Hands-on with Cisco Meraki Wireless Access Points

Working with wireless access points. Well, that should be easy. When it comes down to Meraki, though there's a whole different system involved. Find out more next right here on IT pro TV. You're watching IT PRO TV. Probably one of the most hands on things that you can do in your network, of course, is actually installing Wireless Access Points and configuring them to make them work well with Cisco Meraki access points, really, that is pretty much all that you do as you put them in place. But this time, you're actually working through a cloud environment instead. So where we should begin our discussion, especially when you want to deal with hands on with Cisco Meraki Access Points, is to ensure that you understand a little bit more about the Cisco Cloud Architecture itself or the Meraki architecture itself. Now, we're not doing a deep dive into it, we're really just kind of giving you the surface level. That you can go ahead and get an Access Point up and installed and ready to go. You have basic understanding of the functions that are there. But it is key for you to understand the importance of this architecture. And the reason behind that is because you're going to find out later on is that there is more to Meraki than Of course, using their Wireless Access Points. So let's go ahead and begin here with a little bit of a review to help us as we discuss the idea of the Cisco Meraki Cloud Architecture itself. So the way that you and I prior to the most familiar with is this model where we have direct management. That means we purchased the access points. We take them out of whatever boxing that it comes in. We go ahead and we power them up. We plug a cable in between the access point and our laptops. We go to the web management interface that is built into the access point. And we directly manage them. We might configure them with the SSID, the network name that want the password that we want. We might also go ahead and even change the LAN addresses if we choose to. You don't have to but you can actually do that and even more, now with that, once we actually get that in place it's fairly easy, everything comes up, you get clients to connect to those access points, and then you're off and ready to go. Now the other thing though is if your network continues to grow and you need another access point, you're essentially duplicating your efforts, again. And that means you're going do the exact same thing, Maybe a little bit different but not too much as far as your actions go, you're going to have to actually manage that second one the same way, third one, fourth one, you name it, that's going to continue to do that. So there is going to be this repetitive notion of things that you actually end up doing, when it comes down to of course direct management of access points. But I wanted to begin there because that's probably what we're familiar with being able to do. Whether you're actually in a home environment or in a very small office environment. This is the easiest one for us. Somebody says there's something going on with the wireless, especially when you start thinking about it, right? You might go well, we'll just kind of go ahead and turn it off or unplug the power plug it back in. It comes back up when everybody is ready and happy to go. Usually on something like this right? We're probably talking about that small office or that home office environment a lot of times as well. Now when we start to actually get a little bit well growing and our business continued to expand, what we might move to is what we call a controller base type of management for our wireless. Now, when we talk about a controller based management, we do have Wireless Access Points and we will then have a controller. It's essentially a centralized software okay, that allows us to manage multiple access points. All the access points directly connect back to that controller software. And then they're actually the main lines of communication. Now, we still have to physically install those access points wherever we need them to actually be installed. But overall though, they will connect to this controller. Most of the time the controller is going to be another device on your network somewhere. Now when we start doing something like this, the benefit of this over the direct management is we send whatever controls that we want to whatever management that we want to the controller, the controller takes the time to actually push those configurations out, updates, whatever it might be to those individual access points as well. Now, there's a benefit to doing that, right? It means that the more control the more access points jeden you're really still dealing with the same interface. As long as that controller is able to see those access points to communicate with them. You're probably going to be fine, but there can be issues with these. In the very fact that this is a device that also resides on your network. And if that device needs to be updated, you're going to download that update, you're going to push that update. And when you do so, you might find out that you break the connection to your Wireless Access Points themselves, whether it's a versioning issue or whether it's something that updated did update, but the things over in the access points didn't update? Well, you might find that out as well. So normally management of these types of updates may be a little bit more challenging, not necessarily, but it can be a little bit more challenging if you update and one versions different from the versions on the access points, and vice versa. So realize that there may be some challenges here as well. Also, of course, it could be that the access points themselves can still maintain and be up and running, but the controller itself goes down. The great thing is you'll still probably end up with access as far as communicating through those wireless access points. But if you ever need to make that change to them, you might find out that the controller hasn't been working and now you have to actually figure out what actually happened there and get that controller up and working again. So there are some unusual things that if you haven't actually dealt with it before, that can be a little bit more troubleshooting intensive than you realize, okay? But it's a great system that's been out there for a long time and we don't want to knock it, but here's where you actually do see that progression. Now the reason why Cisco Meraki is different, okay, is that with Cisco Meraki you do buy Meraki Access Points. So the Meraki access points you do put them in place as you need to. But it really begins with you actually going to a website and registering first and when you do so, you're getting access to what we call a dashboard. And everything about the idea of Cisco Meraki Access Point is that they are all 100% Cloud managed. And that means there's no controller sitting at your location on premises somewhere. Everything that you're doing is actually managed in the cloud itself. When you send commands, you're actually on your network. And you're either going to use their web interface that you have, or if you're actually programmatic, you can also of course, use their API's. And those things will of course, go to the dashboard site that's there. And then that will connect to the Meraki infrastructure out across the internet somewhere. And then whatever types of management changes that you want, those will be pushed from the Meraki cloud environment that they're down to those devices themselves, okay? So this actually removes that idea of you having to maintain, a controller. It also removes what you can do on those access point as far as you taking a single access point and directly trying to manage that device as well. So it is a little bit different as far as just the overall architecture goes and want to make sure that that's actually clear for us. Now, we might be thinking, how is all this stuff going to tie together with what we actually need to do? Well, one of the first things that you'll end up doing we'll discuss this a little bit more in detail, of course, is that your management of all of your Meraki devices not just access points, but we're actually focusing in on access points in this particular show. Is that it actually comes down through one central idea here, which is your Meraki user account. You can go and register with your Meraki you can actually create a free account up there in the Meraki cloud. And when you do so, that will go ahead and actually create the account that you need. That will then allow you to manage your Meraki devices. Now by saying that there's an organizational structure in terms of the hierarchy that falls like this. Now a single Meraki User Account. We could create our own single organization I have one organization, but inside of my organization I may have multiple departments right, where I do have separate networks separate subnets if you want to call it that, which is perfectly fine. Your single Meraki User Account can manage at the organizational level for all the things that really have to go between network one and network two. But then we can also have maybe just one network of one, two or multiple networks as well. So that one user account can actually do that, and actually have an organizational management and can also go network by network and even manage things at that level. But the neat thing about the single Meraki User Account here is that you might actually find yourself as managing multiple organizations to So let's say for example, you are actually an MSP. You're somebody that's actually providing the Meraki Access Points to more than one customer. And now your single user account, you can actually use that of course, to control multiple organizations instead, and that means you can manage it from your location. So you might be the MSP provider, or let's say IT PRO TV. But you might also let's say be the MSP provider for Ronnie wong.com. I'm just making up the name here. Okay. Well, even though you're actually the managed service provider, you would that one account can actually manage both of them. In those organizations, and then even go ahead and be more granular than that, and we're going to talk about this much more in depth as we get into the management side of this stuff, because it does break down a little bit more, but just realize that it all really does tie back to that Meraki User Account. So it's very important that we understand that as well as the cloud management side of it, and that's where it begins is with that account that we have in the Meraki Cloud. Now here's how the data flow goes. So when we start talking about this, the way that it ends up working is because it begins to get a little bit more unusual. The question that normally that first came to my mind that I think of and I that most people are actually thinking of here is that so does that mean that when we communicate through the Meraki Access Points themselves. That all of my user data is also sent through the Meraki Cloud, and then across the Internet, and then back to the user? Well, when you actually do send something like this, right, here's what ends up happening and the way that Meraki has chosen to do this in terms of the architecture flow. So you have management traffic, then management traffic will come from you on the left hand side, go across the internet to the Meraki Cloud. The Meraki cloud will then push out whatever management configurations are there for those access points as we need to have any other Meraki devices that are out there, but your data doesn't do that. Once everything has actually been established when you do this type of communication data between your endpoints that you have, whether they're going across rocky switches or whether they're going across anything else in the Meraki world that's actually out there for us. So when we communicate through the Meraki Access Points, the user data doesn't do that. It goes directly from across the Internet, and your user data actually ends up going well not through the Meraki cloud itself. So there is no particular gateway that you have to think about, this actually that Meraki Cloud is causing some type of bottleneck of your own traffic. So just realize that user data doesn't have to go across the Meraki Cloud here. It can actually go between your devices in that way. So that's part of the data architecture and flow. Now, is that secure? Well, here's how it actually comes in. We start thinking about, right, all of the actual stuff that goes between us, and where we actually are. Of course, we'll just use the management traffic for an example here. Is going to be encrypted, okay? So the encrypted traffic that we have, we have our access point on our premises, they have to communicate with the Meraki Cloud. Well, the way that they'll do it, of course, is using some type of tunneling. They'll actually bring up an AES256 encrypted tunnel. So that's a very strong encryption tunnel. And then on top of that, the data itself will be encrypted using HTTPS, and also, of course, additional protocols, but when it's actually idle In other words, when data is not going across from the access point that you see it on the left hand side, to the Meraki Cloud itself in terms of the management traffic will then it will actually maintain that tunnel by actually doing an idle one kilobit per second connection. So it will maintain that tunnel and that secured communication between them. So you're not worried about security of your traffic going through that as well. And that of course would also probably be true of your data as well. So when it comes down to actually thinking about the idea of the Cloud Architecture itself, right, we've already talked about the way that it does it, which is it with Cisco Meraki Access Points. We are cloud based or cloud managed there. Okay, that cloud management system is actually set up is actually a very good system for us. We also of course, have actually talked about the ideas here of how it's encrypted just like we've talked about, as well as the data flow and the nature of it to the all this actually gives us a little bit of a preview into the Cloud Architecture of Meraki Access Points. And there is more to come as you want to get more hands on with these devices. But I had to begin with some theory and here's a great place for it to actually go. Now if you want to continue on of course, that means we have to learn more about the dashboard and that will be coming up in the very next episode. So signing off for IT PRO TV and myself, make sure you stay tuned for the next episode right here on hands on with Cisco Meraki Wireless Access Points. Thank you for watching IT PRO TV. [BLANK_AUDIO]