Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
5

Meraki - Good idea? Bad idea?

Has anyone here used them and if so, have you encountered a situation in which the Meraki hardware couldn't do something that you could have gotten from a regular Cisco device?

I'm not too worried about the licensing vs one-time-buy decision, this is purely about the technical capabilities.

EDIT: Based on the responses I realize that I need to provide more detail.

  • Company is mid sized

  • No proper network management in place

  • A need for 80 or so access switches (I was thinking the MS250-48FP)

  • Possibly want to use them for fiber distribution as well, not sure

Basically, the company has a large network without anyone with the knowledge to properly manage it. And from what I'm gathering, they won't ever get the 'OKAY' to pay what a true network engineer would cost. At most they'll hire a CCNA level. With that in mind, I was thinking Meraki purely for the ease of management.

30 comments
72% Upvoted
What are your thoughts? Log in or Sign uplog insign up
level 1

I've used them before, mostly for switches though. I would say they are limiting compared to a proper cisco switch. I would say they are ideal for very small businesses that need easy management through a nice GUI, which is accessible from anyhwere. As a proper engineer though, I can't recommend them for an enterprise network. I need CLI access where I can apply good troubleshooting techniques to any problems that occur.

For wireless my colleague at work has trialled them, and he was trying to find a good use for them, maybe for home workers. Even then though, he said there is nothing there that a Cisco remote-worker AP (Cisco 1810) can't do already. So he's not planning on changing it. As for enterprise, he agreed with me that they are good for small businesses. He said he would not choose them over the other Cisco wireless for enterprise businesses.

BTW when I say enterprise, we probs have around 1500 AP's, and 1500 switches.

level 2
Apprentice Network Ninja2 points · 5 months ago

A little off topic, but I never realized Meraki doesn't have CLI support. That would drive me mad.

level 3

I dont know if it does. But I do know it's all predominantely run from your browser, managed in the cloud. For me, routers and switches should all be manageable from the cli. It would take me much longer to troubleshoot core network issues via some gui.

level 4
Recovering CCNA1 point · 5 months ago

No, there is not.

Or at least nothing that gets exposed to customers.

level 5

We were told we would have to write a program to access their API for any type of cli access. No clue what type of cli access it even is...maddening for a normal engineer in my position.

level 1

In our office, we find they do a lot of the basics pretty well (including LLDP-MED for our VoIP devices), but you lose a lot of fine gained control. It's great for small businesses, but not so much enterprises.

level 2
Original Poster2 points · 5 months ago

What about an enterprise in which there isn't really a network engineer/individual who could take advantage of that fine grain control?

level 3

Consider what settings are required to keep all your IT stuff working properly and see if meraki supports it. Just because a feature isn’t ‘played with’ on a daily basis does not mean that it isn’t required to be implemented when it is first set up. It may be a set-it-and-forget-it feature that never needs messed with, but if meraki doesn’t do it, you may be out of luck.

level 1

Not sure which Meraki devices you're looking at.

In general if it's wireless I'd say yeah they're great for most standard office / enterprise environment.

Switching, security, video, and system manager can be great but it would be hard to give a blanket yes or no without knowing what the use-case and environment are like.

Voice would be a hard no.

level 2
Original Poster2 points · 5 months ago

I realize I needed to provide more info, so I expanded the OP.

level 1

What kind of an application are you looking for

level 2
Original Poster1 point · 5 months ago

Access switches. Maybe fiber distribution.

Ease of use being the key here.

level 3

I’d go unifi if it’s a smb and only for access.

level 3

Ubiquity stuff is decent.. but it is alot easier to hire Cisco folks

level 1

We used them at all of our branches and have replaced them with branch Juniper SRX devices and we will never look back.

Besides all of the obvious with licensing, gui, etc - their support was shockingly terrible.

level 1

It depends, do you have any Cisco know how? Because unfortunately they matched the prices of the switches with the cisco switch prices. So basically you will pay the same for a 2960X with the same capabilities.

But of course, if you don't have any Cisco know-how it's a very nice, enterprise grade (also from pricing) switch.

level 2
Original Poster2 points · 5 months ago

I don't unfortunately. Maybe a CCENT level, but that's it.

level 1

We're moving to Meraki, to support 100-120 users at one office, 70 in another, and 60 users for another. MX, Switches, and AP's...

level 1
Networks and Booze5 points · 5 months ago

Good idea

No

bad idea

Yes

Pay a consultant once. Don't pay Cisco monthly

level 2

Meraki licenses aren’t monthly.

level 1

Reporting is very limited because of how Meraki hides interface details. It is not possible to gather peak utilization data for example, and average utilization is possible but requires some math on your side. And good luck trying to get meraki to integrate with your existing NMS.

We also encountered a VPN limitation. Although it did not affect us, you can only share 1 subnet with a non-meraki VPN peer. Keep this in mind if you plan on setting up any VPNs.

Speaking of VPNs there is also no way to reset a non-meraki VPN tunnel without deleting and re-adding it. So if our VPN goes down we have to reset it from the remote side.

There are some other things that have troubled us, if you plan on using it for wireless their Content Filtering is buggy as hell and often does not work at all. So far we've managed to fix some of those problems by upgrading to beta software.

In general I recommenced meraki for two use cases: One is if you don't have a real IT team and need a "for dummies" network that is more easily setup than a traditional one. The second is for small remote offices, because you can get the functionality of a Firewall, WLC, Content Filter, all in the cloud. With this design you can create standalone branch sites with nothing but an small MX, a switch, and whatever cabling and access points you need.

level 1

i work at a hospital, that somehow was convinced to install Meraki. it has been a very hard few years, if you need 24/7 uptime, they wouldnt be the best.. meraki support wants you on the newest code they just released. and testing of that code isnt the best. Also without getting support involved you have to push firmware updates to the whole network at once, and they will reboot within the hour to finish the update. (support can do a switch/ap at a time)

that being said... in smaller shops that are a bit more 8-5 i think they could work fine.

level 1

As most others here have said, Meraki is great if you want a Fisher-Price configuration interface with little-to-no maintenance worries. Definitely a time saver for a small or one-man IT shop. While they do excel in ease-of-use, they fall short on richer enterprise features and granular troubleshooting options.

level 1

Meraki products are expensive due to licensing cost and they tend to have less features than full-blown network products like Cisco.

With that being said, you are paying for great GUI that allows your helpdesk to manage most of functionality - so company doesn't need to hire extra network engineers. You are also paying for nice monitoring software, which you don't have to buy. You are paying for some analytics, which you also don't have to buy. And functionality? Most of the customers will be completely satisfied with Meraki products.

I personally have used their products and I like them, even in fairly large enterprise environment. From what you are describing, they may be a great choice for you as long as you can afford them.

level 1

No IKEv2, doesn't work well in a mixed use site to site environment. It has a lot of caveats with 3rd party appliances/services.

level 1
1 point · 5 months ago · edited 5 months ago

I've deployed Meraki in different sized networks. The visibility is great for items that most sys admins will need. You won't need to hire a CCNP to manage it. I would suggest you use access points and access switches ONLY! Anything beyond that you should get something better like a catalyst or nexus.

I ran into some awful issues deploying their new distribution switches in a stack. This was a few months back, so maybe their stacking is better now, back then it was terrible. The most horrifying issue I encountered was when I stacked four of their MS425 switches, (once you get past the calling home + firmware upgrade + reboots, you get access to your switches) after I was actually able to physically stack them, then configure the stack in the cloud everything worked well. It took a while but they all eventually turned green. While upgrading some of the other switches I came to a point when I had to take the internet down and since the stack couldn't get to the web the stack broke. All my port channels went down, all access switches went offline, it was a pain to say the least. There is a process to follow and as long as these cloud managed devices aren't in your distribution or core layer or EDGE! you will save yourself from many headaches.

Good idea: for access layer and wifi- not my choice, but they aren't too bad. Bad idea: NOT ready for fire walling, distribution, or core.

EDIT: Forgot to add, the firewalls are limited to what they can do. No IKEv2, no static outbound NAT (if you want a subnet to NAT out a different IP other than the outside interface IP, you're out of luck), hardware performance visibility not available - on any of their hardware really. You don't get alerts if your MX firewall is running a 100% cpu, you have to call support and they can check.

level 1
Comment deleted5 months ago
level 2
Moderator of r/networking, speaking officially1 point · 5 months ago

Thanks for your interest in posting to this subreddit. To combat spam new accounts can't immediately submit or post.

Please do not message the mods requesting your post be approved.

You are welcome to resubmit your thread or comment in ~24 hrs or so.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

level 1

Just wanted to add, most decent CCNA level engineers would be able to manage 80 or so Cisco access switches if they are 2960 or 3650 (probably similar costs to Meraki if not cheaper).

level 2
Original Poster1 point · 5 months ago

I wasn't sure just how much a CCNA level engineer could handle. The Merakis are actually substantially cheaper than our 3650s, they just have the licensing issue attached to them.

Community Details

131k

Subscribers

588

Online

###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post
r/networking Rules
1.
Rule #1: No Home Networking.
2.
Rule #2: No Certification Brain Dumps / Cheating.
3.
Rule #3: No BlogSpam / Traffic re-direction.
4.
Rule #4: No Low Quality Posts.
5.
Rule #5: No Early Career Advice.
6.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.