Firewall and Traffic Sharing with Cisco Meraki

We return to our transcript of the 2015 Gearing Up for E-Rate Funding Changes held by Cisco Meraki. This section of the webinar covers the firewall and traffic sharing features of Cisco Meraki.

From here, I want to go ahead and show you a few more features. We’re talking about the fact that, let’s say, a particular user is abusing Facebook. I can come over here to wireless configure, and click on firewall and traffic shaping settings. And on this page, set Layer 3 and Layer 7 firewall rules, as well as traffic shaping rules. This is a point where, let’s say, you want to segment users from your LAN. Well, I can simply do that by denying access the local LAN. This might be a setting you use for guests. In fact, if I actually change this to our guest network, you’ll see that we’ve already denied guests’ access to our local LAN. And this is exactly what you would need to do in order to have those segmented SSIDs.

Now, once I have chosen the SSID I want, I can also set Layer 7 firewall rules. Let’s say, in a school situation, I want to completely deny all peer-to-peer traffic. We have already identified and fingerprinted those applications for you. You simply need to pull it and select it from this drop-down menu, and it will automatically deny all peer-to-peer. You can set as many different layer 7 firewall rules as you need.

I can also come down here and say I’d like to shape traffic on this SSID. So, I don’t necessarily want to deny all traffic, but I want to limit how much bandwidth is being used for certain applications. Again, you can add as many different rules as you need. I simply come down here and say, “add a rule.” Now, let’s say I want to choose social web and photo sharing. I can specifically select things like Facebook and Instagram and Twitter. Limiting that bandwidth is as simple as just sliding this bar down. Now I’ve limited how much bandwidth these particular applications can use on your network. I can also add another Layer 7 traffic shaping rule, and choose to prioritize different aspects. For VoIP and video conferencing, for example, I can say, “all VoIP and video conferencing” and choose to ignore any SSID limits. This will very easily prioritize that traffic. So, a lot of different features and functionality here.

One other thing I do want to note is that while we have fingerprinted a lot of these different applications for you, if there is something that we have not fingerprinted that you want, you can simply enter that in yourself.

One thing I also do want to point out on this page, and you’ll see it on many other pages, is that “I wish this page would” box down here. This is the wish box that I was mentioning during the slide portion of the webinar today. All you need to do is simply click in here and you can enter any wish that you might have. These wishes go directly to our engineers. They take them into consideration when they’re developing new features. Often, those wishes give them ideas for new features to develop that will specifically address any of the needs that you might have.

There are so many different features that I want to show you on here. I just don’t have time to cover all them, especially in this short webinar. But I do want to show you a couple other features. I’m going to show you your access control. You can choose different SSIDs and set how students and teachers and guests authenticate onto your network, whether it’s an open encryption with a splash page. You can also choose to have students authenticate using RADIUS or Active Directory. If you want them to access your network, let’s say, using RADIUS authentication, all you would need to do is come down here and choose WPA2 Enterprise, select either your own RADIUS server, or you can have Meraki authentication.

IT Professionals Receive a Free AP

Want to learn more about Cisco Meraki and the opportunity to receive a free Meraki access point? Sign up for our free webinar,that includes a live demo of the Meraki Dashboard and how it works.

* To be eligible for a free access point, participants must be an IT professional. Existing Meraki customers are not eligible. Limit of one free AP per company. For more details, click here.

Posted in Cisco Meraki, Firewall

Leave a Reply

Your email address will not be published. Required fields are marked *