-
Notifications
You must be signed in to change notification settings - Fork 9
Home
Cisco Meraki is an amazing cloud-managed IT solution, simplifying network, security, security cameras, and IoT infrastructure.
However, even the most intelligent AI/ML-driven solution is still vulnerable to users misconfiguring various options (usually without reading the documentation). Misconfiguration can result in an outage, or poor user experience (if you will limit user's traffic to 1Mbps - things will work slowly.. AI won't help there as it's the admin's 'intent').
This report is presenting the alignment between your Meraki networks' state and configuration with Meraki best practices, and a set of thresholds I have selected based on my personal experience.
In the report you will find the following tabs:
-
Summary
This tab presents a summary of the results of the health check.
-
Network Health Alerts
This tab presents the dashboard alerts from all networks in a single view.
-
Network Health
This tab presents the Channel Utilization for every wireless AP. We will examine only the 5GHz spectrum; If you are using the 2.4GHz spectrum - it's beyond saving...
The threshold is set to 20%. APs with utilization above this threshold for many occurrences (10+) may be experiencing RF issues.
-
Firmware Upgrades
This tab presents the firmware status for every network. Highlighting networks that require a firmware upgrade.
-
RF profiles
This tab presents the (non-default) RF profiles for every network.
-
Minimum Tx power: Setting the minimum Tx power too high, might result in wireless APs interfering with each other, as they are not allowed to decrease their power. The threshold is set to 10 dBm.
-
Minimum bitrate: Broadcasts and Multicasts will be sent over the wireless at this speed. The lower the speed - the more airtime is wasted. The threshold is set to 12 Mbps.
-
Channel Width: Depending on local regulation and wireless AP density, there is a limited number of channels that can be used. In most deployments, channel width of more than 40MHz might cause interference between the wireless APs.
-
RX-SOP: This is a fine-tuning network design tool that should be used only after consulting an independent wireless expert or Meraki Support. If it's configured - there should be a good reason for it. More details at: https://documentation.meraki.com/MR/Radio_Settings/Receive_Start_of_Packet_(RX-SOP)
-
-
Switch port counters
This tab presents every switch in every network.
-
Ports with CRC errors: We do not expect to see any CRC errors on our network, ports with more than
<threshold>(default is 0) CRC errors will appear here. -
Ports with collisions: It's 2022.. we shouldn't be seeing hubs or collisions on our network. Ports with more than
<threshold>(default is 0) collisions will appear here. -
Multicasts exceeding threshold: Multicast traffic may be legitimate, we're highlighting ports with more than
<threshold>(default is 100) multicasts per second for visibility (and making sure they are legitimate). -
Broadcasts exceeding threshold: Broadcasts above a certain threshold should be looked at, we're highlighting ports with more than
<threshold>(default is 100) broadcasts per second for visibility (and making sure they are legitimate). -
Topology changes exceeding threshold: TCN means something has changed in the STP topology. We're highlighting ports with more than
<threshold>(default is 10) topology changes for visibility (and making sure they are legitimate).
-
-
Organization Settings
This tab presents the organization settings.
-
Multiple admins: We're looking for a single admin with full rights. If you see more than one admin with full rights - it's recommended to have at least one admin with full rights.
-
2FA: Two Factor Authentication is an important security mechanism, highly recommended for securing your admin accounts.
-
API access: presenting which admin users are using the Dashboard API and whether they are using the v0 API which is being deprecated.
-