MX Series Datasheet
MX
Cloud-Managed
Security and SD-WAN
Overview
The Cisco Meraki MX are multifunctional security & SD-WAN enterprise appliances with a wide set of capabilities to address multiple use cases–from an all-in-one device. Organizations of all sizes and across all industries rely on the MX to deliver secure connectivity to hub locations or multi-cloud environments, as well as application quality of experience (QoE), through advanced analytics with machine learning.
The MX is 100% cloud-managed, so installation and remote management is truly zero touch, making it ideal for distributed branches, campuses, and data center locations. Natively integrated with a comprehensive suite of secure network and assurance capabilities, the MX eliminates the need for multiple appliances. These capabilities include application-based firewalling, content filtering, web search filtering, SNORT®-based intrusion detection and prevention, Cisco Advanced Malware Protection (AMP), site-to-site Auto VPN, client VPN, WAN and cellular failover, dynamic path selection, web application health, VoIP health, and more. SD-WAN can be easily be extended to deliver optimized access to resources in public cloud environments with virtual MX appliances (vMX). Public clouds supported with vMX include Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and Alibaba Cloud.
Advanced quality of experience (QoE) analytics
•End-to-end health of web applications at-a-glance across the LAN, WAN, and application server
•Machine-learned smart application thresholds autonomously applied to identify true anomalies based on past
behavioral patterns
•Monitor the health of all MX WAN links, including cellular, across your entire organization at-a-glance
•Detailed hop-by-hop VoIP performance analysis across all uplinks
Feature-rich unified threat management (UTM) capabilities
•Application-aware traffic control: bandwidth policies for Layer 7 application types (e.g., block YouTube, prioritize Skype,
throttle BitTorrent)
•Content filtering: CIPA-compliant content filter, safe-search enforcement (Google/Bing), and YouTube for Schools
•Intrusion prevention: PCI-compliant IPS sensor using industry-leading SNORT® signature database from Cisco
•Advanced Malware Protection: file reputation-based protection engine powered by Cisco AMP
•Identity-based security policies and application management
meraki.com
Branch gateway services
•Built-in DHCP, NAT, QoS, and VLAN management services
•Web caching: accelerates frequently accessed content
•Load balancing: combines multiple WAN links into a single high-speed interface, with policies for QoS, traffic shaping, and failover
•Smart connection monitoring: automatic detection of layer
2 and layer 3 outages and fast failover, including option of integrated LTE Advanced or 3G/4G modems
Industry-leading cloud management
•Unified firewall, switching, wireless LAN, and mobile device management through an intuitive web-based dashboard
•Template-based settings scale easily from small deployments to tens of thousands of devices
•Role-based administration, configurable email alerts for a variety of important events, and easily auditable change logs
•Summary reports with user, device, and application usage details archived in the cloud
meraki.com
MX Series Datasheet
Intelligent site-to-site VPN with
Meraki SD-WAN
•Auto VPN: automatic VPN route generation using IKE/IPsec setup. Runs on physical MX appliances and as a virtual instance within the Amazon AWS or Microsoft Azure
cloud services
•SD-WAN with active / active VPN, policy-based-routing, dynamic VPN path selection, and support for application-layer performance profiles to ensure prioritization of the applications types that matter
•Interoperates with all IPsec VPN devices and services
•Automated MPLS to VPN failover within seconds of a connection failure
•Client VPN: L2TP IPsec support for native Windows, Mac OS X, iPad and Android clients with no per-user licensing fees
Inside the Meraki MX
MX450 shown, features vary by model
Redundant Power
Reliable, energy efficient design with field replaceable power supplies
Cryptographic Acceleration
Reduced load with hardware crypto assist
MX Series Datasheet
Modular Fans
High-performance front- to-back cooling with field replaceable fans
Additional Memory
For high-performance content filtering
Enhanced CPU
Layer 3-7 firewall and traffic shaping
Front of the Cisco Meraki MX
MX450 shown, features vary by model
Multicolor Status LED
Monitor device status
3G/4G Modem Support |
Dual 10G WAN Interfaces |
1G/10G Ethernet/SFP+ Interfaces |
Automatic cellular failover |
Load balancing and SD-WAN |
10G SFP+ interfaces for high-speed |
|
|
LAN connectivity |
Management Interface
Local device access
meraki.com
MX Series Datasheet
Secure Cisco SD-WAN powered by Meraki
Secure Cisco SD-WAN powered by Meraki is delivered by the MX appliances. SD-WAN powered by Meraki has helped thousands of organizations rapidly save costs by reducing their dependence on MPLS without compromising on performance. As enterprises continue to shift from hub-centric architectures interconnected with VPN to ones that leverage public Internet connectivity, SD-WAN powered by Meraki delivers advanced analytics with ML to monitor and optimize quality of experience (QoE) for applications, regardless of where they might be hosted.
Transport independence
Leverage more than one uplink of any type with automatic failover–MPLS, broadband, fiber, or cellular.
Advanced analytics
Coming soon: at-a-glance health of web applications with ML thresholds, VoIP, and WAN with predictive analytics.
Native security |
SaaS quality of experience |
Integrated with next-gen firewall, content filtering, and Advanced |
Manual and performance-based path selection using |
Malware Protection (AMP) and IDS/IPS informed by Cisco Talos. |
advanced analytics. |
meraki.com
MX Series Datasheet
Ironclad security
The MX platform has an extensive suite of security features, including IDS/IPS, content filtering, web search filtering, anti-malware, geo-IP-based firewalling, IPsec VPN connectivity, and Cisco Advanced Malware Protection, while providing the performance required for modern, bandwidth-intensive networks.
Layer 7 fingerprinting technology lets administrators identify unwanted content and applications, and prevents recreational apps like
BitTorrent from wasting precious bandwidth.
The integrated Cisco SNORT® engine delivers superior intrusion prevention coverage, a key requirement for PCI 3.2 compliance. The MX also uses the Webroot BrightCloud® URL categorization database for CIPA/IWF-compliant content filtering, Cisco Advanced Malware
Protection (AMP) engine for anti-malware, AMP Threat Grid Cloud, and MaxMind for geo-IP-based security rules.
Best of all, these industry-leading Layer 7 security engines and signatures are always kept up-to-date via the cloud, simplifying network security management and providing peace of mind to
IT administrators.
Organization-Level Threat Assessment with Meraki Security Center
Identity-Based Policy Management |
Cisco Threat Grid Cloud for Malicious File Sandboxing |
meraki.com
MX Series Datasheet
Cloud-managed architecture
Built on Cisco Meraki’s award-winning cloud architecture, the MX is the industry’s only 100% cloud-managed solution for unified threat management (UTM) and SD-WAN in a single appliance. MX appliances self-provision, automatically pulling policies and configuration settings from the cloud. Powerful remote-management tools provide network-wide visibility and control, and enable administration without the need for on-site networking expertise.
Cloud services deliver seamless firmware and security signature updates, automatically establish site-to-site VPN tunnels, and provide 24x7 network monitoring. Moreover, the MX’s intuitive browser-based management interface removes the need for expensive and timeconsuming training.
For customers moving IT services to a public cloud service, Meraki offers a virtual MX for use in Amazon Web Services and Microsoft Azure, enabling Auto VPN peering and SD-WAN for dynamic path selection.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Cisco Meraki Cloud Management Architecture |
|
End-to-End Network Visibility and Troubleshooting |
Integrated 802.11ac Wave 2 Wireless
The MX67W, MX68W, and MX68CW integrate Cisco Meraki’s award-winning wireless technology with the powerful MX network security features in a compact form factor ideal for branch offices or small enterprises.
•Dual-band 802.11n/ac Wave 2, 2x2 MU-MIMO with 2 spatial streams
•Unified management of network security and wireless
• Integrated enterprise security and guest access |
MX68CW Security & SD-WAN Appliance |
meraki.com