Engineering Cisco Meraki Solutions 1

Path to Certification
How to become Meraki certified

ECMS1 ECMS2 Meraki Certification

Build your Cisco Meraki Elevate your Cisco Meraki This Cisco technical specialist
technical knowledge and skills technical knowledge and certification will recognize IT
with this full-day, virtual, skills with this three-day, professionals' expertise in
instructor-led training instructor-led training Meraki solutions
About This Training
The five Ws and one H

WHY WHO WHAT

• Increase Dashboard proficiency • Operators, administrators • Presentations / demos
• Learn operational best practices • Networking fundamentals • Labs / review

WHEN WHERE HOW

• 7-hour course • Virtual format (WebEx) • Configuring real devices
• Self-paced lab activities • Dashboard (web browser) • Knowledge checks
Agenda
Sections breakdown
PRODUCTS &
FEATURES
OPEN LAB TIME
Topics: Hardware, Features
Demo: Operator Tools, Open lab time to finish up
Workflows previous labs or explore
Lab 2: Adv. Features, new lab features.
Networking
9 AM 1 PM 4 PM

INTRO 11 AM 3 PM
CLOUD & OPERATING &
DASHBOARD TROUBLESHOOTING
Topics: Cloud, Topics: Best Practices,
Architecture, Support
Administration, Licensing Demo: Local Status,
Demo: Navigation, Troubleshoot Tools, Logs
Deployment Lab 3: Reconfiguration,
Lab 1: Configuration Inspection, Resolution

*All times listed are in PST (UTC -8)

Agenda
Knowledge checks

KNOWLEDGE CHECK KNOWLEDGE CHECK

? ?
9 AM 1 PM 4 PM

INTRO 11 AM 3 PM

?
KNOWLEDGE CHECK

*All times listed are in PST (UTC -8)

 SECTION 1
Cloud & Dashboard
Single Pane of Glass Management

MR MX MS SM EM MV MI MG
Wireless Security Appliances Switches Systems Manager Smart Cameras Insight Cellular Gateway
The Power of the Stack

Scalability
Deploy and grow networks at branch locations or large campuses easily and rapidly.

Management
Manage and monitor those networks with robust analytics from a single pane of glass.

Licensing
M Reduce administrative overhead with simple all-inclusive licensing models and tools.
Cisco Meraki Devices & the Cloud 3
Dashboard
A highly effective out of band control plane

Step 1: Deploy
Cisco Meraki appliances and devices are deployed in your campus
or remote branches.
user/data management
traffic traffic
Step 2: Connect 2

Devices automatically connect via SSL to the Meraki cloud,

registers to the proper network, and download their
configurations.

1
Step 3: Manage
Centralized Dashboard provides visibility, diagnostic tools, and
management of the entire network.
Meraki devices
Benefits of a Cloud-Based Solution
Common questions about the architecture

Security
Does my network traffic flow through the Cisco
Meraki cloud infrastructure?

Reliability
What happens if the devices can’t access the Cisco
Meraki cloud?

Future Proof
How do firmware upgrades work? How often do I get
new features?
Dashboard Organizational Structure

Dashboard Account

Licensing Organization
Inventory

Site A Site B

Networks All Devices (Combined) MX + MS MR MV Networks

Dashboard Account: associated with an e-mail address, used to log in to Dashboard

Organization: contain licenses and inventory of a single organizational entity (i.e. a company)

Networks: contain devices, their configurations, statistics, and any client-device info
Dashboard Organizational Structure

Dashboard Account

Licensing Organization
Inventory

Site A Site B

Networks All Devices (Combined) MX + MS MR MV Networks

IT Admin Facility

Tags: Used to organize and for management purposes (partitioning, grouping), assigning
role-base access, and may be combined to be used to generate custom Summary Reports
Licensing
Licensing is required for all Meraki solution deployments

Licensing represents the total cost of ownership:

• Centralized management and network-wide

visibility and control

• Seamless firmware and security updates

• 24/7 Enterprise Support and lifetime warranty

hardware 1:1 ratio license

Meraki supports two types of licensing models:

co-termination licensing (co-term) and per-device licensing (PDL)
Co-termination Case Study
January July March

2x

30 days

PURCHASE INSTALL EXPAND REPLACE RENEW GRACE PERIOD

Total Time Remaining -30 days

Device Count 40
Per-device Case Study

Organization

Network A Network B Network C

Jan 01, 2021

Feb 01, 2021

Jan 01, 2024

2025

Expiration Date: Jan 01, 2021 Expiration Date: Feb 01, 2021 Expiration Date: (different)

Renewal: (add 1 year to AP)

Co-term vs PDL

Co-termination Per-device
Licensing Licensing

Where is licensing enforced? Org-wide Per-device

How many expiration dates? 1 1 or many

Is the 30-day grace period still in effect? Yes Yes

What happens when a device exceeds the grace period? Org shutdown Device shutdown

When do license keys begin to burn (count-down)? Order generated Delayed up to 90 days

What are the available license durations? 1, 3, 5, 7, 10 years 1 day, 1, 3, 5, 7, 10 years

Is it possible to migrate the license between orgs? Only by Meraki Support Yes

Can I purchase all available add-on licenses? No Yes

Tier Licenses
Higher license tiers include all lower tier features

Secure SD-WAN Plus

MI Advanced analytics,
ML optimization, Segmentation

Advanced Advanced Security Advanced

Adaptive Policy Fully featured unified threat Adaptive Policy
Extended routing table management Umbrella DNS Security

Enterprise Enterprise Enterprise

Essential NGFW features
Switching Features Wireless Features
Essential SD-WAN features

MS MX MR
Dashboard Demo #1
Dashboard
• How to access
• How to navigate
• How to operate
• How to get help

Key Takeaways
✓ Administration & permissions
✓ Navigation tabs & menus
✓ Dashboard interface tips
✓ Built-in tools & self-help

A Common Workflow
1. Creating a network
2. Claiming devices
3. Applying licenses
4. Building configurations
Section 1 Review

Training Objectives Lab Learnings

• Meraki cloud architecture (out-of-band • Basic initial device setup

control plane)
• Typical network needs (DHCP, VLANs,
• Dashboard structure (organizations, and switch port settings)
networks)
• Multiple WLAN SSIDs
• Co-termination and per-device licensing
• Dashboard tools for operators
• Deployment workflow
 SECTION 2
Products & Administration
MX Security and SD-WAN
FEATURE HIGHLIGHTS
Secure SD-WAN Plus License

Identity-based firewall
High-availability and failover
SD-WAN and Auto VPN

Content filtering and geo-location rules

Intrusion detection/prevention
Advanced malware protection

VPN segmentation / exclusion

End-user experience monitoring (MI)

NGFW, unified threat management and SD-WAN solution with advanced user experience analytics
Various models scaling from teleworker and small branch to campus and datacenter
MI End-User Experience Monitoring

FEATURE HIGHLIGHTS

Web App Health

End-to-end visibility into SaaS applications

WAN Health
Holistic view of WAN link performance

VoIP Health
End-to-end visibility into VoIP services

Offers data for external and internal factors including LAN, WAN, ISPs, cloud applications and VoIP services.
Leverage existing MX appliances as collectors (with either MX Secure SD-WAN Plus license or a separate Meraki Insight license)
MG Cellular Gateway

FEATURE HIGHLIGHTS

300 Mbps CAT 6 LTE integrated modem

2 separate gateway connections

Compact form factor

Nano SIM card slot

High performance antennas

PoE or DC powered

IP67 rating

Unlock wireless WAN connectivity via cellular as a primary or backup uplink

Pair with any router and obtain optimal cellular signal strength with various antennas and mounting options
MS Switches
FEATURE HIGHLIGHTS
Advanced License

Voice and video QoS

Layer 7 app visibility
Virtual and physical stacking
Multigigabit performance
Dynamic routing
Enterprise security
Remote packet capture, cable testing

Adaptive Policy

Various models scaling from access to campus aggregation deployments

Wide range of power options (UPoE, StackPower)
MR Wireless Access Points
FEATURE HIGHLIGHTS
Advanced License

BYOD and guest access policies

Application traffic shaping
Enterprise security
WIDS / WIPS
Location analytics
Wireless Health

Umbrella DNS security

Adaptive Policy

Variety of models that cater to indoor / outdoor, high performance, and value-priced
802.11ac and WiFi 6 models, multigigabit performance, with dedicated scanning and BLE radios
Systems Manager Endpoint Management

FEATURE HIGHLIGHTS

Device security and location

Network settings deployment

Mobile and desktop troubleshooting

Easy and rapid provisioning

Backpack file sharing

Software inventory and app deployment

MDM-less onboarding with Trusted Access

Multi-platform mobile and desktop support: macOS, iOS, Apple TV, Windows, Android, & Chrome OS
Cloud-based: no on-site appliances or software, works with any vendor’s network
MV Security Cameras

FEATURE HIGHLIGHTS

Edge architecture with optimized retention

End-to-end encryption
Customizable video wall layouts
Retroactive motion event searching
Granular role-based access control
Audio recording
Cloud archive - optional
MV Sense - optional

Different indoor and outdoor models with narrow, wide, or fisheye field of vision
Integrated high-endurance SSD, 802.11ac WiFi, IR illumination, and industry-leading onboard processor
Dashboard Demo #2
Dashboard
• How to oversee
• How to upgrade
• How to scale/automate

Key Takeaways
✓ Tools that grant visibility
✓ Firmware upgrades
✓ Templates

A Common Workflow
1. Security
2. Switching
3. Wireless
4. Physical Security
5. Device Management
6. New/Beta Features
Section 2 Review

Training objectives Lab learnings

• Meraki portfolio (key product features) • Enabling network security (MX, MR)

• Dashboard visibility tools and UI
elements (Topology)
• Operating at scale and automation
(Templates)
• Securing guest Wi-Fi and limiting access
• Configuring routing (MS)
• Building VPN across sites (Auto VPN)

• Managing firmware
 SECTION 3
Operation & Troubleshooting
Operation & Troubleshooting with Meraki

Live tools
Easy remote access to network tools

Dashboard Intelligence
Network Contextual analysis of available network data
Operator in the right place, at the right time
Network
Operator

Machine Learning
Proactive response to changing conditions
Dashboard Sync and Real-Time Tools
Configuration updates Live tools
Saved immediately in Dashboard, but physical devices Commands in real-time: ping, traceroute, DNS test, port
may take a few moments to download those changes status, DHCP leases, cycle ports*, and more

Changes to Sync Real-time

Commands
Configuration (1-2 minutes)

*Be patient after you have cycled a port; the powered device
needs time to reboot and reconnect to Dashboard (3-5 minutes)
Monitoring and Troubleshooting Tools

Alerting + Topology Packet Capture Event + Change Log

Time (GMT) Event

Jan 5 9:18:22 Port STP change
Jan 5 9:18:22 Port status change
Jan 5 16:44:51 802.11 disassociation
Jan 5 16:44:50 AP channel change
… …
Meraki Health

Client Performance
Gauge performance for each wireless client

Client Health
Historic connectivity and health timelines

Access Point Performance

Gauge performance of an individual AP

Wireless Health
Historic holistic wireless deployment health

End-to-end network deployment, monitoring, troubleshooting and assurance for efficiency

Contextual visibility to proactively resolve issues, and reduce troubleshooting from hours to minutes
WAN Performance
VPN Status Uplink performance
Real-time status of AutoVPN tunnels Real-time uplink monitoring:
SD-WAN decisions monitoring Latency, jitter, loss and MoS score
Integration Into Existing Systems

Logging
SNMP Platform
TRAP

SYSLO
G
KML

RADIUS Cisco ISE

& DNA-C
API
HTML

NETFLOW
Analytics
Engine
Application Program Interfaces (APIs)

Dashboard Location Scanning Captive Portal

Deploy, Build, & Engage using the Meraki Platform: https://developer.cisco.com/meraki

Working with Meraki support

Phone support at Meraki support centers 24 x 7 telephone & e-mail support

are always staffed for timely, one-on-one technical assistance centers based in
case management San Francisco, Sydney, Shanghai, London, and Chicago

Online support cases opened via email or

Dashboard allows Meraki support to
quickly locate and solve issues

On-going cases can be managed,

updated, or audited directly in the
Dashboard (Help > Cases)
Dashboard Demo #3
Dashboard
• Where to start
• What to look for
• What tools exist

Key Takeaways
✓ Local Status Page
✓ Physical & UI elements that
help and what they mean
✓ Tools, logs, and reports

A Common Workflow
1. Waiting for sync
2. Rebooting as necessary
3. Proper troubleshooting
progression
Section 3 Review

Training Objectives Lab Learnings

• Dashboard/cloud sync (configuration • Wireless reconfiguration and fine-tuning

updates)
• IP/VLAN reassignment
• Real-time diagnostic and local
troubleshooting • Packet capture inspection

• Where to look and what to look for (logs) • Troubleshooting offline, unreachable,
and restricted traffic flow of devices
• Engaging Meraki Support (Help, Cases)
THANK YOU