SIG Advantage lab account, which I gleefully associated with my Meraki home lab network, using the Cloud On-Ramp feature and configuring my MX up as a VPN spoke. First I used the US East coast servers, then I used the US West Coast servers, and minimal policy setting.

 I have to say, it has not been the most impressive experience. Very slow performance, several pages stalling out altogether, and frequent notifications of VPN disconnections, even with just default Umbrella SIG policies set. I have completely broken it down and built it back up at least 3 times. I am curious to know if folks have been having similar experiences or whether I need to have a go at it again.

4 Replies 4
CptnCrnch
Kind of a big deal
Kind of a big deal

Completely different experience here (and also for several customers aswell). You'll have to pay close attention especially with HTTPS decryption as this needs quite a lot of exceptions because of Cert Pinning. Also, Microsoft 365 has to be handled specifically to your needs.

PhilipDAth
Kind of a big deal
Kind of a big deal

In my country (where Gigabit fibre is common) I found SIG really slows things down.  I won't sell it to my clients because I don't want to deal with the performance complaints.

 

If your country typically has slow Internet (like Australia) then you are less likely to notice.

Lukef
Here to help

Hi Team also have some questions on SIG. If for some reason the VPN goes down, I'm guessing (like third party vpn default route) that the internet connection will not fail over taking the vlans protected by this offline.

 

Could someone confirm this ?

 

EDIT>

Looking the SIG can now be integrated to Auto VPN so that is a plus. What is the overall feedback of SIG? Is it worth the money or should we egress through a third party firewall solution?

 

 

 

 

CptnCrnch
Kind of a big deal
Kind of a big deal

Especially regarding the AutoVPN integration, it's definitely worth it! 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels