Hidden Games & Hacking Group Policies

I’ve got several large work projects in flight which has put a temporary damper on my longform technical writing time. The good news is that one of those projects is pretty interesting (long-haul mesh wireless between two Casinos) and would make for a useful tutorial on design, configuration, and wireless mesh best practices. More to come on that.

For now we’re going to keep this one short. Starting with a few hidden gems.

MX Design: Sizing Meraki MX Appliances

Firewall and WAN refresh projects have many components, but one of the first steps after vendor selection is hardware sizing. Even when working on POC/POV projects, rightsizing the hardware upfront provides a truer day-two experience and requires less rework once complete.

My goal is to walk you through a consultative sizing process to properly size Meraki MX appliance models for any deployment. The process outlined below applies equally to small, multisite MX deployments as it does to super-scale 10,000+ site deployments. I’ve been involved in the planning, pilot, and deployment phases of dozens of such projects and wanted to share my method.

Meraki Cloud Logging: Configuration, Events, and Analytics

The Cisco Meraki Dashboard contains several logging subsystems that each have unique data retention and export options available. Datasets like event, configuration, and analytics are used for starkly different purposes (business intelligence, operations, risk management, etc.) and are reflected in the native logging capabilities.

Questions are often asked around how long Meraki stores logs or other metrics, which as you’ll discover shortly, can have many different answers depending on the dataset in question. The same applies for export, syslog, and other local offload options available. Different datasets, different options.

Pajama Points: Access the Meraki MX Local Status Page From Anywhere

If you weren’t aware, every Meraki device has a local status page for provisioning, configuration, and onsite troubleshooting. No need for a USB-to-console-dingus to get access to the unit locally. Simply connect an Ethernet cable to a LAN or management port on the device, open a web browser, navigate to setup.meraki.com, and be surprised by the lovely HTML5 local web console.

Changelog: New Features in MS10

Several new switch features were introduced in Meraki’s MS10 firmware including loop guard, DIA, storm control, and LAN anomaly detection for improved control-plane monitoring and stability.

This serves as a quick look into some of the new enhancements available. More information including a full list of features can be found in the detailed firmware change notes within the Meraki Dashboard (Organization > Firmware upgrades page).