Meraki Bells and Whistles
-
@Dashrender said in Datto AP60:
Those who have it seem to love it.
People claim that they love Nutanix, too. But there is a huge difference between "we love it compared to doing it well" and "we love it because we didn't realize that there was an actual good solution." Meraki, while historically being a decent product, falls into the latter category today I find. It's not "bad" absolutely, it's just "bad" compared to the real world marketplace. It's like the Model T, it was good when it first came out. But if you were to buy one today and claimed it was a good vehicle, people would think you were crazy.
-
@DustinB3403 said in Datto AP60:
Security controls on the AP would only maybe make sense for the smallest possible use cases.
Where an organization has literally zero additional resources to separate these processes.
I'm not sure how one can get this small. If you are big enough to have APs, you'd be already past this size. If you were a home user with one person, you are already past this size, lol.
-
@dbeato said in Datto AP60:
@scottalanmiller said in Datto AP60:
@dbeato said in Datto AP60:
@scottalanmiller said in Datto AP60:
@DustinB3403 said in Datto AP60:
@scottalanmiller said in Datto AP60:
We replace them with UBNT because they are better, not because they are less.
You absolutely have to be replacing this not only because Ubiquiti offers a better product, but because the TCO is way cheaper than the cost of Meraki's gear as well.
Actually, that pretty much never happens. That they are cheaper makes customers jump at it, but typically we replace the Merakis because of a failing that the UBNT fixes.
What failing? And the problem is not Meraki or Ubiquiti here. However when it comes to so called security experts they talk about Security Controls on APs which is very interesting and they leave out Ubiquiti because they don't have any.
Lack of features or flexibility, generally. Or that configuration costs, rather than unit costs, are so much higher that while it might be a cost factor, isn't a cost of the device factor.
I see, so bottom line factors.
Right. Like sometimes people won't complex things done on Meraki that takes more time and it is faster and cheaper to replace them with stuff that does it out of the box. If that out of the box required more annual costs and a big uplift, obviously that wouldn't work. So that UBNT isn't more expensive is certainly important. But it is that UBNT generally saves money on the engineering immediately, and since the cost of the UBNT because "zero or less", it's like the customer is paid to switch to it. That they save long term is a bonus, but if it was break even, would still do it.
-
@Dashrender said in Datto AP60:
@scottalanmiller said in Datto AP60:
@dbeato said in Datto AP60:
@scottalanmiller said in Datto AP60:
@DustinB3403 said in Datto AP60:
@scottalanmiller said in Datto AP60:
We replace them with UBNT because they are better, not because they are less.
You absolutely have to be replacing this not only because Ubiquiti offers a better product, but because the TCO is way cheaper than the cost of Meraki's gear as well.
Actually, that pretty much never happens. That they are cheaper makes customers jump at it, but typically we replace the Merakis because of a failing that the UBNT fixes.
What failing? And the problem is not Meraki or Ubiquiti here. However when it comes to so called security experts they talk about Security Controls on APs which is very interesting and they leave out Ubiquiti because they don't have any.
Lack of features or flexibility, generally. Or that configuration costs, rather than unit costs, are so much higher that while it might be a cost factor, isn't a cost of the device factor.
what flexibility don't they have? or what feature are they missing?
specifics please.A bit. Meraki either lacks the full command line flexibility of UBNT or makes it much more difficult to do. And performance. Meraki just don't keep up with UBNT at all. Performance is arguably a "feature" but when one can do the job and one can't, it's kind of a feature.
-
@scottalanmiller what are you doing at the command line of a UAP?
-
@Dashrender said in Datto AP60:
With the Meraki demo's I've seen you can block access to certain services directly at the AP instead of the firewall
Keep in mind that doing this...
- Makes the AP a firewall, just with a different label. It's still a firewall.
- Can be done with Ubiquiti for cheaper.
So while Ubiquiti requires two discrete devices to do this and Meraki just one. The two Ubiquiti devices are cheaper to buy than the one Meraki, and that's just up front. The Meraki always has the annual cost, and the UBNT does not. So other than the minor aesthetics of only having one device, the Ubiquiti option seems vastly better here since you get more flexibility, more power, more features, at dramatically lower cost.
This is akin to how people tout ZFS over XFS be saying "can XFS do RAID"? No, XFS is a discrete component and uses MD, ZFS, BtrFS, LVM, or hardware for its RAID portion. You can do anything with XFS than you can with ZFS, but not under the label of XFS. One is comparing a stack of components, one is comparing just one component of the stack. So it makes ZFS sound impressive because it's apples and oranges.
That's what Meraki is doing here. It's giving you an "all in one" and promoting the features of a part that you don't want included in there. But if you did the same in a better way, you get a better result. It's a bundling and labeling trick to make something bad sound good, but it's not.
-
@Dashrender said in Datto AP60:
@scottalanmiller what are you doing at the command line of a UAP?
We don't, the idea of configuring APs to do really anything is a Meraki problem. Another reason to replace them. I'm talking Unifi vs. Meraki, not Unifi AP vs Meraki AP. It's a network, not a single device.
-
The reason to replace Meraki APs with Unifi APs is that the management of them becomes free instead of requiring separate accounts, dashboards, etc. By removing the Meraki APs, you get a single pane of glass to the network.
-
@scottalanmiller said in Datto AP60:
n the one Meraki, and that's just up front. The Meraki always has the annual cost, and the UBNT does not. So other than the
OK that makes sense... But managing 20 firewalls (one after each AP) yet keeping the network flat sounds HUGELY painful at min.. where the Meraki interface handles that all for you.
Mind you I've never used a Meraki beyond a single AP and I did little more than setup an SSID on it and just use it as an AP.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
@scottalanmiller what are you doing at the command line of a UAP?
We don't, the idea of configuring APs to do really anything is a Meraki problem. Another reason to replace them. I'm talking Unifi vs. Meraki, not Unifi AP vs Meraki AP. It's a network, not a single device.
aww.. OK I get it now with the command line talk.
-
@scottalanmiller said in Datto AP60:
The reason to replace Meraki APs with Unifi APs is that the management of them becomes free instead of requiring separate accounts, dashboards, etc. By removing the Meraki APs, you get a single pane of glass to the network.
What? Meraki has devices for all the network components - APs, Switches and Firewalls - sounds like a single pain of glass to me.
with UBNT, you have to run Unifi gear to get that single pain of glass (Unifi AP (OK we all run those) Unifi switches - which most people crap on around - especially JB, and Unifi Security Gateways - which suck because you can't manage advanced settings in any way other than json files).
-
@Dashrender said in Datto AP60:
OK that makes sense... But managing 20 firewalls (one after each AP) yet keeping the network flat sounds HUGELY painful at min.. where the Meraki interface handles that all for you.
You'd use UNMS to manage those firewalls with Ubiquiti as each site very likely has their own configurations that they need setup.
-
@Dashrender said in Datto AP60:
What? Meraki has devices for all the network components - APs, Switches and Firewalls - sounds like a single pain of glass to me.
You are totally missing the big picture. THOSE get replaced because of complexity. It was you who singled out the AP apart from the rest of the solution. When those complex pieces get replaced because you need the power and flexibility of Ubiquiti, then you have to replace the Meraki APs to get a single pain of glass.
-
@Dashrender said in Datto AP60:
with UBNT, you have to run Unifi gear to get that single pain of glass (Unifi AP (OK we all run those) Unifi switches
Right, which was the point because we had just established needed UBNT for flexibility.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
What? Meraki has devices for all the network components - APs, Switches and Firewalls - sounds like a single pain of glass to me.
You are totally missing the big picture. THOSE get replaced because of complexity. It was you who singled out the AP apart from the rest of the solution. When those complex pieces get replaced because you need the power and flexibility of Ubiquiti, then you have to replace the Meraki APs to get a single pain of glass.
I honestly don't even know what you are talking about anymore.
-
Anyways back to the OP, @WrCombs since your boss brought in a physical device, she needs to provide credentials into the management environment so you can set this up to run the SSID you need.
How/where you get into that cloud I don't have an answer.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
with UBNT, you have to run Unifi gear to get that single pain of glass (Unifi AP (OK we all run those) Unifi switches
Right, which was the point because we had just established needed UBNT for flexibility.
we did? when? you said performance and command line flexibility - which has nothing to do with APs, but the the whole Meraki line in general.
The Unifi line (SPoG) also doesn't have commandline
-
@Dashrender said in Datto AP60:
OK that makes sense... But managing 20 firewalls (one after each AP) yet keeping the network flat sounds HUGELY painful at min.. where the Meraki interface handles that all for you.
It would be a huge pain in the ass, but why do you feel the identical situation is easy with Meraki and hard with Unifi? It's a pain equally in both cases. Remember, we just established that it's a name game with Meraki and that technically there are 20 firewalls there just like with the Unifi. In both cases you have a site manager and a single pain of glass, but in both cases you are choosing to deploy twenty individual firewalls all throughout your wireless (but not wired) network.
No matter how you slice it, that's a crazily complex situation that Meraki has no way to fix over Unifi.
-
@Dashrender said in Datto AP60:
we did? when? you said performance and command line flexibility - which has nothing to do with APs, but the the whole Meraki line in general.
All choices about a unified network system is about the system in general.
-
@Dashrender said in Datto AP60:
The Unifi line (SPoG) also doesn't have commandline
Ours does. Doesn't yours? We use it all the time.