Meraki uses a bunch of fingerprinting methods, including LLDP, MAC address lookups, and traffic profiling, among other things. It's not an exact science, as you've seen. Some clients may misidentify themselves when specifying the User-Agent string field of an HTTP GET request. Device type policy enforcement is done on a best-effort basis, dependent upon the information that the client provides. When needing to enforce security-focused policies based on device type, please leverage solutions such as Meraki Systems Manager, or Cisco ISE.
... View more