Cisco MX100 data sheet
MX Cloud Managed Security Appliance Series
Overview
Datasheet | MX
Cisco Meraki MX Security Appliances are ideal for organizations with large numbers of distributed sites. Since the MX is 100% cloud managed, installation and remote management is simple. The MX has a comprehensive suite of network services, eliminating the need for multiple
appliances. These services include Layer 7 application firewall, content filtering, web search filtering, SNORT® based intrusion prevention, web
caching, Intelligent WAN with multiple uplinks and 4G failover.
FEATURERICH UNIFIED THREAT MANAGEMENT
UTM CAPABILITIES
• Application-aware trac control: set bandwidth policies based on
Layer 7 application type (e.g., YouTube, Skype, P2P).
• Content filtering: CIPA-compliant content filter, safe-seach enforcement
(Google/Bing), and YouTube for Schools.
• Intrusion prevention: PCI-compliant IPS sensor using industry-leading
SNORT® signature database from Cisco Sourcefire.
• Anti-virus and anti-phishing: flow-based protection engine powered
by Kaspersky.
• Identity-based security policies and application management.
INDUSTRYLEADING CLOUD MANAGEMENT
INTELLIGENT SITETOSITE VPN WITH CISCO IWAN
J
• Auto VPN: automatic vpn route generation, IKE/IPsec setup and
key exchange via Cisco Meraki’s secure cloud.
• Intelligent WAN with active / active VPN, policy-based-routing, and
dynamic VPN path selection.
• Interoperates with standards-based IPsec VPNs.
• Automated MPLS to VPN failover.
• Client VPN: L2TP IPsec support for native Windows, Mac OS X,
iPad and Android clients with no per-user licensing fees.
BRANCH GATEWAY SERVICES
• Unified firewall, switching, wireless LAN, and mobile device management through an intuitive web-based dashboard.
• Template based settings scale easily from small deployments to
tens of thousands of devices.
• Role-based administration, configurable email alerts for a variety of
important events, and easily auditable change logs.
• Summary reports with user, device, and application usage
details archived in the cloud.
• Built-in DHCP, NAT, QoS, and VLAN management services.
• Web caching: accelerates frequently accessed content.
• Load balancing: combines multiple WAN links into a single highspeed interface, with policies for QoS, trac shaping, and failover.
• Smart connection monitoring: automatic detection of layer 2 and
layer 3 outages and fast failover, including 3G/4G USB modems.
INSIDE THE CISCO MERAKI MX
MX400 shown, features vary by model
Redundant Power
Reliable, energy
ecient design
Web Caching
1TB SATA disk
Multiple Uplink Ports
Link bonding/failover
3G/4G Modem Support
Automatic wireless failover
Cloud Managed Architecture
Built on Cisco Meraki’s award-winning cloud-managed architecture,
the MX is the industry’s only 100% cloud-managed Unified Threat
Management appliance. MX appliances self-provision, automatically
pulling policies and configuration settings from the cloud. Powerful
remote management tools provide network-wide visibility and
control, and enable administration without the need for on-site
networking expertise.
Cloud services deliver seamless firmware and security signature
updates, automatically establish site-to-site VPN tunnels, and
provide 24x7 network monitoring. Moreover, the MX’s intuitive
browser-based management interface removes the need for
expensive and time-consuming training.
Enhanced CPU
Layer 3-7 firewall
and trac shaping
Additional Memory
For content filtering
10Gb Ethernet/SFP+ Ports
For switch connectivity
Ironclad Security
The MX platform has an extensive suite of security features including
IPS, content filtering, web search filtering, anti-virus / anti-phishing,
geo-IP based firewalling and IPsec VPN connectivity, while providing
the performance required for modern, bandwidth-intensive networks.
Layer 7 fingerprinting technology lets administrators identify
unwanted content and applications and prevent recreational apps
like BitTorrent from wasting precious bandwidth.
The integrated Sourcefire SNORT® engine delivers superior intrusion
prevention coverage, a key requirement for PCI 3.0 compliance. The
MX also uses the Webroot BrightCloud® URL categorization database
for CIPA / IWF compliant content-filtering, Kaspersky Safestream II®
engine for anti-virus / anti-phishing, and MaxMind for geo-IP based
security rules.
Best of all, these industry-leading Layer 7 security engines and
signatures are always kept up-to-date via the cloud, simplifying
network security management and providing peace of mind to
IT administrators.
Organization Level Threat AssessmentCisco Meraki Cloud Management Architecture
2
Cisco Systems, Inc. | 50 0 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Auto Configuring Site-to-Site VPN
Next Gen Application Firewall and Trac Visibility
Identity Based Policy Management
End-to-End Network Visibility and Troubleshooting
Intelligent WAN Made Simple
Transport independence
Dual WAN ports with load balancing and failover enable the use of MPLS and redundant, commodity Internet connections, providing additional bandwidth and higher reliability.
3G / 4G failover
The Cisco Meraki MX supports 3G/4G service providers globally for WAN connection failover. Web caching temporarily stores video, media,
and web documents, lowering bandwidth usage and accelerating the download speed of Internet content.
Application optimization
Layer 7 trac shaping, application prioritization optimize the trac for mission-critical applications and user experience.
Intelligent path control
Use dynamic VPN path selection to choose the best VPN uplink based on packet loss, latency, and jitter. Define policies for sending the right
trac through the appropriate path (e.g., send voice via MPLS, http via VPN over broadband).
Secure connectivity
Cisco Meraki’s unique auto provisioning site-to-site VPN (Auto VPN) connects branches securely with unmatched simplicity. MX Security
Appliances automatically learn VPN parameters needed to establish and maintain VPN sessions using a 128-bit AES encryption. A unique
cloud-enabled discovery mechanism enables automatic interconnection of VPN peers and routes across the WAN, and keeps them updated
in dynamic IP environments.
3
Cisco Systems, Inc. | 50 0 Terry A. Francois Blvd, San Francisco, CA 94158 | (415) 432-1000 | sales@meraki.com
Loading...