Meraki

Community

MR30H

Solved
Billy254
Just browsing
‎Jun 10 2020 11:47 AM
‎Jun 10 2020 11:47 AM

MR30H

Does MR30H device support intrusion detection?

0 Kudos
1 Accepted Solution
In response to Billy254
cmr
Kind of a big deal
Kind of a big deal
‎Jun 14 2020 1:56 AM
‎Jun 14 2020 1:56 AM

I'm pretty sure that none of the MRs have IDS.  MRs are intelligent wireless access points with some security features, mainly based around content access control.  i.e. controlling what the wireless clients of them can access.

 

MXs are firewalls and with the advanced or better licensing they include many of the features you are referring to including intrusion detection.

 

A 'full stack' Meraki deployment would have MRs providing wireless access, MSs to connect them up, power them and allow wired device access and MXs to protect the solution from the outside world.  MXs can of course also control outbound traffic.  MSs do have security features to control what devices are able to use each port and how their traffic is routed and controlled.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

7 Replies 7
Adam2104
Building a reputation
‎Jun 10 2020 12:15 PM
‎Jun 10 2020 12:15 PM

It looks to, according to the MR30H datasheet which you can find here:

https://meraki.cisco.com/lib/pdf/meraki_datasheet_MR30H.pdf

In response to Adam2104
jdsilva
Kind of a big deal
‎Jun 10 2020 12:42 PM
‎Jun 10 2020 12:42 PM

All Meraki AP's have support for Air Marshal. 

 

https://documentation.meraki.com/MR/Monitoring_and_Reporting/Air_Marshal

 

But the better question is do they have a dedicated scanning radio, or do they have to do opportunistic scanning with their main radios? The datasheet @Adam2104 linked to shows the MR30H's have a dedicated radio, which is by far the better option. 

http://blog.brokennetwork.ca | @jdsilva
In response to jdsilva
cmr
Kind of a big deal
Kind of a big deal
‎Jun 10 2020 1:12 PM
‎Jun 10 2020 1:12 PM

I thought @Billy254 was referring to physical security, like a server or corporate PC has, which I don't believe the MR30H has.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 10 2020 4:47 PM
‎Jun 10 2020 4:47 PM

The MR30H does not have IPS for general Internet traffic.

 

What the others are referring to is WiFi protection, but I'm not sure that s what you meant.

In response to PhilipDAth
BrechtSchamp
Kind of a big deal
‎Jun 10 2020 11:31 PM
‎Jun 10 2020 11:31 PM

Yup

 

WIPS aka Air Marshal: yes

IPS as in Snort: no, you need an MX with an advanced license for that

In response to PhilipDAth
Billy254
Just browsing
‎Jun 14 2020 12:22 AM
‎Jun 14 2020 12:22 AM

Hi phylip and thanks,

 

Whats the alternative for that ? Which model can offer an intrusion detection patch and other security features? Whats the differnce between MR and MX models?

0 Kudos
In response to Billy254
cmr
Kind of a big deal
Kind of a big deal
‎Jun 14 2020 1:56 AM
‎Jun 14 2020 1:56 AM

I'm pretty sure that none of the MRs have IDS.  MRs are intelligent wireless access points with some security features, mainly based around content access control.  i.e. controlling what the wireless clients of them can access.

 

MXs are firewalls and with the advanced or better licensing they include many of the features you are referring to including intrusion detection.

 

A 'full stack' Meraki deployment would have MRs providing wireless access, MSs to connect them up, power them and allow wired device access and MXs to protect the solution from the outside world.  MXs can of course also control outbound traffic.  MSs do have security features to control what devices are able to use each port and how their traffic is routed and controlled.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.