How to Protect Cisco Meraki with XDR

Managing an organization-wide network consisting of WAN, LAN, wireless and security infrastructure used to mean that you needed a complex set of network management systems to configure and operate your network infrastructure. This approach places feature-rich network platforms out of the reach of any organization that didn’t have the necessary teams of highly specialized IT staff. This paradigm has all changed fundamentally with the advent of cloud-managed network infrastructure.

Platforms like Cisco Meraki embed feature-rich network infrastructure and all the tools needed to manage it within the reach of even SMBs by hosting all of the tools required to manage your infrastructure in the cloud. Features like UTM, SDWAN, WiFi and switching can all be managed via an intuitive web-based interface. While this makes network technology more universally accessible, at the same time the ability to use so much more technology without a large IT team has increased the attack surfaces even of SMBs.

In this post we will show you how you can easily add an additional layer of security by integrating Meraki with XDR. This will allow you to reap the benefits of both feature-rich network technology and best in class security operations without needing to employ highly specialized network and security teams.

All Networks are Vulnerable to Attack

Modern network infrastructure suites almost universally provide a strong set of security features as part of their portfolio. Cisco Meraki is a leader in this area, armed with an extensive and strong set of security features. Despite this, even leading platforms like Meraki are not immune to challenges, and are affected by security vulnerabilities from time to time.

A far bigger problem is how the ease of use of a platform like Meraki brings with it the risk of misconfiguration. In fact, research has shown that misconfiguration is one of the biggest causes of network security breaches, costing companies as much as 9% of annual revenue.

While Meraki provides a rich set of security controls, the frequent changes which happen in most networks leave customers in a position where they could accidentally expose themselves through a misconfiguration. For SMBs, who lack the resources of large enterprises, the costs of a security breach could easily put them out of business. To deal with this problem you need a way to detect unusual activity which is the result of a breach without having to employ a specialized security operations team.

The Benefit of Augmenting Meraki’s Security Capabilities

While Meraki brings with it the power of simplicity, the fact that it allows you to easily consume more technology brings with it the side effect of an increased attack surface. In addition, SMBs who will be attracted to the intuitive interface provided by Meraki unfortunately often lack the resources needed for the kind of rigorous change review that large enterprises usually put in place to avoid misconfigurations. This makes it all the more important to have an additional layer of security which can pick up any unusual activity which might betray the tell-tale signs of a breach.

Meraki, like most other networking suites, provides extensive security alerting. In fact, Meraki implementations can easily generate thousands of alerts every minute. The first problem this creates is that you are left with the challenge of finding a proverbial needle in a haystack. This is where Samurai XDR comes to your aid by providing fully-automated triage of all your security alerting, allowing you to focus only on the alerts that are really important.

Integrating your Meraki infrastructure with Samurai XDR also gives you the benefit of a consistent duration of alert storage. While the period of time that Meraki stores alerts for varies between individual products in the suite, Samurai XDR will provide you with storage of all the telemetry it ingests for a year. Using Samurai XDR’s Advanced Query feature, this allows you to run sophisticated queries over up to a year’s alerts across Meraki and all your other technologies.

Creating Full Visibility

While Meraki provides full alerting across its own products, you need to have a single view of security alerting across all of your technologies, including all of your on-premises infrastructure and cloud applications. By bringing security alerting into a single tool, this creates the ability to prioritize security alerts across your entire technology estate from a single tool, and manage investigations and response from a single location.

This is where Samurai XDR provides a perfect match with Meraki, extending the same kind of accessible and intuitive interface which Meraki provides for network configuration to detection and response across all of your technology assets. In the same way that Meraki makes enterprise grade network operations accessible even to SMBs, Samurai XDR makes advanced security operations accessible to smaller companies who don’t have the resources to retain a specialized SecOps team.

Point and Click Integration

To integrate alerting from your Cisco Meraki infrastructure into Samurai XDR, all you need to do is follow a few simple steps to allow Samurai XDR to retrieve security alerts from Meraki. Once you have done that, Samurai XDR will immediately start to analyze all of the alerts from Meraki, together with all your other security alerting, providing you with a single alert management view across your entire organization. With a single, prioritized view of security alerting, using technologies like Boost Scoring to focus on what is really important, you can be assured that you won’t miss the security alerts that really matter.

To experience the simplicity and added security of integrating Cisco Meraki with Samurai XDR, claim your unlimited 30 day free trial of Samurai XDR today.