What's new

Cisco Meraki MX64 Router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

coxhaus

Part of the Furniture
Anybody run one of these? It is different than what I think of Cisco. It is not command line based but sets up easily. The price is not bad but you have to buy a license. You can buy 3 year or 5 year. I guess it depends on how often you change routers. Price wise it will come in where high end consumer routers are these days about $360 plus license.
It has these features.
  • Stateful firewall throughput: 250 Mbps
  • Recommended maximum clients: 50
  • Managed centrally over the web
  • Layer 7 traffic analysis and shaping
  • Licensing sold separately, POE (Power Over Ethernet)
Rule sets are pushed daily to the router.

Cisco Meraki EP 01 - MX64 Security Appliance - Basic Setup - YouTube
 
Last edited:
None of the features and even less benefits that our RMerlin powered routers offer

Web managed? Needs licensing? 250Mbps? Meraki?

Hard pass.
 
This will be beaten in both features and speed by $100 RT-AC66U B1 home router, on stock Asuswrt.
 
Interesting product line. Not really suitable for home use but quite nice for small remote sites. The low throughput of the MX64 could be a problem (or perhaps not in a rural location). The higher end models are more appealing on specs but then something like the MX85 is five times the price.
 
The problem is rolling the FW into the router. Break them into 2 systems and it's more cost efficient for the speed benefits.

Then again in the SMB marketplace they're not typically running HSD much beyond those speeds due to the inflated commercial pricing.
 
With this Apple-like design I really hope the Cisco logo is illuminated at least. :)
 
The problem is rolling the FW into the router. Break them into 2 systems and it's more cost efficient for the speed benefits.

Then again in the SMB marketplace they're not typically running HSD much beyond those speeds due to the inflated commercial pricing.
I was just wondering if anybody ran one. The firewall is better than almost any router firewall on this site. Trying to run SNORT on pfsense is a pain in the A$$ and still won't match Cisco's on this device. This is all done in one nice package easy to install and easy to run with daily firewall rule updates.
 
Trying to run SNORT on pfsense is a pain in the A$$

You perhaps remember old Snort versions. The new Snort has automatic rules configuration. You can subscribe to paid updates, if you want to. It's the same Cisco software, but without forced subscriptions. Most people with home setups use free community rules. IDS/IPS is not very effective protection, unless you run a proxy. Most of the traffic is encrypted today and IDS sees nothing. For that reason many run DNS/IP blocker in parallel.

The firewall is better than almost any router firewall on this site.

Better in what exactly? Hardware, capabilities, configuration? RT-AC66U B1 for $100 can run TrendMicro IDS, DNS blocker, IP blocker, DoT/DNSCrypt, plus VPN Clients/Servers, Adaptive QoS, Parental Controls and per application Traffic Analyzer on top, and faster than 250Mbps. This is hardware from around 2013, still used today and actively supported. Some newer HND home routers are few times faster in everything, plus offer Switch + AP.
 
FW's are really simple when it comes to the form in which you tell the device to use the rules.

The specialized processor though that might assist in not cooking the Meraki / Cisco / Juniper / etc. is where things get interesting.

Why do you need to update the rules daily? You can do it but it's even bigger PITA than what you've mentioned and leads to more troubleshooting when you do things automagically. You can take IPTables and put different triggers into them and auto add/remove them based on the policy you write them to do. I was doing this with uninitiated IP's and adding them to a blacklist and it just caused more issues when sites like Google come back from different sources upon request. Not to mention it bogs down the response time with each additional rule.
 
It is due to Cisco managing the updates and what is applied and how. Yes, Cisco does use their umbrella system. Just overall well thought out on the big picture.
I use Quad9 which I like now but probably not as good as Cisco's since they watch over the world to make their security decisions. Small companies don't have resources like this to be able to do it.
 
Last edited:
It is due to Cisco managing the updates and what is applied and how.

Snort is a Cisco software. It pulls the updates and applies the rules. You can install it and configure it yourself on an x86 hardware firewall or pay Cisco to do it for you on an overpriced and underpowered hardware. If you go x86 firewall way, you can run other security packages on it too. Cisco hardware will be locked to what Cisco decided, no much options. As always, the choice is yours.
 
Snort is a Cisco software. It pulls the updates and applies the rules. You can install it and configure it yourself on an x86 hardware firewall or pay Cisco to do it for you on an overpriced and underpowered hardware. If you go x86 firewall way, you can run other security packages on it too. Cisco hardware will be locked to what Cisco decided, no much options. As always, the choice is yours.
Only in your mind can you justify a consumer router can match a Cisco enterprise gateway firewall.
 
This is worse, or no better than, the back and forth over use cases for mainframes and PDP-11s that i used to get into with our IT organization back in the day. SMB, emphasis on S, is an area of overlap where it is almost too small for enterprise gear and organization, and almost too demanding for consumer gear, particularly the design and support aspect.

Both can work, but both have their issues.

So, let it be, please.

So, anyone that can answer the OP’s original question instead of debating ?
 
So, anyone that can answer the OP’s original question instead of debating ?

The OP believes it's better than anything around already, so it's a simple buying decision for him.

I found $370 hardware + $1400 5 Year Advanced Security License & Support, total $1770 for worry free Cisco experience.
 
I have used Meraki products for businesses when I was a consultant. I think their configuration is top notch and their security and updates can’t be matched. The radios in their APs are excellent. I wouldn’t buy them for the home because I need more throughput than what is available on the low end.

The MX64 has always been more of a branch office device where companies need to extend their sd-wan to a a small branch or home office. Ship it to the end location and it pulls down the necessary configurations as soon as it gets an uplink.

thr two scenarios I used the most were for retail companies who had pos systems that would connect to a primary server at a data center or central office. Very easy to deploy and bandwidth is not at a premium.

the other scenario would be a home office worker. Very easy to deploy. Even if the person had a home router, they could plug the Meraki into another port on their isp gateway and that user would have secure internet. If you are in a scenario where you are concerned about security compliance for remote connections, the Meraki logging capabilities and remote management make it very easy to setup policies.
 
The OP believes it's better than anything around already, so it's a simple buying decision for him.

I found $370 hardware + $1400 5 Year Advanced Security License & Support, total $1770 for worry free Cisco experience.
Tech9 you need to shut up and not publish fate data. You have no technical understanding for Cisco so stay with what you know and away from Cisco. I know you are jealous but life is that way. A 3 year license is $190 not any where close to $1400.

I was just wondering if anybody ran one? They are used a lot in the enterprise field being fast and easy setup. They are not like regular command line Cisco. I think they are designed to compete with Ubiquity but more dependable. I am thinking software side.
 
~$400 - MX64
~$200-$900 = License
1650037716878.png

~$200-$4200 - license durations depending on license type

So, base price w/ base license + 1 year duration.
$800

Max licensing / features / duration - $5500
 
Tech9 you need to shut up and not publish fate data.

You better prepare your credit card, if you go with this product. Here is a deal in your state:


HW + 3Y Security - $1120
HW + 5Y Security - $1488

Hopefully Cisco will give you an ex-employee discount, if they remember you. Good luck!
 
Similar threads

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top