I've only ever used bandwidth as the criteria to suggest MX models... IE, up to 300mbps aggregate, the 67; 300-600mbps aggregate, the 100, etc.
A potential cx (who's pretty savvy) balked at the MX67, despite bandwidth being about 150/30 across both WAN ports, based on workload... throwing the "max of 50 clients for the MX67" at me.
Sure enough, the MX67 data sheet lists 50 max clients. Like, dayum!
What I can't find a definition for is what kind of clients? VPN clients? Wifi clients? Simultaneous internet users being PAT'ed? Surely not 50 people using the MX for a blend of all of the above, and just using routing, right? Anyone found a meraki doc that elaborates on who the 50 are, and why the number is so small (and is it a guideline at best, and, say, 100 is the theoretical "max")?
Otherwise, the cx will need to bump to the MX84 (max of 200 clients) for no other reason.
It depends on what features you have enabled and how many of those the clients are using. We have small MXs (64/65/67) for our public internet connections and they cope with 200 or so concurrent users who are just accessing the internet with only the enterprise feature set and a basic set of filters. The devices cope just fine and can even go to 400 or so without issues. The most bandwidth any of them has is 120Mb across two circuits.
Sorry @Mike_Robo_SK I haven't seen any documentation regarding it, I have simply observed that they can easily handle that number of clients in real life (with only the basic feature set enabled). We had to change the DHCP scope for public users to a class B network (well a /19 as the MX will not issue more addresses than that) due to us regularly having more than 250 users within the 1 hour lease time, since then the numbers listed have been seen live at one time.
>Sure enough, the MX67 data sheet lists 50 max clients. Like, dayum!
>What I can't find a definition for is what kind of clients? VPN clients? Wifi clients?
Any kind of client, more specifically any kind of device. Each MX has a limited amount of RAM and CPU. All of that device tracking doesn't come for free. Security features like IPS and AMP use a lot of CPU. Client VPN requires a lot of CPU for encryption.
I always size based of the Meraki MX sizing guide. I wouldn't want to put a solution into a customer, have an issue, and then have support telling me I am exceeding the recommended guidelines and leaving me to it.
Issues you may run into include stability problems (the MX crashing when running too low on RAM) and performance issues.
I've personally been asked to assist with a case where a customer was having issues with their MX - and it was purely because the MX being used was too small for the job.
The customer had a hard time accepting they had bought a unit too small for the job. They kept quoting throughout figures (sound familiar?). In their case it was stable, and performance was fine with a small number of users but as the number of users increased to their maximum the overall performance dropped.
You have to stick to what’s in the datasheets purely for the reason that @PhilipDAth @state’s. Hit an issue further down the road and support will literally throw the ticket out due to the device not being sized correctly. An expensive error.
@Mike_Robo_SK the earlier answers are spot on regarding the MX Sizing Guide. The three primary factors are 1) how many clients, 2) how much bandwidth, and 3) how many tunnels (if running an AutoVPN solution for example). And the data sheet numbers are not meant to be "drag strip" numbers, but realistic values with ADV SEC features enabled.
The clients count is a generic 50 simultaneous clients for those MX6x platforms, and can be the typical mix of wired, wireless and VPN clients on the typical variety of client devices. There is no stated "theoretical" max number of clients and 50 is not a hard limit, like you said the sizing guide specifies guidelines, not maximums. I've seen deployments with a mix of 100 simultaneous clients run just fine through an MX65W for example, but it depends on the deployment and applications in use, and obviously which advanced features are enabled.
If the customer is only going to have perhaps 150/30 Mbps throughput requirements but also have on the otder of a hundred users, then yes, I'd go to the MX84. However if their application traffic footprints/requirements are relatively light, and you're not turning on heavier hitters like AMP/IPS for example, and if it's price sensitive, you could perhaps use an MX67.
But as a best practice, I'd never recommend intentionally under-sizing the platform, the application and performance requirements only tend to grow. As a rule of thumb, size the platform based on the largest of all 3 factors (clients, throughput, tunnels) and work your way back from there (if needed, to justify a smaller appliance) by considering the specifics of the use case, applications in use, and features enabled.
Hope that helps!