Layer 7 Traffic Classification & Control
The Cisco Meraki MX Firewall uses a proprietary packet processing engine to analyse network traffic up to and including Layer 7, providing deep visibility into users, applications, and content. This advanced classification allows businesses to enforce precise access control policies, such as blocking bandwidth-heavy applications like Netflix, while prioritising business-critical services like video conferencing.
Unlike traditional firewalls, the Cisco Meraki next-generation firewall can control evasive, encrypted, and peer-to-peer applications, including BitTorrent and Skype, ensuring that only approved traffic flows through the network. This feature is included in all Cisco Meraki security appliances, providing businesses with superior network security solutions.
Intrusion Detection & Prevention (IDS/IPS)
Cisco Meraki MX Firewalls have a built-in intrusion detection and prevention system (IDS/IPS), the world’s most widely used intrusion prevention technology. This system continuously monitors traffic to detect and block malicious threats, unauthorised access attempts, and cyberattacks.
By using signature, protocol, and anomaly-based inspection methods, the firewall delivers ironclad security that adapts to emerging threats. Plus, with cloud-based management, security signatures are automatically updated, ensuring your network is always protected against the latest vulnerabilities.
Identity-Based & Device-Aware Security
The Cisco Meraki MX Firewall includes device-aware access controls, allowing IT administrators to customise security policies based on the device type and operating system. The built-in Layer 7 device fingerprinting automatically detects and classifies devices such as Apple iOS, Android, Windows, and Mac OS, ensuring each device gets the appropriate level of access.
This level of control is particularly beneficial for Bring Your Own Device (BYOD) environments, where administrators can set custom firewall rules for specific devices, such as limiting access for personal iPads while ensuring unrestricted access for business-critical devices.