In 2018, one of the challenges of the IT team is to adapt the network infrastructures to the strategic goals of the organization. With more mobility and many applications that are hosted in the cloud, IT managers are under pressure because they need safer, more agile and more efficient networks. We all felt uneasy when the door of a technical room is open because obviously it looks more like a "plate of pasta" than the result of a structured thought. Yes, current LANs are probably unsuitable because they have been imagined they are many years for other uses. They are often vulnerable because it’s difficult updating their "firmware", they keep often some vulnerabilities. The level of security is probably lower than on WLAN access. The first resolution is better to understand the current uses of LANs (wired) with better visibility especially at application levels (L7). Applications have migrated to the cloud; probably the uses of workstations also evolve. Workstations (tablet, surface, MacBook, ...) allow mobility which will imply the implementation of a WLAN and reduce wired access for workstations. An MR with multi-gigabit access switch could reduce the cost (cabling and access equipment). An MS350-24X switch can collect it in Multi Gigabit up to 8 MR 53 (802.11 AC Wave 2) which will reduce the number of cables at the technical premises that increase the bandwidth with 10 GbE links to the core of the network. Indeed, it's easy in 2018 to imagine that a 48-port L2 switch is cleverly replaced with only one powerful MR (802.11ac wave2). This immediately reduces the clutter in the technical rooms. Imagine the transformation in a building if the access to the network is mainly carried out through the MR53. Communication evolves, it is possible to give up an IP phone set on his desk in favor of a Bluetooth headset and an application like Sparks on a "Surface", it reduces the dependence "wired" to the benefit of more mobility. The second resolution is to increase the security level when accessing workstations (802.1X / ISE for example). This will also allow the dynamic allocation of VLAN is facilitate the trivialization of access "copper" that can persist. It also provides the same level of security for "wired" and "Wi-Fi" access. Finally, with a Dashboard, it is possible to have a wide visibility and to launch remote tests, traces, with to the tools available on the MS, MR and MX. It's better understand the uses of the users for constantly adapting the infrastructure to the needs and facilitated everyone's mission. A resolution is also through remote work to decrease the presence in offices and on the roads. We can devote at least a day of work a week at home with a Z3. For the few cables that will remain, there is a MV camera could check that the installed cables keep the right length, the right color and that all the closet (with the opened door) stay pleasant to Watch!
... View more
Many important points that have been explained in previous comments. From my point of view, one of the great strengths of Meraki is a "Full Stack" approach to security with right consideration at each level. The continuity of protection is valid from access to applications. With on the MR and MS: - security from access (802.1X, Privat VLAN, RADIUS authentication, ...). - Protection of WLAN accesses (WPA2, WIDS / WIPS, NAC, Auto Tunneling VPN Technology, Air Marshal, ..) - filtering (URL, access list, ...) to avoid connections that involve threats. - proactively discover DHCP rogue - application layer visibility. -... Directly with MX: - IDS / IPS - AMP, Threat Grid, TALOS experience, - Auto VPN, SD-WAN, - different security functions already mentioned for the MX in the other comments. With IP video surveillance: - MV with a secure connection (see https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01) With mobile devices: - SM / EEM - Mobile Device Management - Mobile Application Management - Mobile Content Management - Mobile Content Management -.. Against these threats, the solution is an addition of protection efforts at each level.
... View more