Review: Meraki Enterprise Cloud Controller for APs
January 11, 2012
Long before “cloud” was a buzzword, Meraki applied this winning architecture to WLANs.
Price: From $150 per AP (one year)
Pros: Fast deployment, rich traffic controls, app-layer visibility, no-cost extras.
Cons: Some simplification at the expense of flexibility, limited RF debug.
When most vendors were building beefier hardware controllers, Meraki refined its multi-tenant hosted controller service, routinely rolling out new features at no extra cost. This low TCO "out of sight, out of mind" tactic helped Meraki land over 18,000 customers, from SMBs and hotels to universities and distributed enterprises.
During Wi-Fi Planet’s test drive, we found Meraki’s Enterprise Cloud Controller quietly competent, with expanding depth and scalability.
Leveraging the cloud
Meraki sells a range of cloud-managed routers and Wi-Fi access points (APs), from the indoor single-radio MR12 to the outdoor triple-radio MR58. For this review, we tested three APs: an MR16 (MSRP $649), an MR24 (MSRP $1199) and an MR66 (MSRP $1299).
According to Meraki’s coverage calculator, the MR16’s dual 2x2 MIMO radios and internal antennas deliver 100 Mbps over 22 feet (2.4 GHz). Painting a 20K square foot office with Wi-Fi this way would require 28 MR16’s -- a fairly dense deployment.
Big brother MR24 uses 3x3 MIMO to boost max data rate from 600 to 900 Mbps, while the MR66 is ruggedized for outdoor or industrial indoor use. All three support clients in both bands simultaneously, using band-steering to nudge 5 GHz-capable devices out of the 2.4 GHz “junk band.”
Every Meraki AP and router must be managed by Meraki’s Cloud Controller, a 3x redundant service, hosted in physically-secured, geographically-diverse SAS70 type II certified data centers. Two services are available: Pro Controller (max two SSIDs) and Enterprise Controller (up to 15 SSIDs). Enterprise also piles on advanced features such as traffic analysis, application firewall, auto-channel management and rogue detection.
We tested Enterprise Controller, priced from $150 per AP (one year) to $450 per AP (five years). Cloud Controller is multi-tenant; any given customer can use it to control up to 1000 networks, each containing up to 2500 APs.Getting started
One huge cloud benefit is rapid activation -- in this case, avoiding controller installation. Meraki APs are plug-and-play: just connect power and 100/1000 Ethernet (we used 802.3af PoE). Upon power-up, each AP gets an IP via DHCP and reaches out to Meraki’s Cloud Controller connecting over the Internet on documented ports that pass easily through most firewalls.
Back at the Cloud Controller, WLAN administration occurs over SSL from any Web browser. We found Meraki’s dashboard clean and responsive with few plug-in requirements or pop-ups or deeply-nested menus. To get started, we just supplied the name of our network (i.e., site) and an order number. All APs on that order became instantly manageable.
We then dragged our APs onto an imported floor plan image, supplemented by a supplied Google map for our network’s street address. Within minutes, we could visualize our small network (below). Populating a large distributed WLAN this way would take longer, but couldn’t be much easier; unless Meraki imported WLAN planner output or understood 3D relationships. However, a Configuration Sync panel can be used to selectively clone another network’s SSIDs.
Whenever an AP connects to the Cloud Controller, it receives current settings (and firmware if necessary). Unlike many other-vendor APs, Meraki APs cannot be managed via CLI. Each AP does have an unsecured webpage that local clients can use to view their own real-time channel utilization, signal strength and throughput (handy for trouble-shooting). Although admins can use that page to set static IPs, all other commands (including reboot) must be invoked remotely from the Cloud Controller.
In fact, the Controller focuses on making Meraki network configuration very easy. All SSIDs appear on a single overview panel. Drill-down settings may be configured per SSID, broken into Access Control, Firewall, Traffic Shaping, Users, Groups, and Splash Page panels.
For example, choose an SSID and click Access Control to select a security policy (open, WEP, WPA2-PSK, etc.), then click Users to select who will be allowed to connect to that SSID.
Unlike many policy managers, Cloud Controller is not big on reusable objects or inheritance. With few noteworthy exceptions, most settings are WYSIWYG; many are accompanied by mouse-over definitions. This results in a fairly intuitive GUI, but it also makes it tough to compare or maintain complex Firewall or Group policies across several SSIDs.
Beyond SSIDs, very little network or radio configuration is required or supported. For example, Enterprise Cloud Controller auto-assigns the least-noisy channel to each AP. Manual assignment is an option, but sets all APs to the same channels (rarely desirable at multi-AP sites).
Band selection and 11b protection can be set per SSID, but not per-AP. And you won’t find 802.11n MCS or SGI or 40 GHz bonding or MPDU aggregation options since Meraki’s Controller just tries to maximize throughput to each client based on that device’s supported capabilities. Many admins will appreciate this simplicity, but some may find it inflexible or insufficiently transparent.