Wednesday, March 14, 2012

Meraki at Wireless Field Day 2

Wireless Field Day 2 - Meraki
Meraki presented their wireless solution managed by Cloud Controllers hosted at Meraki's HQ at Wireless Field Day 2.

Meraki APs are a good solution for a diverged enterprise where there are many remote locations without IT staff. The APs "call home" to the Cloud Controller hosting at Meraki. End users can opt-in to allowing Meraki to aggregate date usage information on the wireless traffic passing through the Meraki wireless infrastructure. Event reporting is done through monthly automated summaries, but no alerting on real time traffic issues is currently possible. Meraki c
an do firewall & traffic shaping and rules as well as doing PCP & DSCP tagging on wireless traffic. I thought their data reporting on the wireless traffic was very well done. The user interface was very intuitive, and the display of information was very clean, and searches returned data very quickly. This was probably due to the fact that we were local to the database, but I'll be able to test this once I connect up the MR16 AP they sent home with me. The data aggregation reminds me a lot of Net Flow data or MRTG taken up many notches.

 All of the data reporting and management features are one product set, there are not additional add-ons that require additional fees or licensing.

The Meraki wireless infrastructure Integrates with Ekahau RFID solution for dedicated RTLS implemententations. All Meraki 802.11n APs have the same feature set, there is nothing added or removed by additional licensing or hardware.

Upgrading code on the access points can be scheduled, and there is no master AP image holder at a remote site. Software images are rather small (3-4Mb) and each AP gets its own AP image. 
The APs keep running while the image is downloading, and rebooting of the AP to apply the new image can be scheduled.

Meraki is working with TelMex to implement HotSpot 2.0 and offload cellular data to wireless networks. Meraki supports Layer 2 roaming, but doesn't currently have many customers that require L3 roaming, and as a result they don't support it just yet. If a condition arises at a customer site, they would be able to provide a Layer 3 roaming solution.
Meraki uses proprietary technology to establish the VPN connectivity between the AP and the Meraki Cloud Controller, it isn't a standard version of OSPF. The VPN connection is done by doing UDP hole punching and running IPsec on top of that to establish the end-to-end management tunnel. The Meraki solution can integrate with standards based IPSec devices as well. It is not necessary to configure IKE and IPSEC policies, the Meraki solution handles all of that configuration with no end user intervention.

Merkai also has an extensive collection of informational videos on their YouTube channel describing their wireless design and cloud management capabilities, should you have questions that are not answered during their Wireless Field Day presentations.

Meraki was a sponsor of Wireless Field Day 2.  As such, they were responsible for covering a portion of my travel and lodging expenses while attending Wireless Field Day 2. They did not ask for, nor where they promised any kind of consideration in the writing of this review/analysis.  The opinions and analysis provided within are my own and any errors or omissions are mine and mine alone. I was provided with a Meraki MR16 model access point and a one year license to have the AP managed by the Meraki cloud. I have not had the opportunity yet to connect this AP and do testing with it. 


  1. Hi Jennifer,

    It was great to meet you at this year's Wireless Field Day 2, and thanks so much for writing this blog post about your visit to Meraki.

    You're right that we use proprietary techniques to establish the secure connection between the Meraki access point and the Cloud Controller. When using the Teleworker VPN capabilities of the AP, VPN traffic doesn't go through the Cloud Controller. This is separate from the auto-provisioning site-to-site VPN and the IPsec interoperability capabilities of the MX Security Appliance. We didn't really cover the MX during the presentation because we focused mostly on the wireless capabilities, so I wanted to make sure that's clear.

    Again, thanks for writing this post!

    Pablo Estrada

  2. Pablo,

    Thanks for the clarification. I transcribed my notes from the session, and tried to make them make sense which is often difficult when you've only written down the interesting factoids that are now *very* out of context!


  3. This comment has been removed by a blog administrator.