Meraki Bells and Whistles
-
@Dashrender said in Datto AP60:
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
Because with Meraki - it's a point and click set of changes...
Okay but why didn't you say....
"Because with Unifi, it's a point and click set of changes..."
Why did you say it about one but not the other when they both do that?
Because with Unifi - I have to manage two pieces of equipment to get that info.
And we covered this, labeling it one thing in Meraki doesn't change that it is two components. Are you not reading anything I'm writing? Use some duct tape with the Unifi, use a label maker, call it the "Unifi FWAP". Ta da. Two functions in one unit. All solved, kicks Meraki's ass. Done.
-
@dbeato - What would it take to get creds for the management interface?
-
@coliver said in Datto AP60:
@Dashrender said in Datto AP60:
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
OK that makes sense... But managing 20 firewalls (one after each AP) yet keeping the network flat sounds HUGELY painful at min.. where the Meraki interface handles that all for you.
It would be a huge pain in the ass, but why do you feel the identical situation is easy with Meraki and hard with Unifi? It's a pain equally in both cases. Remember, we just established that it's a name game with Meraki and that technically there are 20 firewalls there just like with the Unifi. In both cases you have a site manager and a single pain of glass, but in both cases you are choosing to deploy twenty individual firewalls all throughout your wireless (but not wired) network.
No matter how you slice it, that's a crazily complex situation that Meraki has no way to fix over Unifi.
Because with Meraki - it's a point and click set of changes... Even with a total Unif situation there wouldn't be the ease of finding said AP and simply clicking to change a setting... but again - someone it's actually all that likely to do this - so it's mostly a moot point.
....Have you ever used Unifi networking equipment?
yes - I know it's not hard - I have unifi networking gear here at work and at home.
the drill down options for Unifi don't seem a "nice" as they do for Meraki...
Yes I can import my building layout, and drop my APs - and with Unifi, if I want firewalls ever every AP - I'd also have to drop USGs on the map next to every AP... but I'm not sure how you get the USGs to basically be transparent on the network (i.e. not different networks on each side of the USG) like the Merakis basically do from the AP.
With a Meraki AP - I set a rule - M-AP, drop all Youtube traffic. If I want to do that on a single AP for an UAP - I'm not sure how you insert the USG between the network switch and the AP, and not have the AP on a completely separate IP network so traffic is flowing across the firewall rules, does this make sense? Probabaly not - and now I'll have Dusin and JB jumping my shit for being a retard.
-
@Dashrender said in Datto AP60:
I stated focused soley on APs, and you branched it to everything
Again, like is like the ZFS thing. The AP are a component of the network, but can't be looked at on their own and determine value. If you do, you've thrown away the ability to evaluate them. So bringing them up alone would never have a valid reason, you can't look at them outside of their context. So by mentioning a Meraki AP, you by definition were talking about the Meraki network that they are in.
Either...
You have Meraki APs in a Meraki network... then you get high cost, low flexibility, and a single pain of glass.
Or you have Meraki APs in a non-Meraki network... then you get higher than necessary cost, low flexibility, and lose the single pain of glass.
The context is REALLY important, but the Meraki AP loses either way.
-
@scottalanmiller said in Datto AP60:
Answer: "No, because it is part of an ecosystem that when taken holistically doesn't make sense altogether, or separately as individual components."
If that isn't good enough for you, which is wasn't, and you have to pick apart every possible combination of features, then you need to keep the context straight because you are the one trying to argue that there is value in the Meraki, but haven't shown any.
you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution.
Now if you say - well, even though they have their holistic solution - most of it is shit.. oh, well all of it is shit because their APs suck for - abc reasons.. then fine, that would answer the question.
-
@Dashrender said in Datto AP60:
the drill down options for Unifi don't seem a "nice" as they do for Meraki...
If you feel this is the case, then the discussion needs to be solely about "I like Meraki's UI better than Unifi's UI". That's a valid discussion. Talking about the physical units as devices is completely not the issue. You are associating the physical boxes that the units ship in as being the manifestation of the GUI. That's simply not the case.
That Meraki may have a better GUI for some functions is valid. I'd argue that those are false features and a red herring to any real network. But maybe someone has a valid use case that I can't imagine as to why they'd want edge firewall bridges smattered around their network without central control. But we replace those in the real world with Unifi to get management of features that we need, often related to VoIP quality and reliability, that are simpler.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
Because with Meraki - it's a point and click set of changes...
Okay but why didn't you say....
"Because with Unifi, it's a point and click set of changes..."
Why did you say it about one but not the other when they both do that?
Because with Unifi - I have to manage two pieces of equipment to get that info.
And we covered this, labeling it one thing in Meraki doesn't change that it is two components. Are you not reading anything I'm writing? Use some duct tape with the Unifi, use a label maker, call it the "Unifi FWAP". Ta da. Two functions in one unit. All solved, kicks Meraki's ass. Done.
not all done - because in the interface - you HAVE to manage two devices, not one, like Meraki.
-
@Dashrender said in Datto AP60:
you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution.
Which I had said, actually. I said that what we see are Meraki firewalls getting replaced with Unifi ones to solve technical problems. That's the driving factor. Then things like the APs are replaced to keep a single pain of glass (at lower cost.) Since it is then cheaper to have the single pain of glass than to give it up, the "dumb" devices like the APs get switched.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution.
Which I had said, actually. I said that what we see are Meraki firewalls getting replaced with Unifi ones to solve technical problems. That's the driving factor. Then things like the APs are replaced to keep a single pain of glass (at lower cost.) Since it is then cheaper to have the single pain of glass than to give it up, the "dumb" devices like the APs get switched.
***** FORK ****
-
@scottalanmiller said in Datto AP60:
often related to VoIP quality and reliability, that are simpler.
See - now there you go - a reason you're replacing them.. becuase VOIP on them sucks. Thanks.
-
@Dashrender said in Datto AP60:
Now if you say - well, even though they have their holistic solution - most of it is shit.. oh, well all of it is shit because their APs suck for - abc reasons.. then fine, that would answer the question.
None of the Meraki components suck. They just are less flexible, more risky, and way higher cost than alternatives. They suck relative to the market. But are generally well designed hardware overall.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
you're right, I probably wouldn't have liked that answer, because I then move on and say if Meraki APs must be used holistically - then why aren't Unifi gear treated the same? They too offer holistic solution.
Which I had said, actually. I said that what we see are Meraki firewalls getting replaced with Unifi ones to solve technical problems. That's the driving factor. Then things like the APs are replaced to keep a single pain of glass (at lower cost.) Since it is then cheaper to have the single pain of glass than to give it up, the "dumb" devices like the APs get switched.
when you said that before, you didn't specify you were replacing the Meraki Firewalls, you simply said - replacing Meraki... so I didn't follow where one lead to the other, but I do now.
-
@Dashrender said in Datto AP60:
@scottalanmiller said in Datto AP60:
often related to VoIP quality and reliability, that are simpler.
See - now there you go - a reason you're replacing them.. becuase VOIP on them sucks. Thanks.
It doesn't suck, we just lack flexibility for detailed settings and/or it is so time intensive to do that it's better to replace than to work on. And considering how cheap replacing is, it's under one hour of work difference. That's what people often miss....
If we need to do a task on a Meraki that takes 45 minutes longer than on a Unifi, it's cheaper than the labour to replace the device regardless of the cost difference between Merkai and Unifi. The customer conversation is "We can do this in 2 hours on the Meraki and almost certainly it will work" or "We can do this in one hour on the Unifi and we do this constantly and it always works." When "it always works" is cheaper than "it'll almost certainly work" it's a huge win.
-
@scottalanmiller said in Datto AP60:
@Dashrender said in Datto AP60:
@scottalanmiller said in Datto AP60:
often related to VoIP quality and reliability, that are simpler.
See - now there you go - a reason you're replacing them.. becuase VOIP on them sucks. Thanks.
It doesn't suck, we just lack flexibility for detailed settings and/or it is so time intensive to do that it's better to replace than to work on. And considering how cheap replacing is, it's under one hour of work difference. That's what people often miss....
If we need to do a task on a Meraki that takes 45 minutes longer than on a Unifi, it's cheaper than the labour to replace the device regardless of the cost difference between Merkai and Unifi. The customer conversation is "We can do this in 2 hours on the Meraki and almost certainly it will work" or "We can do this in one hour on the Unifi and we do this constantly and it always works." When "it always works" is cheaper than "it'll almost certainly work" it's a huge win.
/sigh... I'd say that your need to spend 2 hours on Meraki to make (hopefully) VOIP work = sucks when you KNOW you can get it to work on Unifi in 1 hour.
plus as you said - getting rid of the high maintenance costs of Meraki... but still, replacing a single Meraki firewall/Switch and say 3 APs still likely going to cost you 4 hours or more of install time, compared to the 2 hours for that single VOIP fix... you're not likely coming out ahead in that single case - but future looking, or am I missing something?
-
@Dashrender said in Datto AP60:
plus as you said - getting rid of the high maintenance costs of Meraki... but still, replacing a single Meraki firewall/Switch and say 3 APs still likely going to cost you 4 hours or more of install time, compared to the 2 hours for that single VOIP fix... you're not likely coming out ahead in that single case - but future looking, or am I missing something?
You are moving the lines again.
First piece: We replace the Meraki firewall to make things work. Whether VPN, VoIP, or whatever. This is done for technical reasons that are easily financially justified.
Second piece: Far less important components that are nearly "dumb" (APs, switches) get evaluated as they are unnecessarily costly and break our ability to get a SPoG. Since they cost a fortune to maintain and essentially nothing to replace, replacing them to get a single pane of glass, plus newer gear that is generally higher performance, is a huge slam dunk.
-
Locking to fork.
-
I am wondering if any of you discussing Meraki, Ubiquiti and Datto have used their interface and actually deployed it? It is not just cut and dry. The significant cost savings is obviously there but it is not just about that. I hear there is not Security per AP but there is even on Sophos APs and others is just a matter of cost. However this thread should be forked to its own discussion.
-
@dbeato said in Meraki Bells and Whistles:
I am wondering if any of you discussing Meraki, Ubiquiti and Datto have used their interface and actually deployed it? It is not just cut and dry. The significant cost savings is obviously there but it is not just about that. I hear there is not Security per AP but there is even on Sophos APs and others is just a matter of cost. However this thread should be forked to its own discussion.
It has been, unless you mean yet another fork?
-
@dbeato said in Meraki Bells and Whistles:
I am wondering if any of you discussing Meraki, Ubiquiti and Datto
Meraki and Unifi and UBNT all of the time.
-
@scottalanmiller said in Meraki Bells and Whistles:
@dbeato said in Meraki Bells and Whistles:
I am wondering if any of you discussing Meraki, Ubiquiti and Datto
Meraki and Unifi and UBNT all of the time.
Well, apparently we're talking about SPoG for Meraki, but not unifi - because no one around here ever talks about using USGs, only ERs.