"One small response from a member, a giant leap for the Meraki Community!" Congratulations!!!   ... View more

Yes - we did get alerts from our 120+ MX sites, I also remember this is not the first time AMP has incorrectly flagged Microsoft updates. ... View more

Nope, nothing happens, as if the AP is not detecting the change in PoE port. I have replaced the patch cord, just to be sure. Since the AP is already offline, I rebooted the MX and the AP is now back online.   I agree with @PhilipDAth, I see it in other remote MX appliances too in the field. I already opened a support ticket and hopefully, they will be convinced it is a hw bug or problem.    Thanks to both of you for your responses. ... View more

Thanks Adam - In response - no,  only one AP is used.. Every remote location has only one MR42 attached to the MX65 appliance. As I write this, the AP went offline again and I tried using the other PoE port - same result, MR42 AP is still offline (not receiving power from the MX). I'm sure if I reboot the MX appliance, only then the AP will go online again. ... View more

All traffic from the remote Z1 (corporate email and file share access including Internet) passes to the MX400 hub in our Data Center. We thought that making the MX400 as its default gateway, there will be some level of protection for our users in those remote sites. We were obviously mistaken. I'm surprised Meraki considered or categorized the Z1 (or the new Z3) as a 'security' device alongside the MX models when it only provides site-to-site VPN ...   ... View more

The EICAR test file download was NOT detected or even triggered an event at all in our the MX400 hub. The file was caught/blocked only by the endpoint protection software on the desktop. My conclusion here is the site-to-site hub-spoke setup between MX400 and Z1 is good only for VPN but does NOT provide any added protection at all to my Z1 users! Will have to re-consider now any further deployment of these devices in our remote users/smaller sites.  ... View more

Thanks for the reply.   I must have misinterpreted the "however, IDS scanning ... " in this Meraki site documentation that says: Security features over full-tunnel VPN In a full tunnel topology, all security and content filtering must be performed on the full tunnel client. The Exit hub will not apply Content Filtering, IPS blocking, or Malware Scanning to traffic coming in over the VPN. However, IDS scanning will be performed for this traffic   If this is the case, Z1 teleworker does not really offer any security to my Z1 users, not much use of pointing them to my MX400 .   Will try to the EICAR test as suggested and will let you know.   Thanks again.  ... View more