The unsung heroes of the business world are IT professionals, who working tirelessly to mediate the relationship between mere mortal humans and business technology. After all, how many times can you tell grown adults to try rebooting before you lose your mind?
As common "End-users" we often forget, or never even consider, how much goes into the everyday life of the people that make our technology work. I will admit, I am a blatant offender of the very things that drive IT people nuts. I always press accept without reading the fine print, routinely almost get sucked into phishing schemes, and have no idea how a firewall actually works… In order to gain some perspective, I decided to ask our CTO (former Sysadmin for a large, multi-site retail organization) what the typical day in the life of an IT professional looks like. The below is his response.
Typical End-user Complaint: "why is the Internet is so sloooooooow!?!"
As a Sysadmin, I always hated that call: "The Internet is slow!" When getting that call/helpdesk ticket - generally the first stop is going to be the firewall. If you are lucky enough to have a more advanced firewall/UTM, there is generally some type of "top talkers" or other report that shows the amount of bandwidth used per user. If you are not lucky enough to have that info, you are probably checking an SNMP-polled bandwidth chart for the WAN interface. Now what? If you do have that top talkers report, it probably has the source IP, destination IP, port numbers, and amount of data transferred... but you have no idea what the device actually is! The next steps depend on your environment. Chances are, you are going to the core switch and looking up the MAC address of the offender. After you find the MAC address, you will then to find what switch/port they are actually on. At that point, hopefully you actually found a device generating the traffic. But more often than not, you probably only found an access point - and now you have to head over to the wireless controller to further investigate. As IT professionals, we have all been here – it’s just a part of the gig.
As the above example show, IT professionals who don't have good tools can use entirely too much time and brain power on often trivial things – enter Meraki…
Meraki has built in Layer 7 Netflow/IPFIX style reporting. In a "fullstack" Meraki environment, reporting will show the switch port or access point the client is associated with. No more digging through multiple devices/consoles to see what is happening on the network. If you can actually make it a whole day without logging into the dashboard – you can rely on a pretty report being emailed to you each day summarizing the traffic and clients from the previous day. And yes, when looking at that report you should really go investigate why 50 GB of traffic seemed to leave your network via port 53 TCP (wait, that’s not DNS!).
Managing a Multi-site Organization?
Have a multi-site network connected via IPSEC tunnels? How much fun is it setting up profiles per site on the "head end" and at each branch site? Don't you love rolling out new branches, more IPSEC VPN PROFILESSS!!!?!?! Wouldn't a DMVPN/Mesh VPN setup be awesome? The problem is that most hardware doesn't support that. Or, there is a licensing issue that prohibits a Sysadmin from this best practice. Again, enter Meraki Mesh VPN.
Step 1) You add a MX appliance to the dashboard, under the VPN drop down you select "Yes"
Step 2) Oh wait, that was it...
Switch Management for IT Professionals
Unless you have stacked network switches, which are generally only an option on high end switches, you are managing every switch totally independently. If you are in a large building, or, heaven forbid, a multisite environment, this can become a nightmare. If you have switches with a CLI, you can at least script some of this – but you generally still need a 3rd party tool to log into all of the switches and execute those commands. Wouldn’t being able to deploy configuration changes across all switch ports in a building, or even the whole organization, be much easier? Meraki Virtual Switch Stacking allows you to do just that.
Good Sysadmins keep a log of all events on a switch, like port up/down status, who’s making configuration changes, dynamic routing changes, etc. Generally, these are all kept locally on the switch. Naturally, you were clever and setup a Syslog server to ship all these logs off to…. this however, is just another tool to manage and keep track of. Meraki’s single-pane-of-glass administrative dashboard allows you to view all your event logs and switch activity across your entire organization - Meraki Dashboard FTW!
Lastly, System Administrators spend a lot of time monitoring their network. This means setting up SNMP communities on all switches and then going into your SNMP polling software and telling it what Interfaces you want bandwidth charts for. In some cases organizations have invested in fancy switches with their own custom MIB, but this still means you have to figure out how import that into your SNMP polling software. Never an easy task! Again, the Meraki dashboard FTW!
Other ways Meraki can Assist IT Managers
Wireless: If a client already has a controller-based Wireless solution, there is not a ton of differentiation or value Meraki brings to the table. However, there are certainly more analytics available when organizations implement the "fullstack", part of which includes Meraki MR Series. If you are currently not utilizing controller based access points -- the 90s called and they'd like their WIFI back!
Patching: Patching sucks. In legacy environments IT administrators have to go to some type of website or portal and download the patch. Hopefully you have the same model of equipment across the board (which never happens), so you are downloading many patches to cover all devices. You then have to have to stage the patches somewhere. Then during a maintenance window you apply the patch and and reboot the device. Obviously, requiring a ton of time and resources. With Meraki you simply schedule the patch at a time of your choice! Set it and forget it. This saves companies money on overtime and makes it so IT Teams don’t have to spend their personal time ensuring a network is healthy and up to date.
Lastly, keeping Visio diagrams up to date is impossible! A network/sysadmin could spend half their day working on infrastructure, and the other half trying to maintain the Visios to reflect the infrastructure changes. Meraki makes generating comprehensive network diagrams as simple as a few clicks, saving IT teams hours upon hours of Visio management. Same for asset management, no more trying to maintain a spreadsheet with all the model numbers and serial numbers of your devices! With a few clicks, you can dump a CSV or Excel file with all of this information on it. Another important fact to keep in mind: investing in Meraki allows for ease of knowledge transfer. Should a company’s IT administrator choose to move on to a new position elsewhere, Meraki makes it easy for the next regime to come in with a clear picture and not have to reinvent the wheel.
Conclusion: Meraki Rocks, Managing Technology is Hard - get Meraki
Given the opportunity, most IT professionals will talk all day about the challenge of IT Management. We as end-users, business owners, and executives just want our technology to work. This is an interesting juxtaposition. On one hand, there is nothing more frustrating than not being able connect to the Internet or access business critical applications. On the other hand, there is tremendous amount of detail that goes into ensuring these tools are accessible, and most of us “end-users” simply can’t, and won’t, ever understand (hence, mere mortals…) While understanding fully how technology works may not be feasible, suggesting your organization invests in tools that empower IT teams to be more productive and manage better networks is. To get the conversation started, take advantage of Matrix Networks’ complimentary Network Assessment and find out exactly how Meraki and Matrix can make a difference in your business.
Author: Ryan Graven