The Cisco Meraki proprietary packet processing engine analyzes network traffic up to and including layer 7, using sophisticated fingerprinting to identify users, content, and applications on the network.Each network flow is categorized, and access control policies are enforced. By classifying traffic at layer 7, Cisco Meraki’s next generation firewall controls evasive, encrypted, and peer-to-peer applications, like BitTorrent or Skype, that cannot be controlled by traditional firewalls. Cisco Meraki’s next generation firewall is included in all wireless access points and security appliances.
Meraki Firewalls Overview
Cisco Meraki Security Appliances can be remotely deployed in minutes using zero-touch cloud provisioning. Security settings are simple to synchronize across thousands of sites using templates. Auto VPN technology securely connects branches in 3 clicks, through an intuitive, web-based dashboard.
Every Meraki Security Appliance supports several features, like a stateful firewall and integrated Sourcefire intrusion prevention (IPS) engine, to keep networks secure. Threat definitions and filter lists are seamlessly updated, ensuring every site has bleeding-edge protection from the latest vulnerabilities and troublesome websites.
Intrusion Detection Engine
Featuring an integrated intrusion detection and prevention (IDS / IPS) engine based on Sourcefire’s Snort, the single most widely deployed intrusion detection and prevention technology in the world, Cisco Meraki security appliances protect your network against malicious entities and threats. Using a combination of signature, protocol and anomaly-based inspection methods ensures ironclad security for your network. Leveraging the Cisco Meraki cloud management platform, threat signatures are automatically updated, keeping security always up-to-date.
Identity-based and device-aware security
Device-aware access controls enable administrators to ensure the appropriate level of network access for each class of devices. Layer 7 device fingerprints automatically detect and classify Apple iOS, Android, Windows, Mac OS, and other clients. These fingerprints are integrated into Cisco Meraki firewalls and wireless APs, so that administrators can, for example, apply firewall rules specific to iPads in a Bring Your Own Device (BYOD) network.
Cisco Meraki security appliances feature a powerful category-based content filter, which matches content against millions of URLs in dozens of categories. The Cisco Meraki content filtering engine features native Active Directory integration to apply access controls specific to each class of users. Content lists and application signatures are updated dynamically from the cloud so that security policies remain up to date even as content and applications change.
Meraki Firewalls –Recommended Options
These are some of the recommendations for popular Palo Alto Network bundles and options available.