If you are considering deploying Meraki switches and routers in your company and are unsure of the advantages and disadvantages of this technology, then you may find our experience with Meraki switches, routers and APs useful, specifically how we have handled their deployment for several of our customers.
Building a LAN at a new site for 1,000+ users
- Honza, IT technician team manager, CCNP (long expired)We were involved in this project as the IT manager of a site where Meraki was already implemented, we were not involved in the technology selection or design preparation. Meraki was selected by the customer - a large international company with tens of thousands of employees and offices in many countries - as the new standard LAN solution. Prior to this implementation, the customer had experience with Meraki switches only in smaller branch offices.
Our customer in this case is a large international company that has agreed its own prices for Meraki equipment directly with the manufacturer, so I cannot be specific. The only unpleasant surprise was the price of the SFP modules. In the past, we have used non-original SFP modules for Cisco Catalyst switches at a very reasonable price. For Meraki, we need to use only original SFP modules and when only half of the ports in the 32-port core switches are equipped with 10 GB single-mode modules, their price exceeded the price of the switch itself several times over. This forced us to consider very carefully where a 1 GB module or cheaper multi mode fiber optic cables and modules would suffice.
Before the project there was partial scepticism about the new approach, where not only users in offices but also end devices in production - hundreds of computers, printers and scanners - were to be connected exclusively via WiFi. The company was not experienced with this approach and there were concerns about the quality of connecting hundreds of end devices to the network only over WiFi. These concerns proved to be false. The flexibility that WiFi connectivity gives is a huge benefit of the new solution. More than one hundred and fifty WiFi access points have been in operation for many months without a single hardware fault or the need for a complaint.
On the other hand, the biggest problem turned out to be the functionality of the 'core layer' of the network, four switches located in two server rooms and logically connected in one stack. Even after repeated configuration and cabling checks, firmware downgrades and upgrades, as well as topology changes recommended by vendor, and despite the full use of Meraki support, including their on-site presence, it was not possible to ensure the correct functionality of the solution. In the event of one of the switches failing, CPU overload repeatedly occurred in the switches, the network stopped working and repeated reboots were required to resolve the situation. According to Meraki, this is a software bug that should be resolved in future firmware releases. Ultimately, the temporary solution is to significantly limit 'High Availability' for the on-site network by reducing the number of elements redundantly plugged into the 'core' layer of the network and relying on manual intervention in the event of failures of certain network elements. Because a customer in such an important location does not want to and cannot wait to see if new firmware releases will solve their problem sometime in the future, they are preparing a new design and will likely replace the Meraki 'core' switches with a different technology.
Compared to this problem, the other experience is rather minor. As someone who has experience managing Cisco devices via the console and immediately logging every change, we found managing and configuring via the Meraki cloud dashboard with its many-minute delay to be a huge step backwards.
Experience with Meraki routers
- Karel, IT manager, CCNP (long expired)One of our customers has been using Meraki routers (mostly MX64 and MX65) for a long time to connect his more than 80 branches around the world and is extremely satisfied with them. The devices are already shipped to the individual branches from the supplier with a pre-prepared configuration and immediately after connecting to the internet they connect themselves to the cloud console and download the pre-prepared configuration. The huge advantage of this solution is that the installation can be handled by virtually anyone with minimal IT knowledge and the device is essentially plug & play for local support. In terms of actual operation these devices are very reliable with minimal failure rates and long life. The configuration is mostly simple, which works out mainly in use for medium sized offices. These routers are capable of having multiple internet connections and seamlessly routing traffic between each link, however this feature is unused by our customer due to the additional licensing costs (yes, it's Cisco and you have to pay extra for each extra feature). But failover between links can be done without the extra license and is indeed fast and almost unnoticeable to the average user.
Our customer is so satisfied with this solution that he is considering replacing the entire infrastructure with Meraki elements and wants to unify the network hardware used. The first implementations are planned for the beginning of next year, so I will certainly share with you the first experiences in deploying Meraki for a medium-sized office.
Experience with Meraki administration
- Vlado, Network EngineerI have personal experience with Meraki management at a customer who deployed Meraki at all levels as part of a network hardware consolidation, namely access layer switches, wireless access poitns, aggregation optical switches, routers, as well as cameras and temperature and humidity sensors to monitor server room conditions. An indisputable advantage is the possibility of remote management via the dashboard and also the support of troubleshooting tools directly via a web browser (e.g. packet capture at the access point level, ping, traceroute). Adding new devices to the network (or renewing the network within a branch office) is a task that can be handled very quickly. I also consider the directly integrated support for automatic tunneling between branches where Meraki routers are deployed to be a huge advantage. Encrypted interconnection of branches is thus a matter of a few clicks in a web browser.
On the other hand, deploying Meraki requires a careful analysis of the individual features to be enabled. For example, what security rules are required. Meraki supports L4 and L7 rules, which can also be configured at multiple levels (routers, access points), but in some settings it is not possible to specify the details. Misunderstanding and misconfiguring individual features can lead to frustration for administrators who have experience with other Cisco platforms that can be configured in minute detail via the terminal. Therefore, it is important to set up the features correctly so that all parties are satisfied and there is no misunderstanding.