Meraki MX Room for Improvement

Phillip Peerman
Supervisor of IT Infrastructure & Cybersecurity at a tech consulting company with 51-200 employees
Some advanced enterprise features are missing, so the Meraki MX is not for demanding enterprise networks as it lacks high level features (including SSL inspection and VPN client software) As for SSL inspection I think this is better performed on the Client PC where the inspection can be performed before or after the SSL encryption is done. Look at a solution like SentinalOne for this. This type of solution is going to be less prone to problems with SSL inspection. Additionally the client VPN uses native OS VPN connectivity in Windows, Mac OS X, and Linux. While this is nice from the perspective of no license fees to have a client VPN, there are sometimes issues when drivers or OS updates are released that impact client VPN connectivity. Draytek makes VPN client software that works with the MX but it is not officially supported by Meraki. I'm not a fan of any security appliance's VPN as they typically allow access to everything on the corporate network. Specific VPN solutions like NetMotion allow you to create granular access control to resources inside your firewall. I think having that level of control is a huge security plus. There are so many options available when you are looking to create your security stack. In my experience I've found that putting all your requirements on one solution will usually result in some level of disappointment. On the Meraki dashboard is a “Make a Wish” button to request new features. I have made multiple wishes and they were all were with in granted. View full review »
Group Network Specialist at a financial services firm with 5,001-10,000 employees
From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy. View full review »
Luis Mendes
Network Security Engineer at Techbase
The product could improve most by improving the client VPN. The auto VPN works for site-to-site but they have an issue with the client VPN. For example, if I connect the client VPN, I cannot block clients for specific access inside of the company. Because of the limitation, you need to make a rule for everyone and it's not very easy to do. What you really want is to have a specific client VPN with specific (fine-grained) access to different areas. One other thing that they should have to improve product utility is some kind of templates. For example, templates for configuration of use in a vertical market would be useful. They have a very good product. If you contact technical support, they should already know more about your methods and your needs. Management of the firewall is on the cloud and to be so easy for the user to configure, they remove some of the more complicated options. If you want an option, you need to contact support in order to enable it. They could have, for example, a different dashboard for more advanced features that you would be responsible to pay more for. View full review »
Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,757 professionals have used our research since 2012.
We are currently having a problem with Meraki in the end product. They have two kinds of enterprise licenses and an advanced security license. The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection between these licenses. Even to do a full free trial run, we need the same kind of licenses. This is something we seek to change because it's not fair. With this license mode, we should be able to choose which sites we use and which sites we do not need. We often see a break in the connection between both modem and dish. We found that if we communicate with Cisco, we can find the right solution to solve this. Currently, we have found all the things we need for our company already. Only perhaps compatibility for mobile lines is still required. Meraki MX is the program for us. We should have enterprise licenses. View full review »
Frank Theilen
IT Adviser/Manager with 51-200 employees
The event logging, alerting, and reporting features could use improvement. Especially the export of the log is difficult. There is an API to connect to, but I have not found it easy to extract something yet. View full review »
Marek Modlinski Modlinski
Senior Network Engineer at a computer software company with 11-50 employees
You can't set up complicated firewall rules, such as the ones that can be handled by Sophos. Sometimes you need to contact Meraki Cisco support for extra setup because as a normal user or administrator, you can't do it. If you use the VPN to link Meraki with your onsite domain with Active Directory then it doesn't work properly. It will work for one or two weeks, then it will stop. They need to improve the link between Meraki and Active Directory. When the internet connection is lost, you are not able to change any of the firewall rules because you cannot connect to the portal. This is unlike Sophos, where you can log on to it physically and change the rules. It would be good if they allowed you to implement the certificate. At the moment, you can link Meraki with the self-signed certificate in your domain, but you cannot set up the active service VPN with Meraki on a certificate. View full review »
Amr Khalil
LTE RF Optimization Sr. Engineer at Spectrum
This product has room for improvement. The main features not included with the firewall is the virtual domain. With Meraki, the interface for the virtual domain could be improved. The virtual domain is a concurrent session. The concurrent session is limited in Meraki, like FortiGate. In MX100, it's around 200 to 25,000 concurrent sessions. In the same model with FortiGate, it's around five million concurrent sessions. It's very important to improve in Meraki. In my view, it is very important that the number of concurrent sessions is increased. View full review »
Jim Arvas
IT Support Admin at KuehneAndNadel
What I would like to see in the next version is to have more interfaces for WAN links. For example, if we have three providers, we can't connect to Meraki because it has only two WAN ports. I would like to have on Meraki more WAN ports, i.e. one data internet port for two lines. View full review »
Jurgen Dendas
Network and Security Administrator at AJINOMOTO-OMNICHEM
Currently, if you make a rule in the firewall you have to add all of the IPs. If I'm working with an object for, say, an object group, where I put every single IP that I want into it, and then I apply it on a rule, it's a little bit easier to configure because you have a better overview of that. The overview is not completely clear. It's a bit difficult. But control of network objects is something I really want because it makes it easier to maintain. Also, there's not enough control over system updates. Right now, you can postpone the update but eventually, if you don't do the update, it will install the updates automatically for you and that's something that is not working for me. It can happen during business hours, for example, and then you have a big issue. View full review »
COO at a manufacturing company with 11-50 employees
It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services. Ideally, I would like to have one place to shop. View full review »
Engineering Manager at a tech services company with 11-50 employees
Currently, I don't see any big areas for improvement; although, It lacks some switching features. For instance, when you use MX to link the firewall to a stack, you cannot use LACP. You cannot use switching behaviors as you see on the Meraki switch. This would be a really cool feature to have — real switching features on Meraki MX. View full review »
Elie Cattan
IT Specialist and Senior Consultant at Netserve
If Meraki could handle more than one internet connection and a bonding formula then that would be valuable. Load balancing options and ability to manage a couple of Internet connections, that's it. This is the main thing I see that the solution needs. View full review »
Managing Director at a tech company with 11-50 employees
While it's reasonably priced, it could always be lowered to compete with others. In the next release, because the security is pretty basic, I think they could include additional security features. View full review »
Commercial Product Manager at a comms service provider with 10,001+ employees
The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better. View full review »
Solutions Specialist - Networking at a tech services company with 201-500 employees
In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past. View full review »
Expensive licensing and firewall stops immediately working if the licence is not renewed at the expiration date. View full review »
Director, Enterprise Products at a comms service provider with 201-500 employees
The security is not as strong as it could be. The lack of HTTPS encryption is a big challenge that I have with Meraki. Essentially, the Meraki device is blind to any threats that are encrypted, and currently, somewhere in the neighborhood of 3/4 to 80% of all internet traffic is encrypted. In other words, you basically have a blind security guard watching the network. View full review »
Adnan Bastawala
System and Network Administrator at a pharma/biotech company with 501-1,000 employees
There is room for improvement relating to third-party VPNs. You can only have one tunnel in the whole infrastructure — one tunnel with one device. I cannot have multiple terminals running from each of the devices to the same third-party. View full review »
Chief Technical Officer at a tech services company with 11-50 employees
We prefer UTM solutions. As far as what needs to be improved — nothing really comes to mind. It does what we need it to do. View full review »
Ronnie Johnstone
Group ICT Manager at a transportation company with 501-1,000 employees
Management can be improved in Meraki MX. View full review »
Abdullah Al-Nassem
Cisco System Engineer at Logicom
From a subscription base or price perspective, there's some room for improvement. They also need more security features. There are good security features now, but I need more of the security features to offer UTM protection. View full review »
Mohamed Nabih
I.T. Manager at Egypt Foods group
The IPS, the Intrusion Prevention System, can be improved. If they can add I think the next generation firewalls, that would be great. View full review »
Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,757 professionals have used our research since 2012.