Meraki Bells and Whistles
- 
 @DustinB3403 said in Datto AP60: Anyways back to the OP, @WrCombs since your boss brought in a physical device, she needs to provide credentials into the management environment so you can set this up to run the SSID you need. How/where you get into that cloud I don't have an answer. Yeah, that part is simple, just tell her to log in and show you how to access it. Don't let her hand it over without showing that it works and how to get in. Problem will solve itself. 
- 
 @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: Because with Meraki - it's a point and click set of changes... Okay but why didn't you say.... "Because with Unifi, it's a point and click set of changes..." Why did you say it about one but not the other when they both do that? Because with Unifi - I have to manage two pieces of equipment to get that info. 
- 
 @Dashrender said in Datto AP60: @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: Because with Meraki - it's a point and click set of changes... Okay but why didn't you say.... "Because with Unifi, it's a point and click set of changes..." Why did you say it about one but not the other when they both do that? Because with Unifi - I have to manage two pieces of equipment to get that info. So you want a SPoF? 
- 
 @Dashrender said in Datto AP60: you took a conversation that was about APs and then suddenly started talking about unified systems Yes, because it's a discussion about Datto (and Meraki and Unifi) which are unified systems. If you mention an AP in that context, the value and functionality are a sub-component of the overall system. I didn't change the conversation, I answered what was asked. In an attempt to pick it apart, you started trying to isolate components to try to make a sensible conversation not make sense. Let's make it simple: "Is a Meraki AP a good idea?" Answer: "No, because it is part of an ecosystem that when taken holistically doesn't make sense altogether, or separately as individual components." If that isn't good enough for you, which is wasn't, and you have to pick apart every possible combination of features, then you need to keep the context straight because you are the one trying to argue that there is value in the Meraki, but haven't shown any. 
- 
 @Dashrender said in Datto AP60: @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: Because with Meraki - it's a point and click set of changes... Okay but why didn't you say.... "Because with Unifi, it's a point and click set of changes..." Why did you say it about one but not the other when they both do that? Because with Unifi - I have to manage two pieces of equipment to get that info. And we covered this, labeling it one thing in Meraki doesn't change that it is two components. Are you not reading anything I'm writing? Use some duct tape with the Unifi, use a label maker, call it the "Unifi FWAP". Ta da. Two functions in one unit. All solved, kicks Meraki's ass. Done. 
- 
 @dbeato - What would it take to get creds for the management interface? 
- 
 @coliver said in Datto AP60: @Dashrender said in Datto AP60: @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: OK that makes sense... But managing 20 firewalls (one after each AP) yet keeping the network flat sounds HUGELY painful at min.. where the Meraki interface handles that all for you. It would be a huge pain in the ass, but why do you feel the identical situation is easy with Meraki and hard with Unifi? It's a pain equally in both cases. Remember, we just established that it's a name game with Meraki and that technically there are 20 firewalls there just like with the Unifi. In both cases you have a site manager and a single pain of glass, but in both cases you are choosing to deploy twenty individual firewalls all throughout your wireless (but not wired) network. No matter how you slice it, that's a crazily complex situation that Meraki has no way to fix over Unifi. Because with Meraki - it's a point and click set of changes... Even with a total Unif situation there wouldn't be the ease of finding said AP and simply clicking to change a setting... but again - someone it's actually all that likely to do this - so it's mostly a moot point. ....Have you ever used Unifi networking equipment? yes - I know it's not hard - I have unifi networking gear here at work and at home. the drill down options for Unifi don't seem a "nice" as they do for Meraki... Yes I can import my building layout, and drop my APs - and with Unifi, if I want firewalls ever every AP - I'd also have to drop USGs on the map next to every AP... but I'm not sure how you get the USGs to basically be transparent on the network (i.e. not different networks on each side of the USG) like the Merakis basically do from the AP. With a Meraki AP - I set a rule - M-AP, drop all Youtube traffic. If I want to do that on a single AP for an UAP - I'm not sure how you insert the USG between the network switch and the AP, and not have the AP on a completely separate IP network so traffic is flowing across the firewall rules, does this make sense? Probabaly not - and now I'll have Dusin and JB jumping my shit for being a retard. 
- 
 @Dashrender said in Datto AP60: I stated focused soley on APs, and you branched it to everything Again, like is like the ZFS thing. The AP are a component of the network, but can't be looked at on their own and determine value. If you do, you've thrown away the ability to evaluate them. So bringing them up alone would never have a valid reason, you can't look at them outside of their context. So by mentioning a Meraki AP, you by definition were talking about the Meraki network that they are in. Either... You have Meraki APs in a Meraki network... then you get high cost, low flexibility, and a single pain of glass. Or you have Meraki APs in a non-Meraki network... then you get higher than necessary cost, low flexibility, and lose the single pain of glass. The context is REALLY important, but the Meraki AP loses either way. 
- 
 @scottalanmiller said in Datto AP60: Answer: "No, because it is part of an ecosystem that when taken holistically doesn't make sense altogether, or separately as individual components." If that isn't good enough for you, which is wasn't, and you have to pick apart every possible combination of features, then you need to keep the context straight because you are the one trying to argue that there is value in the Meraki, but haven't shown any. you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution. Now if you say - well, even though they have their holistic solution - most of it is shit.. oh, well all of it is shit because their APs suck for - abc reasons.. then fine, that would answer the question. 
- 
 @Dashrender said in Datto AP60: the drill down options for Unifi don't seem a "nice" as they do for Meraki... If you feel this is the case, then the discussion needs to be solely about "I like Meraki's UI better than Unifi's UI". That's a valid discussion. Talking about the physical units as devices is completely not the issue. You are associating the physical boxes that the units ship in as being the manifestation of the GUI. That's simply not the case. That Meraki may have a better GUI for some functions is valid. I'd argue that those are false features and a red herring to any real network. But maybe someone has a valid use case that I can't imagine as to why they'd want edge firewall bridges smattered around their network without central control. But we replace those in the real world with Unifi to get management of features that we need, often related to VoIP quality and reliability, that are simpler. 
- 
 @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: Because with Meraki - it's a point and click set of changes... Okay but why didn't you say.... "Because with Unifi, it's a point and click set of changes..." Why did you say it about one but not the other when they both do that? Because with Unifi - I have to manage two pieces of equipment to get that info. And we covered this, labeling it one thing in Meraki doesn't change that it is two components. Are you not reading anything I'm writing? Use some duct tape with the Unifi, use a label maker, call it the "Unifi FWAP". Ta da. Two functions in one unit. All solved, kicks Meraki's ass. Done. not all done - because in the interface - you HAVE to manage two devices, not one, like Meraki. 
- 
 @Dashrender said in Datto AP60: you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution. Which I had said, actually. I said that what we see are Meraki firewalls getting replaced with Unifi ones to solve technical problems. That's the driving factor. Then things like the APs are replaced to keep a single pain of glass (at lower cost.) Since it is then cheaper to have the single pain of glass than to give it up, the "dumb" devices like the APs get switched. 
- 
 @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution. Which I had said, actually. I said that what we see are Meraki firewalls getting replaced with Unifi ones to solve technical problems. That's the driving factor. Then things like the APs are replaced to keep a single pain of glass (at lower cost.) Since it is then cheaper to have the single pain of glass than to give it up, the "dumb" devices like the APs get switched. ***** FORK **** 
- 
 @scottalanmiller said in Datto AP60: often related to VoIP quality and reliability, that are simpler. See - now there you go - a reason you're replacing them.. becuase VOIP on them sucks. Thanks. 
- 
 @Dashrender said in Datto AP60: Now if you say - well, even though they have their holistic solution - most of it is shit.. oh, well all of it is shit because their APs suck for - abc reasons.. then fine, that would answer the question. None of the Meraki components suck. They just are less flexible, more risky, and way higher cost than alternatives. They suck relative to the market. But are generally well designed hardware overall. 
- 
 @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution. Which I had said, actually. I said that what we see are Meraki firewalls getting replaced with Unifi ones to solve technical problems. That's the driving factor. Then things like the APs are replaced to keep a single pain of glass (at lower cost.) Since it is then cheaper to have the single pain of glass than to give it up, the "dumb" devices like the APs get switched. when you said that before, you didn't specify you were replacing the Meraki Firewalls, you simply said - replacing Meraki... so I didn't follow where one lead to the other, but I do now. 
- 
 @Dashrender said in Datto AP60: @scottalanmiller said in Datto AP60: often related to VoIP quality and reliability, that are simpler. See - now there you go - a reason you're replacing them.. becuase VOIP on them sucks. Thanks. It doesn't suck, we just lack flexibility for detailed settings and/or it is so time intensive to do that it's better to replace than to work on. And considering how cheap replacing is, it's under one hour of work difference. That's what people often miss.... If we need to do a task on a Meraki that takes 45 minutes longer than on a Unifi, it's cheaper than the labour to replace the device regardless of the cost difference between Merkai and Unifi. The customer conversation is "We can do this in 2 hours on the Meraki and almost certainly it will work" or "We can do this in one hour on the Unifi and we do this constantly and it always works." When "it always works" is cheaper than "it'll almost certainly work" it's a huge win. 
- 
 @scottalanmiller said in Datto AP60: @Dashrender said in Datto AP60: @scottalanmiller said in Datto AP60: often related to VoIP quality and reliability, that are simpler. See - now there you go - a reason you're replacing them.. becuase VOIP on them sucks. Thanks. It doesn't suck, we just lack flexibility for detailed settings and/or it is so time intensive to do that it's better to replace than to work on. And considering how cheap replacing is, it's under one hour of work difference. That's what people often miss.... If we need to do a task on a Meraki that takes 45 minutes longer than on a Unifi, it's cheaper than the labour to replace the device regardless of the cost difference between Merkai and Unifi. The customer conversation is "We can do this in 2 hours on the Meraki and almost certainly it will work" or "We can do this in one hour on the Unifi and we do this constantly and it always works." When "it always works" is cheaper than "it'll almost certainly work" it's a huge win. /sigh... I'd say that your need to spend 2 hours on Meraki to make (hopefully) VOIP work = sucks when you KNOW you can get it to work on Unifi in 1 hour. plus as you said - getting rid of the high maintenance costs of Meraki... but still, replacing a single Meraki firewall/Switch and say 3 APs still likely going to cost you 4 hours or more of install time, compared to the 2 hours for that single VOIP fix... you're not likely coming out ahead in that single case - but future looking, or am I missing something? 
- 
 @Dashrender said in Datto AP60: plus as you said - getting rid of the high maintenance costs of Meraki... but still, replacing a single Meraki firewall/Switch and say 3 APs still likely going to cost you 4 hours or more of install time, compared to the 2 hours for that single VOIP fix... you're not likely coming out ahead in that single case - but future looking, or am I missing something? You are moving the lines again. First piece: We replace the Meraki firewall to make things work. Whether VPN, VoIP, or whatever. This is done for technical reasons that are easily financially justified. Second piece: Far less important components that are nearly "dumb" (APs, switches) get evaluated as they are unnecessarily costly and break our ability to get a SPoG. Since they cost a fortune to maintain and essentially nothing to replace, replacing them to get a single pane of glass, plus newer gear that is generally higher performance, is a huge slam dunk. 
- 
 Locking to fork. 




