Cisco Meraki MX64 Router

coxhaus

Part of the Furniture
Anybody run one of these? It is different than what I think of Cisco. It is not command line based but sets up easily. The price is not bad but you have to buy a license. You can buy 3 year or 5 year. I guess it depends on how often you change routers. Price wise it will come in where high end consumer routers are these days about $360 plus license.
It has these features.
  • Stateful firewall throughput: 250 Mbps
  • Recommended maximum clients: 50
  • Managed centrally over the web
  • Layer 7 traffic analysis and shaping
  • Licensing sold separately, POE (Power Over Ethernet)
Rule sets are pushed daily to the router.

Cisco Meraki EP 01 - MX64 Security Appliance - Basic Setup - YouTube
 
Last edited:

L&LD

Part of the Furniture
None of the features and even less benefits that our RMerlin powered routers offer

Web managed? Needs licensing? 250Mbps? Meraki?

Hard pass.
 

Tech9

Part of the Furniture
This will be beaten in both features and speed by $100 RT-AC66U B1 home router, on stock Asuswrt.
 

ColinTaylor

Part of the Furniture
Interesting product line. Not really suitable for home use but quite nice for small remote sites. The low throughput of the MX64 could be a problem (or perhaps not in a rural location). The higher end models are more appealing on specs but then something like the MX85 is five times the price.
 

Tech Junky

Very Senior Member
The problem is rolling the FW into the router. Break them into 2 systems and it's more cost efficient for the speed benefits.

Then again in the SMB marketplace they're not typically running HSD much beyond those speeds due to the inflated commercial pricing.
 

Tech9

Part of the Furniture
With this Apple-like design I really hope the Cisco logo is illuminated at least. :)
 

coxhaus

Part of the Furniture
The problem is rolling the FW into the router. Break them into 2 systems and it's more cost efficient for the speed benefits.

Then again in the SMB marketplace they're not typically running HSD much beyond those speeds due to the inflated commercial pricing.
I was just wondering if anybody ran one. The firewall is better than almost any router firewall on this site. Trying to run SNORT on pfsense is a pain in the A$$ and still won't match Cisco's on this device. This is all done in one nice package easy to install and easy to run with daily firewall rule updates.
 

Tech9

Part of the Furniture
Trying to run SNORT on pfsense is a pain in the A$$

You perhaps remember old Snort versions. The new Snort has automatic rules configuration. You can subscribe to paid updates, if you want to. It's the same Cisco software, but without forced subscriptions. Most people with home setups use free community rules. IDS/IPS is not very effective protection, unless you run a proxy. Most of the traffic is encrypted today and IDS sees nothing. For that reason many run DNS/IP blocker in parallel.

The firewall is better than almost any router firewall on this site.

Better in what exactly? Hardware, capabilities, configuration? RT-AC66U B1 for $100 can run TrendMicro IDS, DNS blocker, IP blocker, DoT/DNSCrypt, plus VPN Clients/Servers, Adaptive QoS, Parental Controls and per application Traffic Analyzer on top, and faster than 250Mbps. This is hardware from around 2013, still used today and actively supported. Some newer HND home routers are few times faster in everything, plus offer Switch + AP.
 

Tech Junky

Very Senior Member
FW's are really simple when it comes to the form in which you tell the device to use the rules.

The specialized processor though that might assist in not cooking the Meraki / Cisco / Juniper / etc. is where things get interesting.

Why do you need to update the rules daily? You can do it but it's even bigger PITA than what you've mentioned and leads to more troubleshooting when you do things automagically. You can take IPTables and put different triggers into them and auto add/remove them based on the policy you write them to do. I was doing this with uninitiated IP's and adding them to a blacklist and it just caused more issues when sites like Google come back from different sources upon request. Not to mention it bogs down the response time with each additional rule.
 

coxhaus

Part of the Furniture
It is due to Cisco managing the updates and what is applied and how. Yes, Cisco does use their umbrella system. Just overall well thought out on the big picture.
I use Quad9 which I like now but probably not as good as Cisco's since they watch over the world to make their security decisions. Small companies don't have resources like this to be able to do it.
 
Last edited:

Tech9

Part of the Furniture
It is due to Cisco managing the updates and what is applied and how.

Snort is a Cisco software. It pulls the updates and applies the rules. You can install it and configure it yourself on an x86 hardware firewall or pay Cisco to do it for you on an overpriced and underpowered hardware. If you go x86 firewall way, you can run other security packages on it too. Cisco hardware will be locked to what Cisco decided, no much options. As always, the choice is yours.
 

coxhaus

Part of the Furniture
Snort is a Cisco software. It pulls the updates and applies the rules. You can install it and configure it yourself on an x86 hardware firewall or pay Cisco to do it for you on an overpriced and underpowered hardware. If you go x86 firewall way, you can run other security packages on it too. Cisco hardware will be locked to what Cisco decided, no much options. As always, the choice is yours.
Only in your mind can you justify a consumer router can match a Cisco enterprise gateway firewall.
 

degrub

Very Senior Member
This is worse, or no better than, the back and forth over use cases for mainframes and PDP-11s that i used to get into with our IT organization back in the day. SMB, emphasis on S, is an area of overlap where it is almost too small for enterprise gear and organization, and almost too demanding for consumer gear, particularly the design and support aspect.

Both can work, but both have their issues.

So, let it be, please.

So, anyone that can answer the OP’s original question instead of debating ?
 

Tech9

Part of the Furniture
So, anyone that can answer the OP’s original question instead of debating ?

The OP believes it's better than anything around already, so it's a simple buying decision for him.

I found $370 hardware + $1400 5 Year Advanced Security License & Support, total $1770 for worry free Cisco experience.
 

Mokers

Regular Contributor
I have used Meraki products for businesses when I was a consultant. I think their configuration is top notch and their security and updates can’t be matched. The radios in their APs are excellent. I wouldn’t buy them for the home because I need more throughput than what is available on the low end.

The MX64 has always been more of a branch office device where companies need to extend their sd-wan to a a small branch or home office. Ship it to the end location and it pulls down the necessary configurations as soon as it gets an uplink.

thr two scenarios I used the most were for retail companies who had pos systems that would connect to a primary server at a data center or central office. Very easy to deploy and bandwidth is not at a premium.

the other scenario would be a home office worker. Very easy to deploy. Even if the person had a home router, they could plug the Meraki into another port on their isp gateway and that user would have secure internet. If you are in a scenario where you are concerned about security compliance for remote connections, the Meraki logging capabilities and remote management make it very easy to setup policies.
 

coxhaus

Part of the Furniture
The OP believes it's better than anything around already, so it's a simple buying decision for him.

I found $370 hardware + $1400 5 Year Advanced Security License & Support, total $1770 for worry free Cisco experience.
Tech9 you need to shut up and not publish fate data. You have no technical understanding for Cisco so stay with what you know and away from Cisco. I know you are jealous but life is that way. A 3 year license is $190 not any where close to $1400.

I was just wondering if anybody ran one? They are used a lot in the enterprise field being fast and easy setup. They are not like regular command line Cisco. I think they are designed to compete with Ubiquity but more dependable. I am thinking software side.
 

Tech Junky

Very Senior Member
~$400 - MX64
~$200-$900 = License
1650037716878.png

~$200-$4200 - license durations depending on license type

So, base price w/ base license + 1 year duration.
$800

Max licensing / features / duration - $5500
 

Tech9

Part of the Furniture
Tech9 you need to shut up and not publish fate data.

You better prepare your credit card, if you go with this product. Here is a deal in your state:


HW + 3Y Security - $1120
HW + 5Y Security - $1488

Hopefully Cisco will give you an ex-employee discount, if they remember you. Good luck!
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top