I believe the advantage of the pre-defined Umbrella rules, other than the way that Umbrella works (if you call that an advantage - I know it’s debatable), is the speed that updates (especially for malware) are pushed into the Umbrella DNS servers. The Umbrella based classifications are managed by the Cisco Talos team and are continuously feeding into the Umbrella system, as is their finding regarding malware. Along with Umbrella’s machine learning for things like DGA’s it provides a great level of protection.

The inbuilt content filtering in both the MR and MX is fed by BrightCloud and relies upon inspection of URLs. The update process is not as quick - generally BrightCloud has to update the listings, and then the device needs to download the listings - and you could argue that URL inspection itself is more CPU intensive than the DNS based approach of Umbrella.

I would say that the full version of Umbrella integrated with Meraki MR or MX is a great solution (it’s far more granular, and can provide protection for off-net clients), but I do tend to agree that with the pre-built bundles its less clear cut, although the added malware protection alone may make it valuable.

Hope this goes some way to providing some guidance.

Note: the predefined Umbrella policies are only available on the MR with the Advanced License. I don’t believe the predefined bundles have made it to the MX yet, you have to do an integration with a full Umbrella license.