sECURITY & sd-wan


Cisco Meraki MX Security Appliances are ideal for organizations considering a Unified Threat Managment (UTM) solution, for distributed sites, campuses or datacenter VPN concentration. Since the MX is 100% cloud managed, installation and remote management is simple. The MX has a comprehensive suite of network services, eliminating the need for multiple appliances. These services include SD-WAN capabilities, applicationbased firewalling, content filtering, web search filtering, SNORT® based intrusion detection and prevention, Cisco Advanced Malware Protection (AMP), web caching, 4G cellular failover and more. Auto VPN and SDWAN features are available on our hardware and virtual appliances, configurable in Amazon Web Services.

Feature-Rich Unified Threat Management (UTM) Capabilities

Application-aware traffic control: bandwidth policies for Layer 7 application types (e.g., block YouTube, prioritize Skype, throttle BitTorrent). 

Content filtering: CIPA-compliant content filter, safe-search enforcement (Google/Bing), and YouTube for Schools. 

Intrusion prevention: PCI-compliant IPS sensor using industry-leading SNORT® signature database from Cisco Sourcefire. 

Advanced Malware Protection: flow-based protection engine powered by Cisco AMP. 

Identity-based security policies and application management.

Intelligent Site-To-Site Vpn With Meraki SD-WAN

Auto VPN: automatic VPN route generation using IKE/IPsec setup. Runs on physical MX appliances and as a virtual instance within the Amazon AWS cloud services. 

SD-WAN with active / active VPN, policy-basedrouting, dynamic VPN path selection and support for application-layer performance profiles to ensure prioritization of the applications types that matter. 

Interoperates with all IPsec VPN devices and services. 

Automated MPLS to VPN failover within seconds of a connection failure. 

Client VPN: L2TP IPsec support for native Windows, Mac OS X, iPad and Android clients with no per-user licensing fees.

Industry-Leading Cloud Management

Unified firewall, switching, wireless LAN, and mobile device management through an intuitive web-based dashboard. 

Template based settings scale easily from small deployments to tens of thousands of devices. 

Role-based administration, configurable email alerts for a variety of important events, and easily auditable change logs.

 Summary reports with user, device, and application usage details archived in the cloud.

Branch Gateway Services

Built-in DHCP, NAT, QoS, and VLAN management services. 

Web caching: accelerates frequently accessed content. 

Load balancing: combines multiple WAN links into a single highspeed interface, with policies for QoS, traffic shaping, and failover. 

Smart connection monitoring: automatic detection of layer 2 and layer 3 outages and fast failover, including 3G/4G USB modems.




The MX platform has an extensive suite of security features including IDS/IPS, content filtering, web search filtering, antimalware, geo-IP based firewalling, IPsec VPN connectivity and Cisco Advanced Malware Protection, while providing the performance required for modern, bandwidth-intensive networks. Layer 7 fingerprinting technology lets administrators identify unwanted content and applications and prevent recreational apps like BitTorrent from wasting precious bandwidth.

The integrated Cisco SNORT® engine delivers superior intrusion prevention coverage, a key requirement for PCI 3.0 compliance. The MX also uses the Webroot BrightCloud® URL categorization database for CIPA / IWF compliant content-filtering, Cisco Advanced Malware Protection (AMP) engine for anti-malware, AMP Threat Grid Cloud, and MaxMind for geo-IP based security rules. Best of all, these industry-leading Layer 7 security engines and signatures are always kept up-todate via the cloud, simplifying network security management and providing peace of mind to IT administrators.


Software-defined WAN is a new approach to network connectivity that lowers operational costs and improves resource usage for multisite deployments to use bandwidth more efficiently. 

This allows service providers to offer their customers the highest possible level of performance for critical applications without sacrificing security or data privacy.

Transport Independence

Apply bandwidth, routing, and security policies across a variety of mediums (MPLS, Internet, or 3G/4G LTE) with a single consistent, intuitive workflow.

Application Optimization

Layer 7 traffic shaping and application prioritization optimize the traffic for mission-critical applications and user experience.

Intelligent Path Control

Dynamic policy and performance based path selection with automatic load balancing for maximum network reliability and performance.

Secure Connectivity

Integrated Cisco Security threat defense technologies for direct Internet access combined with IPsec VPN to ensure secure communication with cloud applications, remote offices, or datacenters.


Built on Cisco Meraki’s award-winning cloud architecture, the MX is the industry’s only 100% cloud-managed solution for Unified Threat Management (UTM) and SD-WAN in a single appliance. MX appliances self-provision, automatically pulling policies and configuration settings from the cloud. Powerful remote management tools provide network-wide visibility and control, and enable administration without the need for on-site networking expertise. 

Cloud services deliver seamless firmware and security signature updates, automatically establish site-to-site VPN tunnels, and provide 24x7 network monitoring. Moreover, the MX’s intuitive browser-based management interface removes the need for expensive and time-consuming training. For customers moving IT services to a public cloud service, Meraki offers a virtual MX for use in an Amazon Web Services, enabling Auto VPN peering and SD-WAN for dynamic path selection.


The MX64W and MX65W integrate Cisco Meraki’s awardwinning wireless technology with the powerful MX network security features in a compact form factor ideal for branch offices or small enterprises. 

  • Dual-band 802.11n/ac, 2x2 MIMO with 2 spatial streams. 
  • Unified management of network security and wireless. 
  • Integrated enterprise security and guest access.


The MX65 and MX65W include two ports with 802.3at (PoE+). This built-in power capability removes the need for additional hardware to power critical branch devices.

  • 2 x 802.3at (PoE+) ports capable of providing a total of 60W. 
  • APs, phones, cameras, and other PoE enabled devices can be powered without the need for AC adapters, PoE converters, or unmanaged PoE switches.



Small Office 1-5 users

Secure SD-WAN

36 Months ex VAT



Small Office 5-20 users

Secure SD-WAN

36 Months ex VAT



Small Office 20-100 users

Secure SD-WAN

36 Months ex VAT