The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About MW0013
MW0013

MW0013

Conversationalist

Member since Jul 3, 2018

‎09-22-2020
Kudos given to
User Count
PhilipDAth
Kind of a big deal PhilipDAth
1
View All

Community Record

10
Posts
0
Kudos
0
Solutions

Badges

CMNO
1st Birthday
First 5 Posts
Lift-Off View All
Latest Contributions by MW0013
  • Topics MW0013 has Participated In
  • Latest Contributions by MW0013

Re: Audit use of local admin?

by MW0013 in Dashboard & Administration
‎08-19-2020 05:38 AM
‎08-19-2020 05:38 AM
Thanks, @PhilipDAth. The change log idea sounds like a good compensating control. ... View more

Audit use of local admin?

by MW0013 in Dashboard & Administration
‎08-14-2020 08:49 AM
‎08-14-2020 08:49 AM
Is there a way to audit the use of the local admin if someone needed to log directly into hardware? A random example might be a problem where an admin would access the switch locally to change a port type from access to trunk. I'm not seeing in the documentation where this is possible. Audit would like to see controls around this password to see when it's used. ... View more

Configuration change alerts not using email

by MW0013 in Dashboard & Administration
‎08-10-2020 11:48 AM
‎08-10-2020 11:48 AM
We get plenty of emails... I didn't see an option under the Syslog entries that shows anything about configuration change alerts. Does Meraki offer a way to send notices of configuration changes or alerts through Syslog or another means that doesn't include email? I want it to be an automatic push configuration, not a pull configuration from another system through an API or something, if possible. ... View more

Re: Best method to capture east-west traffic to security appliance

by MW0013 in Switching
‎02-06-2020 04:55 AM
‎02-06-2020 04:55 AM
That's disappointing. In that case, if anyone has suggestions for the best way to monitor east-west with Meraki to a security platform, please let me know.  ... View more

Re: Best method to capture east-west traffic to security appliance

by MW0013 in Switching
‎02-05-2020 05:22 AM
‎02-05-2020 05:22 AM
So if we have, let's say, 15 switches in the same building, that becomes a bit of a problem, and an expensive one. I'm hearing that mirroring multiple interfaces is too much for a Meraki switch to handle, so I'm not sure of the best way to see the most traffic. I doubt that putting a security appliance on each switch is financially feasible. There must be a way to capture at least a majority of the traffic. We're also looking into taps/aggregators, but I haven't had experience with those personally. In the larger buildings, we might have to just resort to passive taps, but I still need to understand the best way to configure the switches in that case. ... View more

Best method to capture east-west traffic to security appliance

by MW0013 in Switching
‎02-04-2020 10:55 AM
‎02-04-2020 10:55 AM
I'm looking for information on the best method to capture east-west traffic that may even stay within a switch/switch stack. I'm only seeing an option to mirror each port and select a single destination port. We tried this as a test from one switch stack to a dedicated mirror link to an upstream MS425 switch, but the upstream switch suffered and didn't even hand out DHCP anymore. If anyone has done this with a Meraki infrastructure and sent that traffic to a security appliance, please let me know. The security solution should be able to give us great visibility and built-in integrations with our firewalls, so getting this working would be fantastic. ... View more

Re: General best practices for secure configurations?

by MW0013 in Dashboard & Administration
‎10-29-2019 11:00 AM
‎10-29-2019 11:00 AM
The end goal is a document of best practices around secure design and configuration as it relates to Meraki devices. If we look at the CIS benchmarks for other vendor equipment, it provides detailed info on what to configure and step-by-step on how to configure the devices to provide a secure baseline config. Vulnerability scanners, such as Rapid7, even have policy scans using the CIS benchmarks where you can scan that equipment and see how it matches up against the benchmarks, which is extremely handy when working with the teams to guide them on improving security on their devices.  ... View more

Re: General best practices for secure configurations?

by MW0013 in Dashboard & Administration
‎10-28-2019 01:14 PM
‎10-28-2019 01:14 PM
We use various MS switches and MR access points in our environment, so focusing on those for now.  ... View more

Re: General best practices for secure configurations?

by MW0013 in Dashboard & Administration
‎10-28-2019 01:07 PM
‎10-28-2019 01:07 PM
Thanks, @PhilipDAth . What I'm mainly looking for are benchmarks for secure configurations. I was looking through some best practice documentation, but it was more general and broadly addressed administration and configurations on making things work correctly, rather than putting a focus on security. ... View more

General best practices for secure configurations?

by MW0013 in Dashboard & Administration
‎10-28-2019 12:29 PM
‎10-28-2019 12:29 PM
I'm starting to create benchmarks for device/OS configurations based off of the Center for Information Security's (CIS) benchmarks. They currently don't have any benchmarks for Meraki. I haven't found any documentation so far about best practices for secure Meraki configurations. Does anyone have any resources they could point me to for more information on the topic? ... View more
Kudos given to
User Count
PhilipDAth
Kind of a big deal PhilipDAth
1
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki