Cisco Meraki MX Netflow Template Support
Cisco Meraki MX series is a security & SD-WAN appliance-based product line for distributed sites, campuses or datacenter VPN concentration. It offers capabilities such as SD-WAN, application-based firewalling, content filtering, web search filtering, intrusion detection and prevention, web caching, 4G cellular failover and so on. It aims to maximize network resiliency and bandwidth efficiency in this era of WAN traffic explosion.
For the first phase of Meraki integration, we leveraged the Universal Data Records (UDR) architecture (which we previously used for integrating with Cisco ASA Firewall, Palo Alto Networks Firewalls, Silver Peak and various security and SD-WAN appliances) to support the Meraki MX Netflow Template, so we can ingest Meraki-specific flow fields into Kentik. New capabilities include:
- Dimension - Source IP/CIDR: Initiator of the conversation
- Dimension - Destination IP/CIDR: Responder in the conversation
- Metrics - Out Bytes: Number of bytes leaving the MX for this flow
- Metrics - Out Packets: Number of packets leaving MX for this flow
With this kind of visibility, you can now analyze who is initiating conversations __to and from__ various parts of your network. For example: - Internal resources in a corporate network should not usually get connections originating from the internet, and/or - Resources in your DMZ should not usually initiate conversations to the internet
For more information, please see the [Cisco Meraki Metrics](https://kb.kentik.com/Da06.htm#Da06-Cisco_Meraki_Metrics "Kentik KB: Cisco Meraki Metrics") topic in our Knowledge Base, or contact our [Customer Success team](mailto:support@kentik.com "Contact Customer Support").