Meraki

Billy254 · ‎Jun 10 2020

Does MR30H device support intrusion detection?

cmr · ‎Jun 14 2020

I'm pretty sure that none of the MRs have IDS. MRs are intelligent wireless access points with some security features, mainly based around content access control. i.e. controlling what the wireless clients of them can access.

MXs are firewalls and with the advanced or better licensing they include many of the features you are referring to including intrusion detection.

A 'full stack' Meraki deployment would have MRs providing wireless access, MSs to connect them up, power them and allow wired device access and MXs to protect the solution from the outside world. MXs can of course also control outbound traffic. MSs do have security features to control what devices are able to use each port and how their traffic is routed and controlled.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

Adam2104 · ‎Jun 10 2020

It looks to, according to the MR30H datasheet which you can find here:

https://meraki.cisco.com/lib/pdf/meraki_datasheet_MR30H.pdf

jdsilva · ‎Jun 10 2020

All Meraki AP's have support for Air Marshal.

https://documentation.meraki.com/MR/Monitoring_and_Reporting/Air_Marshal

But the better question is do they have a dedicated scanning radio, or do they have to do opportunistic scanning with their main radios? The datasheet @Adam2104 linked to shows the MR30H's have a dedicated radio, which is by far the better option.

http://blog.brokennetwork.ca |

@jdsilva

cmr · ‎Jun 10 2020

I thought @Billy254 was referring to physical security, like a server or corporate PC has, which I don't believe the MR30H has.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

PhilipDAth · ‎Jun 10 2020

The MR30H does not have IPS for general Internet traffic.

What the others are referring to is WiFi protection, but I'm not sure that s what you meant.

BrechtSchamp · ‎Jun 10 2020

Yup

WIPS aka Air Marshal: yes

IPS as in Snort: no, you need an MX with an advanced license for that

Billy254 · ‎Jun 14 2020

Hi phylip and thanks,

Whats the alternative for that ? Which model can offer an intrusion detection patch and other security features? Whats the differnce between MR and MX models?

cmr · ‎Jun 14 2020

I'm pretty sure that none of the MRs have IDS. MRs are intelligent wireless access points with some security features, mainly based around content access control. i.e. controlling what the wireless clients of them can access.

MXs are firewalls and with the advanced or better licensing they include many of the features you are referring to including intrusion detection.

A 'full stack' Meraki deployment would have MRs providing wireless access, MSs to connect them up, power them and allow wired device access and MXs to protect the solution from the outside world. MXs can of course also control outbound traffic. MSs do have security features to control what devices are able to use each port and how their traffic is routed and controlled.

If my answer solves your problem please click Accept as Solution so others can benefit from it.