Cisco Meraki MX: Next Generation Firewalls

Today I am going to talk about the Cisco Meraki Next Generation Firewalls. As we discuss in our earlier articles about the Next generation firewall capabilities and efficiency. Cisco Meraki MX security appliances is capable of doing Layer 7 traffic classification and control.

They also integrated IPS/IDS features in order to be in the race of the Next generation firewall space. Meraki MX next generation firewalls have other features of Identity-based and device-aware security. Let’s talk all these feature in little details to understand the basics on the Cisco Meraki Next Generation firewalls.

What are the features in the Cisco MX security Firewall devices ?

Every Meraki Security Appliance backings several features, like a stateful firewall and integrated Sourcefire intrusion prevention (IPS) engine, to preserve networks secure. Threat definitions and filter lists are effortlessly updated, ensuring every site has bleeding-edge protection from the latest vulnerabilities and troublesome websites.

Cisco Meraki MX is a Next Generation firewalls are the have the below features

• Features of Next Generation Firewalls
• Features of IPS/IDS
• Features of CLOUD-BROKERED VPN
• Content Filtering
• Malware Protection
• High Availability

Fig 1.1- Cisco Meraki MX: Next Generation Firewalls

Layer 7 traffic classification and control

The Cisco Meraki branded packet treating engine examines network traffic up to and including layer 7, using classy finger printing to recognize users, content, and applications on the network.

Each network stream is classified, and access control policies are imposed .To understand this lets take an short example here, obstructing Netflix and arranging prioritizing video conferencing.

By categorizing traffic at layer 7, Cisco Meraki's next generation firewall handles indirect, encrypted, and peer-to-peer applications, like Bit Torrent or Skype, that cannot be measured by conventional firewalls. Cisco Meraki's next generation firewall is comprised in all wireless access points and security appliances.

Intrusion detection engine-IPS

Including an cohesive intrusion detection and prevention (IDS / IPS) engine built on Sourcefire's Snort, the single most widely implemented intrusion detection and inhibition technology in the world, Cisco Meraki security appliances defend your network against malicious objects and extortions.

Using a permutation of signature, protocol and anomaly-based inspection techniques guarantees ironclad security for your network. Leveraging the Cisco Meraki cloud management platform, threat signatures are spontaneously updated, keeping security always up-to-date.

Identity-based and device-aware security

Device-aware access governors permit administrators to guarantee the suitable level of network access for each class of devices. Layer 7 device fingerprints spontaneously spot and categorize Apple iOS, Android, Windows, Mac OS, and other clients. These fingerprints are incorporated into Cisco Meraki firewalls and wireless APs, so that administrators can, for example, apply firewall rules exact to iPads in a Bring Your Own Device (BYOD) network.

Cisco Meraki security devices feature a authoritative category-based content filter, which matches content against millions of URLs in dozens of categories. The Cisco Meraki content filtering engine qualities native Active Directory incorporation to apply access controls precise to each class of users. Content lists and application signatures are apprised dynamically from the cloud, so that security policies remain up to date even as content and applications change.