We have a meraki MX64 till last summer in our company and i am looking for answers of how to configure it as best as possible. We have no serious problems
Here is my configuration
The primary wan port is enabled by default (we have an internet bridge connection on it) and i also configured the Lan 4 port as wan and we have also a bridge internet connection on it
The meraki is enabled as dhcp server and we have no wireless connections on it . I mean that we do not have wireless access on our company network. For this case we have a 3rd router which is only for wireless and is outside of our company network (for customers or for our mobile phones)
For the operation of port forwarding i have only one rule for a port of our server and 1 static ip from outside is allowed to have access on this port
I blocked some website categories like sex,drugs,guns and i added 2 firewall layer 7 rules in order to block p2p networks and online gaming
I have enabled the advanced malware protections and intrusion detection
The last week one time a day i have these events and i don't know what they are
Intrusion detection started
Intrusion detection error
Intrusion detection rules update
We also have an endpoint protection the last month which is fine (seqrite) .
So, we have no serious problems but i want your advices how to add a better protection on meraki by adding some usefull rules
Hi @ManolisFr it really depends on what else you might want or need to restrict based on company policy for example. But generally speaking, another common L7 FW deny rule is to block all peer-to-peer traffic for example. And since you have the Advanced Security license to leverage Content Filtering, IPS and AMP, you might also consider putting geo-FW rules in place to block all traffic to/from specific countries. Another common practice is to set a global per-client bandwidth limit on the SDWAN & Traffic Shaping page, so no one client or group of clients can hog too much of your ISP's bandwidth, perhaps 5 or 10Mbp with Speedburst enabled for example. Since you have 2 ISP connections on WAN1 and WAN2/LAN4, you can also adjust the bandwidth sliders to the appropriate levels on that same traffic shaping page. Hope that helps, perhaps that's a start at least, not sure what else you might be looking to do.