We just raised a $30M Series A: Read our story
2017-06-27T13:26:00Z

What needs improvement with Meraki MX?

63

Please share with the community what you think needs improvement with Meraki MX.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
2323 Answers

author avatar
Top 10Reseller

We use a Cisco LAN switch. Its model is CBS250, and it is a Cisco Small Business switch. It can be easily integrated, but the problem is that the other Cisco products are not in the same dashboard or cloud. Each one has a different management interface. I would prefer if both could be in the same cloud. If we use a switch from Meraki, it will be more expensive. Meraki switches are more expensive than the Cisco Small Business switches. For that reason, we prefer to use Cisco switches. With Cisco switches, we don't have to pay for subscriptions, whereas with a LAN switch from Meraki, we will have to pay for subscriptions. We have been having a problem with the VPN. When the energy goes down and is back again, the VPN link doesn't get established. We have to manually turn off the modems and other pieces of equipment and manually establish the VPN. It has been around one month since we have been having this problem, and we don't have enough support from Meraki to solve the problem. Their Technical Assistance Center (TAC) is slow to answer. Their response time should be improved. When we request support, their response time is long and not good. They still don't have the solution to the VPN problem. They established the VPN link, but the problem continues. They don't fix the problem. They just repair it, and the problem persists.

2021-08-03T07:24:00Z
author avatar
Top 5Real User

You can't set up complicated firewall rules, such as the ones that can be handled by Sophos. Sometimes you need to contact Meraki Cisco support for extra setup because as a normal user or administrator, you can't do it. If you use the VPN to link Meraki with your onsite domain with Active Directory then it doesn't work properly. It will work for one or two weeks, then it will stop. They need to improve the link between Meraki and Active Directory. When the internet connection is lost, you are not able to change any of the firewall rules because you cannot connect to the portal. This is unlike Sophos, where you can log on to it physically and change the rules. It would be good if they allowed you to implement the certificate. At the moment, you can link Meraki with the self-signed certificate in your domain, but you cannot set up the active service VPN with Meraki on a certificate.

2021-02-07T11:05:49Z
author avatar
Top 20Reseller

Currently, I don't see any big areas for improvement; although, It lacks some switching features. For instance, when you use MX to link the firewall to a stack, you cannot use LACP. You cannot use switching behaviors as you see on the Meraki switch. This would be a really cool feature to have — real switching features on Meraki MX.

2021-01-08T13:09:25Z
author avatar
Top 5Reseller

The whole Cisco Meraki range requires easier access for cameras. For a security center, it would be helpful to have easier access to cameras through the portal. Its licensing cost could also be better.

2020-12-24T15:13:10Z
author avatar
Real User

It would be nice if the different services, including the SIEM SOC and endpoint detection and response (EDR) were integrated into one, so that I don't have to go to different vendors for different services. Ideally, I would like to have one place to shop.

2020-12-20T14:00:04Z
author avatar
Real User

There is room for improvement relating to third-party VPNs. You can only have one tunnel in the whole infrastructure — one tunnel with one device. I cannot have multiple terminals running from each of the devices to the same third-party.

2020-11-24T13:09:05Z
author avatar
Reseller

We prefer UTM solutions. As far as what needs to be improved — nothing really comes to mind. It does what we need it to do.

2020-11-18T10:28:55Z
author avatar
Top 20Real User

In general, the SD-WAN feature needs to be improved. The load sharing and load balancing of the traffic should be improved. I have had some problems with these features in the past.

2020-11-12T17:02:25Z
author avatar
Top 5Real User

While it's reasonably priced, it could always be lowered to compete with others. In the next release, because the security is pretty basic, I think they could include additional security features.

2020-10-30T13:53:21Z
author avatar
Top 5LeaderboardReal User

From the improvement perspective, we need more monitoring capabilities. We want to have full-based access visibility, such as, what is happening when something is trying to reach and it is denying. We cannot see some parts of it. The integration of active directory with this product is not very fruitful. It has some bugs or lacks in the functionality of active directory integration. We are unable to identify where exactly and whether it has really applied our policy.

2020-08-23T08:17:00Z
author avatar
Real User

The security is not as strong as it could be. The lack of HTTPS encryption is a big challenge that I have with Meraki. Essentially, the Meraki device is blind to any threats that are encrypted, and currently, somewhere in the neighborhood of 3/4 to 80% of all internet traffic is encrypted. In other words, you basically have a blind security guard watching the network.

2020-08-19T07:57:00Z
author avatar
Top 5Real User

Management can be improved in Meraki MX.

2020-08-06T06:44:00Z
author avatar
Real User

Expensive licensing and firewall stops immediately working if the licence is not renewed at the expiration date.

2019-08-21T06:36:00Z
author avatar
Real User

We are currently having a problem with Meraki in the end product. They have two kinds of enterprise licenses and an advanced security license. The problem is that the two licenses do not currently integrate. We have to create separate companies and do an interconnection between these licenses. Even to do a full free trial run, we need the same kind of licenses. This is something we seek to change because it's not fair. With this license mode, we should be able to choose which sites we use and which sites we do not need. We often see a break in the connection between both modem and dish. We found that if we communicate with Cisco, we can find the right solution to solve this. Currently, we have found all the things we need for our company already. Only perhaps compatibility for mobile lines is still required. Meraki MX is the program for us. We should have enterprise licenses.

2019-06-30T10:29:00Z
author avatar
Real User

The product could improve most by improving the client VPN. The auto VPN works for site-to-site but they have an issue with the client VPN. For example, if I connect the client VPN, I cannot block clients for specific access inside of the company. Because of the limitation, you need to make a rule for everyone and it's not very easy to do. What you really want is to have a specific client VPN with specific (fine-grained) access to different areas. One other thing that they should have to improve product utility is some kind of templates. For example, templates for configuration of use in a vertical market would be useful. They have a very good product. If you contact technical support, they should already know more about your methods and your needs. Management of the firewall is on the cloud and to be so easy for the user to configure, they remove some of the more complicated options. If you want an option, you need to contact support in order to enable it. They could have, for example, a different dashboard for more advanced features that you would be responsible to pay more for.

2019-06-27T08:13:00Z
author avatar
Top 5Real User

What I would like to see in the next version is to have more interfaces for WAN links. For example, if we have three providers, we can't connect to Meraki because it has only two WAN ports. I would like to have on Meraki more WAN ports, i.e. one data internet port for two lines.

2019-06-27T08:13:00Z
author avatar
Real User

This product has room for improvement. The main features not included with the firewall is the virtual domain. With Meraki, the interface for the virtual domain could be improved. The virtual domain is a concurrent session. The concurrent session is limited in Meraki, like FortiGate. In MX100, it's around 200 to 25,000 concurrent sessions. In the same model with FortiGate, it's around five million concurrent sessions. It's very important to improve in Meraki. In my view, it is very important that the number of concurrent sessions is increased.

2019-06-27T08:13:00Z
author avatar
Consultant

If Meraki could handle more than one internet connection and a bonding formula then that would be valuable. Load balancing options and ability to manage a couple of Internet connections, that's it. This is the main thing I see that the solution needs.

2019-06-27T08:13:00Z
author avatar
Real User

Currently, if you make a rule in the firewall you have to add all of the IPs. If I'm working with an object for, say, an object group, where I put every single IP that I want into it, and then I apply it on a rule, it's a little bit easier to configure because you have a better overview of that. The overview is not completely clear. It's a bit difficult. But control of network objects is something I really want because it makes it easier to maintain. Also, there's not enough control over system updates. Right now, you can postpone the update but eventually, if you don't do the update, it will install the updates automatically for you and that's something that is not working for me. It can happen during business hours, for example, and then you have a big issue.

2019-06-27T08:13:00Z
author avatar
Real User

The IPS, the Intrusion Prevention System, can be improved. If they can add I think the next generation firewalls, that would be great.

2019-06-26T05:25:00Z
author avatar
Real User

From a subscription base or price perspective, there's some room for improvement. They also need more security features. There are good security features now, but I need more of the security features to offer UTM protection.

2019-06-26T05:25:00Z
author avatar
Top 5LeaderboardReseller

Some advanced enterprise features are missing, so the Meraki MX is not for demanding enterprise networks as it lacks high level features (including SSL inspection and VPN client software) As for SSL inspection I think this is better performed on the Client PC where the inspection can be performed before or after the SSL encryption is done. Look at a solution like SentinalOne for this. This type of solution is going to be less prone to problems with SSL inspection. Additionally the client VPN uses native OS VPN connectivity in Windows, Mac OS X, and Linux. While this is nice from the perspective of no license fees to have a client VPN, there are sometimes issues when drivers or OS updates are released that impact client VPN connectivity. Draytek makes VPN client software that works with the MX but it is not officially supported by Meraki. I'm not a fan of any security appliance's VPN as they typically allow access to everything on the corporate network. Specific VPN solutions like NetMotion allow you to create granular access control to resources inside your firewall. I think having that level of control is a huge security plus. There are so many options available when you are looking to create your security stack. In my experience I've found that putting all your requirements on one solution will usually result in some level of disappointment. On the Meraki dashboard is a “Make a Wish” button to request new features. I have made multiple wishes and they were all were with in granted.

2018-01-27T13:26:00Z
author avatar
Top 5Real User

The event logging, alerting, and reporting features could use improvement. Especially the export of the log is difficult. There is an API to connect to, but I have not found it easy to extract something yet.

2017-06-27T13:26:00Z
Learn what your peers think about Meraki MX. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,695 professionals have used our research since 2012.