I treat Meraki like SmartNET. The subscription comes with lifetime support (TAC + Warranty), you do have support on your production network gear don't you? It's not like they trick you going into it either. I for one am a huge fan of the simplicity, it just works.
Disclaimer: We use them. ~35 access points all around the world. *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net *Arbor Networks* +1.734.794.5033 (d) | +1.734.846.2053 (m) www.arbornetworks.com On Wed, Jun 29, 2016 at 6:33 PM, Eric Kuhnke <eric.kuh...@gmail.com> wrote: > My biggest issue with Meraki is the fundamentally flawed business model, > biased in favor of vendor lock in and endlessly recurring payments to the > equipment vendor rather than the ISP or enterprise end user. > > You should not have to pay a yearly subscription fee to keep your in-house > 802.11(abgn/ac) wifi access points operating. The very idea that the > equipment you purchased which worked flawlessly on day one will stop > working not because it's broken, or obsolete, but because your > *subscription* expired... > > If you want wifi with a centralized controller there's lots of ways to do > it at either L2 (Unifi APs and Unifi controller reachable on the same LAN > segment as the Unifis, or with its own management vlan), or with Unifi APs > programmed to find a controller by hostname/IP address (L3). > > > > On Wed, Jun 29, 2016 at 5:55 AM, Paul Nash <p...@nashnetworks.ca> wrote: > > > My biggest issue with Meraki is that their tech staff can run tcpdump on > > the wired or wireless interface of your Meraki box without having to > leave > > their desk. I have no reason to believe that they are malicious, or in > the > > pay of the NSA, but I am too paranoid to allow their equipment anywhere > > near me. > > > > Yes, they work well and the cloud control panel makes remote support a > > breeze; you have to decide how you feel about the insecurity. > > > > paul > > > > > On Jun 27, 2016, at 6:28 PM, Dan Stralka <mrsyelt...@gmail.com> wrote: > > > > > > I would second Meraki for the situation you describe. I don't feel that > > > they are the most capable platform, they're expensive, and don't always > > > present you with all the information you'd need for troubleshooting. > > > However, the VPN offers great dynamic tunneling, instant-on > performance, > > > and are by far the simplest platform to offer a field person. They're > > also > > > tenacious - I've had them connect to the cloud management platform and > > > build a VPN under some trying circumstances. > > > > > > From a security standpoint, they will offer features that will impress > > for > > > the price (Sourcefire, inability to use if stolen, 802.1x, and remote > VPN > > > tunnel control), and we've found they punch above their weight and > their > > > APs perform fantastically. > > > > > > We deploy them worldwide many times per year in similar use cases, > > > sometimes with 150 users on the LAN. If your routing is simple, you can > > > define your security policies, and don't need crazy throughput on your > > VPN, > > > Meraki is the way to go. Be careful though: they have to be > continually > > > licensed to work and can get pretty expensive if you go for the higher > > end > > > gear. Thus far, we've been able to stick to the cheaper stuff and > > > accomplish our goals. > > > > > > Dan > > > > > > (end) > > > On Jun 27, 2016 6:01 PM, "Karl Auer" <ka...@biplane.com.au> wrote: > > > > > >> On Mon, 2016-06-27 at 13:08 -0700, c b wrote: > > >>> In some cases... > > >> > > >> The words "in some cases" are a problem with any supposedly plug and > > >> play solution. > > >> > > >>> We really could use a simple solution that you > > >>> just flip on, it calls home, and works... > > >> > > >> ...but still requiring someone to enter credentials of some sort, > > >> right? Otherwise you have a device wandering about that provides look > > >> -mum-no-hands access to your corporate network. > > >> > > >> MikroTik stuff is cheap as chips, small, comes with wifi, ethernet, > USB > > >> for a wireless dongle or storage, and has a highly-scriptable > operating > > >> system. Not a bad platform. > > >> > > >> Regards, K. > > >> > > >> -- > > >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > >> Karl Auer (ka...@biplane.com.au) > > >> http://www.biplane.com.au/kauer > > >> http://twitter.com/kauer389 > > >> > > >> GPG fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B > > >> Old fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4 > > >> > > >> > > >> > > >> > > > > >
