Good evening all,
I'm looking to see if anyone has had any recent experience or insights on rolling out Active-Directory integrated, Group Policy (meraki) based content filtering on a "large" scale. (20+ sites)
I know how to tie in Active Directory and apply group policies to implement content filtering
I tried something like this back in 2017, I was working with 39 sites throughout the US, 2 locations had Domain Controllers (for AD integration), and we had 200+ users.
We ran into issues as we continued to add 10+ sites. We began to see that the AD integration wouldn't work, or would work sporadically. That meant the content filtering would work... sometimes.
We opened up a case with Meraki and they said it was "working as designed" and we needed to have more domain controllers, or we couldn't use AD-Integration. They recommended, one DC-per-site because of how the MX constantly polls the DCs for related logon events. We were told the DCs weren't responding in time to the requests from 39 sites. The whole design was overloading the domain controllers, which would break the AD-integration and content filtering.
Anyone know if the technology has improved?
I just re-read through the related articles, and they don't seem to have changed.
Bonus: We were coming from a SONICWALL deployment that was able to perform the task above without issue because of their hub-spoke design.
