Community
  • About Gjzawada
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

MS 220 Port Mirroring - Many to Many?

by Gjzawada in Switching
2 weeks ago
2 weeks ago
Hi all, is there a way to set up a many to many mirror on the MS220?  Example: ports 1-20 mirrored on ports 22 and 23.  I know we can set up a many-to-one no problem, but looking to have it on two ports if possible (cloud monitoring service using the mirrored ports).  Thanks! ... View more

Re: Trying to determine of an message is just a normal operation or concern

by Gjzawada in Security / SD-WAN
‎07-18-2019 12:39 PM
1 Kudo
‎07-18-2019 12:39 PM
1 Kudo
The volume of alerts within that timeframe isn't too exceptional, but still bears review.   The first one is a little bit more high level than the second.  The PROTOCOL-DNS alert was first discovered a few years back, and is tagged as  CVE-2015-7547.  Not specifically a major threat, but there was a known vulnerability found a few years ago that affected quite a number of Cisco devices.  More information on that can be found here: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20160218-glibc.html. The second, INDICATOR-COMPROMISE, depends a little more if you happen to have a PCAP of traffic from that device.  It could be nothing, could be indicator of something else, but if you can pull a full packet capture on it, that should give you a little more info of where it lies. In the meanwhile doesn't hurt to isolate that Android client until you get a closer look at it.   Sidenote, but the above could depend on the tier you have your IDS/IPS settings at.  Balanced is typically my SOP on deployment, I've found Security to trigger a number of false positives.    Depending on any other issues on the network and how long its been since the last review, I always suggest to people to get a security audit completed, either through a VAR or a smaller firm.  ... View more

Re: Meraki Go switches?

by Gjzawada in Off the Stack
‎07-18-2019 12:17 PM
‎07-18-2019 12:17 PM
Unfortunately I don't really see this being a play for Meraki, it would stomp on a couple other pieces in their portfolio.  A few other people mentioned the MS120 as a low-end Meraki switch, though its not cross-compatible with the mGo gear.  The Cisco SMB switches are really the ones aimed at this type of deployment, like the SG250s and whatnot.  I think having a mGo switch would be nice, if there was a way to get everything on the same app (the big draw to mGo in my opinion), but at that point we're starting to dip our toes into full Meraki anyways. ... View more

Re: Devices allowed in multiple organisations

by Gjzawada in Dashboard & Administration
‎07-02-2019 01:31 PM
‎07-02-2019 01:31 PM
That's certainly worrisome... when you say you added the device and its visible in other orgs, do you mean it was fully "claimed" and added to a network, or only that its showing as available on both orgs?  If its been claimed and you're still able to add it, I would certainly open a TAC ticket. ... View more
© 2019 Meraki