A look inside: Meraki intrusion detection

With millions of packets flowing across the network every day, how do you spot potentially harmful traffic? Simple visibility of all traffic isn’t practical since the sheer volume is far beyond what a human could process. An intrusion detection tool, however, can identify malicious activity, categorize potential threats, facilitate reporting, and alert a network administrator when necessary.

Integrated Snort technology

The latest software update for the MX Security Appliances now includes IDS capabilities. We’ve taken Sourcefire’s Snort engine, the industry standard in network intrusion detection, and made it accessible to network administrators everywhere through the Meraki dashboard.

Snort IDS technology has been highly respected in the security community for nearly 15 years. It’s open source, so it’s continually tested, worked-on, and refined by a broad community of security professionals. Most importantly, in a world where new security threats emerge on a daily basis, the open nature of the platform means new threats are identified and added into the engine far more quickly than a handful of developers working in a closed proprietary system could hope to achieve.

Here’s a peek into how the MX’s IDS looks in the Meraki dashboard:

IDS timeline viewed by client

Intuitive, organization-wide reporting

When MXs receive their scheduled over-the-cloud upgrade over the next several weeks, network administrators will find a new reporting tool: Organization > Security report. Note this requires an Advanced Security license for the MX. This provides an intuitive GUI to the Snort engine, enabling organization-wide threat status to be established at a glance. Information is presented in real-time, with a configurable historical view that allows admins to quickly identify the regularity with which threats are being seen. Admins can search their organization by:

• Threat signature
• Network
• Client
• Source and/or destination IP

For large, distributed networks, the MX’s organization-wide reporting eliminates the need to log in to the security appliance at every site and check the IDS status at each. Potential security threats are ranked and summarized by severity, with details presented in a timeline, a pie chart, and in summary tables. For those digging for even more information, the complete list of events is also shown. The Snort Signature ID links to a detailed description, including suggested actions to remediate the threat. Intrusion Detection typically displays many false positives and negatives, so a detailed description helps the administrator to focus their energy on addressing the real threats as they emerge.

 

IDS event log

 
What was once only available to highly trained and expensive security experts can now be seen and analyzed with a few clicks of a mouse. Meraki’s IDS implementation is the latest example of how we’re revolutionizing the world of network administration and helping our customers achieve more with their precious IT resources.

You can learn more about Meraki’s Intrusion Detection and its role in our next-generation firewall here.

Meraki expands cloud managed networking portfolio with new hardware and enhanced security and management

Meraki, the leader in cloud-managed networking, announced today two new hardware products: the MX60W, a small branch security appliance with integrated WiFi, and the Z1, a wireless gateway for teleworker and remote enterprise users. These products complement Meraki’s large campus and branch offerings, adding flexibility in deployments suited to all-in-one solutions.

Meraki also announced a new software update for wired and wireless product families that adds Apple Bonjour Gateway support as well as enhanced security and network visibility.

All in one wireless, Ethernet, and security simplifies small branch and teleworker deployments

Since its introduction in early 2011, customers from Peet’s Coffee and Tea to Syracuse University have turned to Meraki’s MX series security appliances to secure and simplify their distributed networks. Today, Meraki adds the newest model to the MX family, the MX60W, which brings integrated 802.11n wireless connectivity to the MX platform in an affordable, compact, and easy to manage device. The MX60W is a complete access and security solution for small branches, providing enterprise wired and wireless connectivity, a next generation firewall, Auto VPN for one-touch creation of site-to-site virtual private networks, content filtering, and intrusion detection (IDS). With out-of-the-box PCI compliance, the MX60W is also ideally suited for retail stores adopting mobile point of sale or guest WiFi. The MX60W is available immediately for order through authorized resellers at a list price of $845.

For organizations looking to extend secure enterprise connectivity to employees’ homes, Meraki is introducing the Z1 Cloud Managed Teleworker Gateway. The Z1 integrates networking, security, and high speed wired and wireless access in a compact and silent design. Built in an entirely new form factor, the Z1’s capable hardware platform offers dual-band, dual-concurrent 802.11n WiFi with a 600 Mbps radio rate and four Gigabit Ethernet ports. Feature highlights include Auto VPN, 3G/4G failover, and robust identity-based access policies. Scalable cloud based management and zero-touch provisioning allow IT organizations to extend corporate access to remote users without adding staff or management complexity. The Z1 is available immediately for order through authorized resellers at a list price of $195.

New software brings Bonjour Gateway, new security and management features

Meraki also today announced new software for its wired and wireless product families, bringing dozens of new features and enhancement to new and existing customers. Highlights include:
Bonjour Gateway - Apple’s Bonjour zero-configuration service discovery protocol enables applications like AirPlay and AirPrint on local networks. As Apple devices proliferate, especially with the adoption of Bring Your Own Device (BYOD) policies, Bonjour can pose significant challenges for large-scale networks: administrators must often choose between an unmanageable flood of Bonjour devices on a large, flat network, or a segmented network that prevents desired Bonjour access. Meraki’s Bonjour Gateway technology provides administrators with a powerful tool to manage networks used by Apple devices, selectively bridging Bonjour traffic across network boundaries.

Network-Wide Intrusion Detection (IDS) - This latest software update to the MX Security Appliance adds IDS, enhancing administrators’ visibility and control of security threats in branch networks. The MX’s IDS engine is built upon Snort, the industry’s leading IDS / IPS solution featuring signature, protocol, and anomaly-based inspection. Centrally managed through Meraki’s cloud based dashboard, the MX provides an intuitive visualization of security threats, and is easy to administer even in highly distributed multi-site networks.
Enhanced Traffic Shaper with Fine Grained Layer 7 Application Visibility - In 2010, Meraki introduced the industry’s first cloud managed Layer 7 traffic shaper, and is now the leader in application visibility and control for the wired and wireless access layer. Today, Meraki is introducing a dramatically enhanced Traffic Shaper, providing more precise, finer-grained classification over thousands of applications. A completely re-architected classification engine dynamically identifies web-based applications on the fly, giving administrators enhanced visibility over network behavior.

“With the proliferation of BYOD and cloud applications throughout enterprise networks, administrators are looking to cloud management to streamline their architecture,” said Kiren Sekar, V.P. of Marketing at Meraki. “These latest software features and hardware platforms provide administrators with new tools to simplify their increasingly dynamic network environments.”

“The key value proposition of Meraki’s MX series is manageability and simplicity,” said Chris Day, C.E.O. of Fully Managed, a leading managed-service provider in Vancouver that uses the MX line with customers and a beta user of the MX60W. “Meraki’s solutions are so simple to deploy, we’ve saved around $200,000 per year in labor costs and countless hours in training time. The competing products have a laundry list of features on their datasheets, but the implementation is far too complicated to be useful in practice. With a Meraki deployment, our customers get everything they need and everything works right out of the box just like it’s supposed to.”

Both the MX60W and Z1 are available for immediate order through authorized Meraki resellers, at list prices of $845, and $195, respectively. The software update, including Bonjour Gateway and the enhanced Traffic Shaper will be available at no cost for MX security appliances in October 2012 and MR wireless access points in late fall 2012. More information about the MX line can be found atwww.meraki.com/mx.

Meraki Press Releases

Solved IT scores goal with PFA - 05 Oct 2012 - CRN UK News

Premiership footballers will be among the beneficiaries of a new wireless LAN solution at the offices of the Professional Footballers Association (PFA) rolled out by VAR Solved IT.

Solved IT completed the deployment of a Meraki Cloud Managed Solution for the body in August. It is designed to allow staff using company-issued BlackBerry PlayBooks and bringing their own devices to connect securely to PFA data.

PFA guests, including professional footballers and dignitaries, can also gain secure public access via the connection.

Read more: http://www.channelweb.co.uk/crn-uk/news/2214830/solved-it-scores-goal-with-pfa#ixzz28PtNKOTw
CRN - Essential information for VARs, integrators and converged resellers. Claim your free subscription today.

Solved IT scores goal with PFA - 05 Oct 2012 - CRN UK News

Cloud Distribution - Reykjavik Partner Incentive

Full Steam Ahead to Reykjavik

NOVEMBER 30-DECEMBER 02 - Put it in your diary !!!

---

---

Overview

Here at Cloud, we believe in working hard and playing hard. We also believe in incentivising our partners to achieve joint goals. With this in mind, we'd like to introduce our Q4 promotion to Reykjavik, Iceland! The promotion is open to all partners and will run from October 1st to November 16th (inclusive). Contact your Account Manager on 01635 800410 for further details.

Itinery

Depart Friday 30th November from Heathrow to Reykjavik for a 3 day, fun packed trip of discovery. We'll be staying at the 4* Radisson Hotel Reykjavik - http://www.radissonblu.com/1919hotel-reykjavik. We'll spend 2 nights in the Islandic capital before returning midday Sunday 2nd December.

As part of the all-expenses paid trip, you'll be able to choose between two or three of the following fantastic activities:

Swim in the Blue Lagoon

http://www.bluelagoon.com/

Blue Lagoon is one of Iceland’s most visited sites with more than 400,000 visitors annually. The lagoon is 5000m2. At each time the lagoon holds six million litres of geothermal seawater all of which is renewed every 40 hours. Blue Lagoon’s guests actually bathe between two continents as the Euro-Asian and American tectonic plates meet at the Blue Lagoon. Blue Lagoon has been awarded the Blue Flag environmental recognition granted to beaches and marinas and displays the Blue Flag on premises all year around. The Blue Lagoon has also been chosen Best Spa in Scandinavia by SpaFinder and the best Best Medical Thermal Spa by Conde Nast Traveller and recently chosen one of 25 wonders of the world according to National Geographic. 

Dog Sledding

http://www.dogsledding.is/

Dog sledding is great fun. It's an activity gaining popularity, and is a real treat for anyone wanting an adrenaline rush. Dog sledding does not create any air or noise pollution, and the silence is a true gift – a life enhancing moment to treasure. Dog sledding tours provide a unique opportunity to combine an adventure and sightseeing experience.  Note: You have the option of visiting the dog kennel. 

The Golden Circle

http://www.choice-tours-iceland.com/The-Golden-Circle.html

We start out by a visit to the national park at Þingvellir. Þingvellir is a site and place where Icelanders forget their national identity. Þingvellir is a unique geological place where the tectonic plates of N-America and Euro-Asia meet in a very visible way. We drive on over the Lyngdalsheidi, where outlaws used to roam and onwards to the Geysir area, a unique area with numerous wonders of geo-thermal water, and then on towards the Gold falls. A water fall of sheer beauty. Taking a separate route back to Reykjavik we pass by the waterfall Faxi on route to “Kerið”. A crater created in a somewhat different way then we would mostly imagine. With ample time for stops and photo shoots this day-tour contains some of the most popular and beautiful sights Iceland has to offer. Guarantied to leave you with lasting memory for a lifetime.

Authentic Icelandic Cuisine

http://einarben.is/

LOCAL CRITIC'S REVIEW - If you want nouveau or fusion cuisine, look elsewhere. This old-guard restaurant is on the second floor of a century-old gentry townhouse, and the velvety curtains and brass chandeliers are a welcome relief from all the hip, minimalist interiors elsewhere in the fine-dining register. The menu's subtitle of "pure Icelandic" refers to native ingredients, not the dishes, which are honest French peasant fare with decent portions and hearty sauces. Lamb is always a safe choice in Iceland: Locals tend to order the filet of lamb Dijon with mountain thyme crust, lamb shank comfit, and dill glaze; while visitors tend to order the fall-off-the-bone tender lamb shank with creamed vegetables and red wine. The wine list is exceptional, and the spacious bar on the third floor is a wonderful spot for an after-dinner cognac.

Aurora Borealis AKA The Northern Lights

http://en.wikipedia.org/wiki/Aurora_(astronomy)

When is the best time to see the northern lights?

The northern lights are visible under dark skies between the months of September to April, preferably under a clear, cloudless sky. Usually seen between 5pm and 2am, it is important to be away from artificial light. No month guarantees better sightings than another but December to February offer the longest hours of darkness, while the months of autumn and spring are likely to offer more stable weather conditions and often see more aurora activity.

We are now in the period known as 'Solar Max'. This means that sunspot activity which produces the aurora borealis is heightened, offering more chances to see the northern lights. The Solar Max happens every 11 years in accordance with the solar cycle.

Cloud Distribution - Reykjavik Partner Incentive