InfoWorld review: Meraki Enterprise Cloud Controller

Every business is on the lookout for ways to simplify life and positively impact the bottom line. The Meraki Enterprise Cloud Controller has the potential to do both by eliminating almost all the IT overhead required to run an enterprise wireless network. A one-man IT team could handle all of the administration duties for multiple wireless LANs across multiple locations, along with other daily chores, due to Meraki’s placement of the management functions not in controllers that must be wired into your network but in the cloud.

For our review, Meraki provided us with three of its MR-14 802.11n wireless access points (WAP) and one additional MR-16 WAP. We deployed them in a large residential complex located in downtown San Diego. The deployment went smoothly and quickly.

After testing the Meraki system, our team felt it would be a great solution for educational institutions, libraries, and nonprofits due to the easy installation process, great management interface, and low cost. Another potential market would be businesses with several different store or office locations that would benefit from placing scattered workers on the same network. Large university campuses could make use of this technology as well.

A large enterprise that wants a global view of far-flung networks, without paying the immense costs typically required, would also do well to consider Meraki. The essential question for these organizations is whether to place the ultimate control of their wireless LAN management system in the hands of a third party. Meraki is a clearer win for small businesses or educational institutions because there is less of concern with security and more focus on ease of deployment, low cost, and manageability.

Meraki installation and management We liked many aspects of the Meraki 802.11n WAP solution. The installation was straightforward and simple — it definitely did not require a doctoral degree and a CCNA or even a technical background to deploy. It would not be a stretch to say that anyone who can read directions could set up the Meraki WAP, though having set up a wireless router before would help. Simply plug the Meraki 802.11 WAPs into your network, and they automatically connect to the Meraki Enterprise Cloud Controller for their instructions. Our total installation time for four WAPs in a residential complex took just 10 minutes and (apart from physically connecting the WAPs to our LAN) required stepping through only a few WAP configuration screens on the Meraki website. Not having to configure the controller itself was a great timesaver.

Test Center Scorecard
	20%	20%	20%	15%	15%	10%
Meraki Enterprise Cloud Controller	8	7	10	10	9	10	8.9 Very Good

Meraki’s Cloud Controller makes day-to-day life easy for the network admin in a number of ways. The clean Web interface is as user-friendly as that of an Apple product and hints at Google’s influence — it even allowed us to place the WAPs on an embedded Google Map, a great way to keep track of your network assets in a distributed enterprise. There were handy instant email notifications whenever a WAP went down or came back up during our testing.

Meraki’s console also allows remote monitoring of all the WAPs in the network and security configuration. A one-man IT team could go on vacation and log in from a hotel or smartphone to troubleshoot the network if an emergency arises. Having the controller on the Web gives the network admin great flexibility, and there is no longer a need to build dedicated WAN or VPN links to each remote location.

Network admins can easily set limits on bandwidth usage so that certain users don’t create congestion for everyone else. Is an unproductive employee spending too much time listening to Pandora or watching YouTube? You could block the users completely and be known as the Draconian Network Administrator, or you could take a low-key approach and simply limit the bandwidth usage. You could do this for a certain set of applications or websites or overall for a specific user or group — all it takes is a few simple clicks.

Because the Meraki WAPs include this smart application layer, you can also set quality-of-service policies according to the traffic type. This traffic management capability is another potential money saver as some organizations pay to upgrade their network bandwidth to support mission-critical applications even while a few rogue users waste bandwidth. Meraki provides the visibility to spot the network abusers and allows you to limit them. It’s a great feature that could prevent unnecessary, costly bandwidth upgrades.

But the biggest advantage Meraki provides is eliminating a typical network administrator’s major time sinks. There are no more worries about firmware updates, patches, server updates, and so on. Reports are timely and easy to access. It’s simple to log in to the management console to get a detailed network summary on things like top WAPs by usage, top clients by usage, total data transferred, operating systems of users, device manufacturers, and SSID (service set identifier) usage.

There’s also an event log, of course, and a rogue access point report that’s useful for detecting wireless spectrum conflicts. We tested the Meraki WAPs in downtown San Diego surrounded by Wi-Fi activity, so our rogue detection log was quite long. In one 24-hour period, we detected so many of our neighbors’ WAPs that we felt like “war drivers” casing the neighborhood RF spectrum for potential networks to connect to. The Meraki system allowed us to do this from our sofa, where our “war sitting” yielded 43 WAPs.

Cloud concerns One of the major concerns with any cloud service is security. By effectively outsourcing the wireless network to Meraki’s cloud service, a company is in essence handing all information security and assurance to Meraki, which does not store user data on its servers and serves merely as a control channel to your wireless network. In other words, the only data stream outside of the firewall is WAP configuration data, log data, and other control information — no user data flows through the Meraki cloud.

That said, any external data stream outside the company’s control represents a potential security breach. Although Meraki posts a privacy policy, our team could not find an official statement on how Meraki handles security breaches or the ramifications of a hacker accessing Meraki’s controller and siphoning data flowing from your organization to the Meraki cloud.

Another potential issue for Meraki subscribers is that all software updates for the controller and access points are automatic. Patches and updates always have the potential to create security vulnerabilities, which is why conservative companies often opt out of the standard patch cycle. Although Meraki hasn’t been known to have any security problems, the company is relatively new and does not have a long track record. If Meraki went out of business or suffered a catastrophic failure to its Cloud Controller, customers would be left scrambling to find a backup solution. This would be especially difficult for the companies that cut their IT staff to save money by choosing Meraki in the first place. Meraki’s WAPs require Meraki’s Cloud Controller and would be worthless without it.

Federal government customers may feel uneasy about outsourcing their security controls to a relatively new vendor, even one backed by Google. Meraki may claim that it does not look at any of its users’ data, and by design its system connectivity is meant to only control the access points with all user data filtered for protection. However, where there is connectivity, there is the potential for data viewing. At the end of the day, an organization needs to weigh the cost savings of outsourcing against the loss of direct access control. Meraki seems to be a good fit for a nonmonetary or low-security network such as for a university or a hotel, less so for any three-letter federal agency or bank.

We found a few minor bugs during our testing. For example, a splash page feature allows admins to redirect users to a specific website upon login. We discovered that if the splash page itself redirects users to a second URL, then the users were unable to surf the Web at all. Overall, it’s not a big deal, but we wanted to prove to our readers that we do not leave any stone unturned. The good news is that Meraki has already addressed this problem. In fact, on several of the application’s pages, there is an opportunity to make suggestions to the Meraki team for such improvements.

Because the Meraki controller is a cloud application, updates can be made continuously, and this advantage has not been lost on Meraki. We were impressed with Meraki’s willingness to listen to our complaints and suggestions, and the company’s commitment to improving its products is admirable.

Our reports of the minor bug in the splash page feature were met with a plan to fix the issue within 90 days (by whitelisting domain names instead of just IP addresses). Further, since we began our testing, Meraki has added a slew of new features and improvements ranging from a triple-stream 802.11n WAP to time-based SSIDs and network cloning. A new NAC (network access control) capability allows WAPs to ensure that the client’s antivirus software is enabled before allowing access. A new VPN concentrator, packaged as a virtual appliance, automatically establishes secure connections between remote office WAPs and the central office, so users don’t have to worry about it.

Meraki’s cloud-controlled wireless LAN solution provides all the basic, necessary functions in a convenient and aesthetically pleasing format, and it can save you a bundle. A typical WAP solution requires the cost of controllers, software licenses, and application servers. By outsourcing the management functions, you eliminate the cost for all that infrastructure. You also eliminate the extensive initial configuration of a wireless system, which would cost a few thousand dollars as well.

For an $850 annual fee, the Meraki solution would allow you to run 10 access points for a medium-sized enterprise. That’s huge savings. Meraki estimates that its access points each support about 2,000 square feet or 15 employees per access point. And because additional access points don’t require additional controllers, you can scale very cost-effectively as well. A useful cost calculator can be found on the Meraki website.

Meraki is not the Lamborghini of wireless networks. If your company has already deployed a blazing-fast reliable network and cannot downsize, you should keep the infrastructure that you spent thousands to build and avoid the annual fees that Meraki charges. However, if you are looking to deploy a simple solution that is easy to manage, the Meraki solution is a great choice — and an opportunity to unload all of the headaches involved in keeping a wireless network up-to-date. 

This article, “InfoWorld review: Meraki Enterprise Cloud Controller,” was originally published at InfoWorld.com. Follow the latest developments in networking at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.