Examining the Meraki Fullstack (Part 2)
The Meraki MS Switches, powered by Cisco, provide the ultimate administrative experience with a combination of scalability, performance, and transparency. Meraki MS Switches also give administrators the freedom of zero-touch provisioning, as all appliances are managed from a web based interface. In this article we will focus on the Cisco Meraki Switching solution's approach to achieving high performance, security, and location analytics.
As we mentioned in the previous Fullstack Edition on Meraki's approach to WiFi: Meraki was founded in 2006 by two MIT graduates with funding from Google and Sequoia Capital. The focus in Meraki's formative years was building a wireless solution that combined cloud-based ease of use and administration with analytics and reporting. From the start, the Meraki Dashboard set the brand apart. The dashboard gave administrators a centralized portal to view and manage their wireless from anywhere they could access Internet. As the product advanced and became a market leader, the big players took notice, and in 2012 Cisco purchased Meraki. Since the acquisition, Cisco has allowed Meraki to prosper as an independent brand enhanced by Cisco's routing and security knowledge and expertise. The brand has expanded dramatically, bringing their vision of simplicity, analytics, and performance to newer product lines. The Meraki platform now includes data switches, firewalls, mobile device management, and security cameras on one consolidated cloud management platform. Despite the expanded portfolio and value of a consolidated solution, each of the products works as a stand-alone that neatly folds into an existing data strategy.
Physical Equipment - A Higher Plane
The growth of Meraki's product set in the last 5 years has been fueled by the maturity of Cisco, in both their software technology and their proven history of high-quality physical equipment. The tech that Cisco has shared helps Meraki differentiate as more than just a "small business play" with 802.1x authentication and VRRP warm spare support as examples. The gear itself is a very attractive and modern silver-grey color and has weight that tells you it wasn't cheaply made. On every switch Meraki has gigabit ports (bye bye legacy 100mb) and offers GB/10GB and even 40GB uplinks. True to Cisco form, the switches all have non-blocking backplanes, meaning that all ports can be used at bidirectional max capacity simultaneously; most of the competitors offer underpowered backplanes to reduce cost.
Meraki's strong push into Enterprise businesses has been enabled by their distribution switches which are best in class. For example, the MS425-32 has (32) 10GbE ports and (2) 40GbE with a total of 800GbE switching capacity. A big plus of the Meraki switching lineup is the ability to use copper (CAT6a) for multi-gigabit speeds, 2.5GbE, 5GbE and 10GbE of throughput. This ability is incredibly important when supporting modern 4x4:4 802.11AC access points that are able to wirelessly provide more bandwidth then the traditional gigabit wired speed. Most Meraki switches offer physical stacking utilizing QSFP+ 40GB interfaces. Depending on the model, this can give 80GB – 160GB of throughput between stack members. This is critical to building redundancy across switches, especially in the core. Servers, especially clustered virtual hosts, can utilize LACP across stack members so if a stack member quits functioning, everything stays up and working. The same can be done for remote switch closets. The MS350 switches even include stacking cables in the box. Virtual stacking is a unique feature to the Meraki product line. Virtual stacking is the ability to configure switch ports across non-stacked switches. Say you have the need to deploy a new SSID and want to allow a VLAN for it across all switch ports with access points connected. In a traditional environment you remote into every switch and apply that configuration separately. With Meraki you can select all of these ports at once – across 100s or 1000s of switches - and apply this configuration with a few clicks. Talk about a time saver.
Software Defined Networking = Easy Management
The Meraki solution embraced the concept of SDN early with configuration changes, performed with drop-downs and checkboxes, leading to the desired outcome without even offering a CLI. Meraki uses the concept of "switch templates" to simplify the roll-out of similarly purposed switches, for branch locations or large campus environments. Creating VLANS and QoS is vastly simplified, allowing for companywide roll-outs whether your business manages one or thousands of devices in minutes. The Meraki platform supports LLDP for easy rollout of VoIP networks with phones auto-registering on the correct VLAN. Rolling out OSPF is traditionally reserved for the most accomplished network gurus, but with Meraki the task becomes simple, instantly improving traffic flow and providing redundancy.
Troubleshooting network devices remotely is often challenging, requiring a physical visit from IT staff to identify, then resolve the problem. Remote live tools are designed to simplify the remote experience and provide new visibility and analytics without a physical presence.
Meraki MS Series Remote Live Tools
- Packet Capture – IT staff can remotely initiate a packet capture on any switch port and view the output right in the dashboard. For more advanced troubleshooting a pcap can be exported and opened in a program like WireShark.
- Remote Reboot – Have you tried turning it off and on again? This is a great go-to when weird behaviors pop up.
- Cable Test – By clicking the "run cable test", IT staff can remotely identify a cabling problem. The results will come back as:
- OK: Good cable, good pair
- Open: Unused/unterminated pair
- Abnormal: The impedance is not within expected bounds either too high or too low
- Couplex: Specified pair too strongly coupled to pair X, indicating high amount of crosstalk
- Ping Test – the good old classic ping test gives you packets lost and average latency and provides a live graph as the test is running.
Beyond the embedded tools Meraki recently introduced Insights, which uses the MX Meraki Cloud firewalls as collectors. The solution automates the identification of rough spots on the network, specifically around the poor performing applications. The Insights analytics package provides end-to-end visibility into how users are experiencing the network by evaluating and quantifying the experience of end-users. As the data flows through the network, the MX appliances perform deep packet inspection to help identify root issues in both the application and network layer. The solution then provides a performance score based primarily on per-flow goodput and application response time.
A tremendous value to Meraki customers is the analytics the system natively provides. The platform has Layer 7 visibility out of the box, giving administrators reports that can help with actionable items to improve network performance. Unlike the traditional network hardware products, Meraki's Layer 7 reporting gives you the name of the specific application or web service being used instead of a convoluted list of IP addresses. The reporting can be highly customized to range from a wide company view down to the individual user's activity. After identifying the types of traffic on the network, it is simple to limit bandwidth and block or prioritize the applications as you see fit. Meraki's hardware includes plenty of horsepower to perform deep packet inspection with no loss to speed; a testament to the quality of the product.
To those of us in the industry, Visio is a four-letter word. I think most administrators would agree that detailed network diagrams are incredibly helpful but also challenging to build and then maintain. As equipment changes it requires someone with the skillset to manage and update it. If it isn't updated, as it often isn't, the document becomes worthless quickly. Meraki clients never encounter this challenge due to their Network Topology feature. The system automatically creates a network diagram per your preference; the entire network, the route to a specific device, a site, the route from a specific device, etc. The platform will detect directly connected non-Meraki equipment via the Cisco Discovery Protocol and often is able to identify manufacturer and model. While viewing the Network Topology Map, administrators can easily hover over the device to see specific stats like speed, usage, and number of connected clients. You can also click into specific devices to modify and review configurations or review performance. Our Meraki clients are always up to date on the performance of their network and the details of the devices it connects to.
The Choice Path
For years, evaluating the various offerings from network switching manufacturers showed very little differentiation. The products available were generally managed individually via GUI or with CLI. Reporting was non-existent or lacked detail, configuration was cumbersome and time consuming, troubleshooting tools were a separate package, and in-depth knowledge/training was required. Meraki by Cisco is currently the only product to bring simplicity and performance to the network stack with a single cloud-based portal. The network revolution is on, come join us!
Why Matrix Networks Partners with Meraki?
Although Meraki products come at a premium, we have discovered the value of the analytics, performance, troubleshooting tools, and ease of use. All of which make Meraki an excellent value, especially when paired with the full-stack for complete network control. To learn more about Meraki’s platform you can schedule a demo with our team, watch a webinar (and receive a free AP), and even try it yourself on a trial basis. As a Premier Cisco Partner, Matrix Networks is here to assist in any way we can. Let us know how we can help.
Examining the Meraki Fullstack (Part 3)
Meraki's MX series is a great combination of Cisco's world class security with the established strategy of simple management and roll-outs. It should be recognized upfront that Meraki's security features are not equal to Cisco's traditional firewall solutions.
Author: Kyle Holmes