cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Will Meraki MX has Application Controll or App ID for future?

SOLVED
Go to solution
MakaraMEAS
Getting noticed
‎03-25-2022 07:20 PM
‎03-25-2022 07:20 PM

Will Meraki MX has Application Controll or App ID for future?

Dear Community,

As you NGFW nowadays we can use L7 to apply on Firewall rules, this option seem not available on MX  ( I am not sure if advantage license has that). As my experience with other vendor, with hardware warranty license only they can run L7 on Firewall rules. If you have any advise or how to enable L7 on MX( enterprise license), please kindly share.

Thanks,
Makara,

M.MAKARA
Labels:
Subscribe
1 ACCEPTED SOLUTION
Ryan_Miles
Meraki Employee
Meraki Employee
‎03-25-2022 07:44 PM
‎03-25-2022 07:44 PM

We use the standard Cisco NBAR protocol packs. That includes 1500+ apps. You can create custom expressions in addition to that. https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Network-Based_Applica...

View solution in original post

Subscribe
9 REPLIES 9
Ryan_Miles
Meraki Employee
Meraki Employee
‎03-25-2022 07:24 PM
‎03-25-2022 07:24 PM

MX supports layer 7 rules with any license level. https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Firewall_Settings#Layer_7_Firewa...

Subscribe
In response to Ryan_Miles
MakaraMEAS
Getting noticed
‎03-25-2022 07:26 PM
‎03-25-2022 07:26 PM

I got you, you know we have thousands application. I cannot see that on MX. It is limitation? of required other setting backend?

M.MAKARA
0 Kudos
Subscribe
Ryan_Miles
Meraki Employee
Meraki Employee
‎03-25-2022 07:44 PM
‎03-25-2022 07:44 PM

We use the standard Cisco NBAR protocol packs. That includes 1500+ apps. You can create custom expressions in addition to that. https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Network-Based_Applica...

Subscribe
In response to Ryan_Miles
MakaraMEAS
Getting noticed
‎03-25-2022 08:09 PM
‎03-25-2022 08:09 PM

I would review, it should be match the requirement. Anyway this require request backend to meraki team right?

M.MAKARA
0 Kudos
Subscribe
In response to MakaraMEAS
DarrenOC
Kind of a big deal
‎03-26-2022 01:57 AM
‎03-26-2022 01:57 AM

Hi @MakaraMEAS , what do you see when you go to :

 

Security & SD-WAN > Configure > Firewall

 

The Layer 7 rules are configured on this page.  If you don’t have that view then your admin account doesn’t have access and you need to speak to your team.

 

403B8BA7-6B71-4E54-8E34-53E5D37AECD0.png

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Subscribe
In response to DarrenOC
MakaraMEAS
Getting noticed
‎03-27-2022 06:24 PM
‎03-27-2022 06:24 PM

I got you, I wish application or L7 here have more than 2 thousand apps.

M.MAKARA
0 Kudos
Subscribe
KarstenI
Kind of a big deal
Kind of a big deal
‎03-26-2022 03:18 AM
‎03-26-2022 03:18 AM

I would assume the original question is to have the flexibility like on an FTD to deny and allow certain traffic based on the App and not only deny as in the actual implementation. Yes, that would be nice.

Subscribe
In response to KarstenI
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎03-27-2022 11:45 AM
‎03-27-2022 11:45 AM

Thats how I read the question as well. 

btr.net.nz
Subscribe
In response to KarstenI
MakaraMEAS
Getting noticed
‎03-27-2022 06:26 PM
‎03-27-2022 06:26 PM

You are right, it should be by default deny, and flexible to use App ID( more than 2 thousands app), other features...

M.MAKARA
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2023 Meraki