Meraki

lawrie · ‎Feb 2 2021

Hi Folks,

I am new to this meraki dashboard. I have noticed there is a section under the Security Centre that shows all the events of the Most afffected Operating System. I want to know what these events are and is it affecting operating systems within my domain or are these remote operating systems?

What about the unknown Operating Systems?

DarrenOC · ‎Feb 2 2021

Hi @lawrie , the list of countries on the right and external IPs are a list of external threats that the MX has detected and hopefully blocked. Worth clicking through and identifying what’s been happening.

The list of devices at the bottom, Windows and Unknown are OS types on your network. If you click on the unknown ones it should give you a list of devices and IP addresses so you track them down on your network.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

lawrie · ‎Feb 3 2021

Hi @DarrenOC Thanks for the explanation. I have tried clicking on the Unknown OS types but nothing happens. All i see is a red line next to the Unknown OS label.

As far as i can tell these threats are allowed by Meraki. I assume these files are scanned by Meraki before being allowing into my network?

CptnCrnch · ‎Feb 3 2021

A little bit of background from Merakis documentation:

https://documentation.meraki.com/MX/Monitoring_and_Reporting/Security_Center

This should answer some of your questions.

Meraki

Community

Security Center MX Summary

Security Center MX Summary