Cisco Meraki MX: Next Generation Firewalls
Today I am
going to talk about the Cisco Meraki Next Generation Firewalls. As we discuss
in our earlier articles about the Next generation firewall capabilities and
efficiency. Cisco Meraki MX security appliances is capable of doing Layer 7 traffic
classification and control.
They also integrated
IPS/IDS features in order to be in the race of the Next generation firewall
space. Meraki MX next generation firewalls have other features of Identity-based
and device-aware security. Let’s talk all these feature in little details to
understand the basics on the Cisco Meraki Next Generation firewalls.
What are the features in the Cisco MX security
Firewall devices ?
Every
Meraki Security Appliance backings several features, like a stateful firewall
and integrated Sourcefire intrusion prevention (IPS) engine, to preserve
networks secure. Threat definitions and filter lists are effortlessly updated,
ensuring every site has bleeding-edge protection from the latest
vulnerabilities and troublesome websites.
Cisco
Meraki MX is a Next Generation firewalls are the have the below features
- Features of Next Generation Firewalls
- Features of IPS/IDS
- Features of CLOUD-BROKERED VPN
- Content Filtering
- Malware Protection
- High Availability
Layer 7 traffic classification and control
The Cisco
Meraki branded packet treating engine examines network traffic up to and
including layer 7, using classy finger printing to recognize users, content,
and applications on the network.
Each
network stream is classified, and access control policies are imposed .To
understand this lets take an short example here, obstructing Netflix and arranging
prioritizing video conferencing.
By categorizing
traffic at layer 7, Cisco Meraki's next generation firewall handles indirect,
encrypted, and peer-to-peer applications, like Bit Torrent or Skype, that
cannot be measured by conventional firewalls. Cisco Meraki's next generation
firewall is comprised in all wireless access points and security appliances.
Intrusion detection engine-IPS
Including
an cohesive intrusion detection and prevention (IDS / IPS) engine built on
Sourcefire's Snort, the single most widely implemented intrusion detection and inhibition
technology in the world, Cisco Meraki security appliances defend your network
against malicious objects and extortions.
Using a permutation
of signature, protocol and anomaly-based inspection techniques guarantees
ironclad security for your network. Leveraging the Cisco Meraki cloud
management platform, threat signatures are spontaneously updated, keeping
security always up-to-date.
Identity-based and device-aware security
Device-aware
access governors permit administrators to guarantee the suitable level of network
access for each class of devices. Layer 7 device fingerprints spontaneously spot
and categorize Apple iOS, Android, Windows, Mac OS, and other clients. These
fingerprints are incorporated into Cisco Meraki firewalls and wireless APs, so
that administrators can, for example, apply firewall rules exact to iPads in a
Bring Your Own Device (BYOD) network.
Cisco
Meraki security devices feature a authoritative category-based content filter,
which matches content against millions of URLs in dozens of categories. The
Cisco Meraki content filtering engine qualities native Active Directory incorporation
to apply access controls precise to each class of users. Content lists and
application signatures are apprised dynamically from the cloud, so that
security policies remain up to date even as content and applications change.