cancel
Showing results for 
Search instead for 
Did you mean: 

VPNFilter Malware Blog Post

Meraki Employee

VPNFilter Malware Blog Post

Hi All,

 

For those interested in the Meraki comment on VPNFilter. Please review the Talos blog post listed within this blog for most up-to-date and full detailed explanation

 

https://meraki.cisco.com/blog/2018/05/ensure-youre-secure-from-vpnfilter/

4 REPLIES 4
Getting noticed

Re: VPNFilter Malware Blog Post

Sorry, I might not understand this correctly... Since VPNFilter is obviously proven to be bad stuff and AMP already has its signature and blocking it why do I still need to manually create content filtering rules ( to block those Photobucket links ) and Layer 3 firewall rule to block those bad IP?

Meraki Employee

Re: VPNFilter Malware Blog Post

Hi Jack,

 

Good question. If you read the Talos blog post, it mentions particular routers that are vulnerable. Meraki MX isn’t one of them. However, if you have one of the affected routers elsewhere in your network, there is a small chance those other routers are affected. 

 

You are correct that have IPS enabled is the most important piece to keep the network safe. Content filtering and Layer 3 firewall rules are mostly redundant steps to provide additional safety. 

New here

Re: VPNFilter Malware Blog Post

Hey David:

So, at this time, the only possible additional protection right now for Meraki MX Enterprise users would be upgrade to the Advanced Security License. Correct?

Meraki Employee

Re: VPNFilter Malware Blog Post

Hi Castar,

 

You can implement Layer 3 firewall rules with the Enterprise license. However, content filtering and Intrusion Detection are part of the Advanced Security license.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.