Cisco Meraki MX Firewalls - Cloud Managed Security
Cisco Meraki Firewall - The MX series
The MX series provides Cloud managed security alongside SD-WAN capabilities.
The MX series is a “next generation” firewall. This means it’s a full layer7 firewall providing complete control over applications, content & users.
Layer 7 traffic classification and control
The Cisco Meraki proprietary packet processing engine analyses network traffic up to and including layer 7, using sophisticated fingerprinting to identify users, content, and applications on the network. Each network flow is categorised, and access control policies are enforced — for example, blocking Netflix and prioritising video conferencing. By classifying traffic at layer 7, Cisco Meraki's next generation firewall controls evasive, encrypted, and peer-to-peer applications, like BitTorrent or Skype, that cannot be controlled by traditional firewalls. Cisco Meraki's next generation firewall is included in all security appliances.
Intrusion detection engine
Featuring an integrated intrusion detection and prevention (IDS / IPS) engine based on Sourcefire's Snort, the single most widely deployed intrusion detection and prevention technology in the world, Cisco Meraki security appliances protect your network against malicious entities and threats. Using a combination of signature, protocol and anomaly-based inspection methods ensures ironclad security for your network. Leveraging the Cisco Meraki cloud management platform, threat signatures are automatically updated, keeping security always up-to-date.
Identity-based and device-aware security
Device-aware access controls enable administrators to ensure the appropriate level of network access for each class of devices. Layer 7 device fingerprints automatically detect and classify Apple iOS, Android, Windows, Mac OS, and other clients. These fingerprints are integrated into Cisco Meraki firewalls and wireless APs, so that administrators can, for example, apply firewall rules specific to iPads in a Bring Your Own Device (BYOD) network.
Cisco Meraki security appliances feature a powerful category-based content filter, which matches content against millions of URLs in dozens of categories. The Cisco Meraki content filtering engine features native Active Directory integration to apply access controls specific to each class of users. Content lists and application signatures are updated dynamically from the cloud, so that security policies remain up to date even as content and applications change.
Features summary
- Identity based firewall
- Intrusion prevention
- Auto VPN
- Content filtering
- Advanced malware protection
- High Availability
- Application visibility & control
- Centralized management
- SD-WAN
MX Models
Small Branch
- MX 64 – recommended clients – 50. Throughput - 250Mbps
- MX64W – recommended clients – 50. Throughput - 250Mbps(with WiFi)
- MX65 – recommended clients – 50. Throughput - 250Mbps(12 ethernet interfaces(2 PoE))
- MX67 - recommended clients – 50. Throughput - 450Mbps
- MX67W – recommended clients – 50. Throughput - 450Mbps(with WiFi)
- MX67C – recommended clients – 50. Throughput - 450Mbps(with LTE/Cell capabilities)
- MX68 – recommended clients – 50. Throughput - 450Mbps(12 ethernet interfaces(2 PoE))
- MX68W – recommended clients – 50. Throughput - 450Mbps(12 ethernet interfaces(2 PoE) & WiFi)
- MX68CW – recommended clients – 50. Throughput - 450Mbps(12 ethernet interfaces(2 PoE) & LTE)
Medium Branch
- MX84 - recommended clients – 200. Throughput - 500Mbps(10 Gigabit ethernet interfaces + 2 SFP)
- MX100 - recommended clients – 500. Throughput - 750Mbps(9 Gigabit ethernet interfaces + 2 SFP)
Large Branch/Campus/Concentrator
- MX250 - recommended clients – 2,000. Throughput – 4Gbps(2 x 10Gig SFP+ Interfaces + 24 other various interfaces )
- MX450 - recommended clients – 10,000. Throughput – 6Gbps(2 x 10Gig SFP+ Interfaces + 24 other various interfaces )
Virtual
- vMX100
Licensing
Enterprise License
Includes:
- Stateful firewall
- Site to site VPN
- Client VPN
- Branch routing
- Link bonding and failover
- Application control
- Web caching
Advanced Security License
All Enterprise License features, plus:
- Content filtering
- Geo-based IP firewall
- Google SafeSearch and YouTube for Schools
- Intrusion detection & prevention (IDS/IPS)
- Advanced Malware Protection (AMP)
- Cisco Threat Grid1. Grid1 Requires Threat Grid cloud subscription(learn more - https://www.cisco.com/c/en/us/products/security/threat-grid/index.html )
All MX Security Appliances include upgrades, phone support, and a lifetime warranty at no additional cost.
Call and chat to our experts on +44 (0) 207 148 1780
Latest Posts
Performance Networks achieve ISO 27001
Read our whitepaper: The State of Technology at Universities in the UK
Useful Links
Our Contacts

Performance Networks Limited,
The Sir Colin Campbell Building,
Nottingham, NG7 2TU
Head Office: +44 (0) 115 822 1212
London Office: +44 (0) 207 148 1780