Monday, May 13, 2013

Meraki, a Cisco Company

Meraki MR12 AP

While researching access points I stumbled across an interesting company: Meraki. Now a Cisco subsidiary, they provide hardware which is completely cloud-controlled. Once configured from their management page (which is in the cloud, NOT local on the device), the device connects to the cloud and pulls its configuration. While this sounds like an interesting concept, I immediately thought of the a very critical list of cons.




  • Some clients don't have a reliable internet connection, or need wifi for local-only access.
  • If the internet connection goes down, no changes can be made to configuration
  • The AP requires an internet connection on an untagged vlan. This poses a problem for "trunk" ports that have only tagged vlans
  • The AP's do not hold their config through a reboot
  • There is no backup web interface locally on the device
  • Cost of license per year...ouch!

However after testing the hardware, there are quite a few pros:

  • Very solid, seemingly reliable hardware
  • POE, Gigabit, and a pass-through 10/100 port
  • 1 Watt of Tx power
  • Multiple SSIDs
  • Global management
  • An interface that is separate from the device
  • No firmware updates required to introduce new UI features

I was intrigued by the possibilities of their hardware, and it just so happens that Meraki was offering up a free AP for attending one of their webinars. After listening to a sales pitch for around an hour and asking for a few questions, my AP was on its way. It should be noted that this is not intended for individuals, but for companies or prospective customers of Meraki (as such, you need a company email address with your own domain name).

Meraki MR12 802.11n 2.4 GHz AP
First impressions out of the box were nice: clean, thought-out physical characteristics. Well packaged without a lot of extra useless fluff. Setting it up, however, was not so nice. Here's a summary of what I found:


  1. The link provided to register my device did not work. After entering my registration information, the website simply refused to submit the form. This didn't sit well with me and required a contact to my sales rep and support to remedy it.
  2. My license number was never emailed or mailed to me. I had to request it form my sales rep. This may have been a simple oversight, but I was dead in the water until they opened at 8am the following day.
  3. An untagged VLAN is required at all times for the device to function. This doesn't really work for me since I like to connect my AP's to a trunk line with only Tagged VLANs (management, private, public, voip, etc)
  4. After some switch configuration and tweaking of my VLANs, the device came online, but did not pull its configuration. Even after a reboot, my SSID's were still showing "Meraki Setup" which did nothing when connected. I had to manually reset the configuration from the web interface.
  5. Poor initial throughput. Without doing any complex tests, a single radio device connected on 802.11n saw a max of ~30 mbps with encryption and ~40 mbps without. Compared to my simple Linksys DIR-655, I obtained ~40 mbps with encryption and ~50 mbps without. I'm not %100 sure if I disabled all of the traffic shaping and QOS rules on the AP, but connected via gigabit with a 300 mbps internet connection should yield slightly better results. I do have to say that 1 Watt of Tx power was very nice, reaching nearly twice as far as the DIR-655 indoors (metal framing, lots of walls).
  6. The guest portal was very nifty, and blocked all access until the portal was completed. No gripes here. Everything worked just as expected
  7. The web interface is....interesting. Meraki has taken most of the standard web interfaces for AP's and thrown it out the window completely. It was irritating setting up one AP, but I could see it being very useful for more than 10 AP's. The monitoring and rollout options built in are fantastic. I'm not going to go in-depth here, but I would go watch one of their recorded webinars if you're interested.

    Meraki's SSID control page. These SSID's are global per organization, not per AP which makes a large rollout easy

  8. My last point of review is the price; ouch! At $399 for the AP alone, licensing is $150 per year per AP. This means that a fleet of 10 AP's is going to run you $5,490. This is pretty steep, even for enterprise-class products, and there is the looming fact that after one year you have nearly $4k of hardware that is completely useless unless you renew your license.
Verdict: Meh. 

I think Meraki could do something fantastic with their platform, but so far it's very flashy on in the interface but unpolished in application. I was underwhelmed by the complexity of getting a single AP working properly, and for a network that already functions adding Meraki hardware could be a deal breaker. Meraki's offerings could be useful, albeit overpriced, for a large rollout or outsourced IT company. After browsing some competitors solutions, I think Meraki has something to learn and some adjustments to make. Here are some sample images from the interface, although again I'd highly recommend watching a webminar for an idea of how powerful the software is.

Again, here you can see how having 10+ devices is made incredibly simple. Each registered AP is visible along with what channel its on (2.4 and 5 GHz) and if it can see its neighbors. Meraki also allows behind-the-scenes mesh networking which is interesting (but I wish it wasn't so behind-the-scenes)

Firewall rules and traffic shaping. Seemingly very powerful, but I have to wonder how well this would work with a few dozen clients connected. I've also had problems in the past with simple rule-based traffic shaping like this slow down your overall high-end throughput.


No comments:

Post a Comment