|
Thanks Ants posted:https://www.jamf.com/products/jamf-pro/ This is the Right and True answer. Don't bother with Apple's Profile Manager. EDIT: Ha, first post on page 666
|
# ? Dec 9, 2016 17:01 |
|
|
# ? Jun 11, 2024 05:22 |
|
On Monday I'm going in for an application support interview. Before this I've always done OS/hardware/network support. Are there any things I should prepare to be asked about? It's an obscure ERP system, Aggresso.
|
# ? Dec 9, 2016 17:17 |
|
Super Slash posted:Cold call hell was meant for this. https://soundcloud.com/user-237714155/sales-call-abyss Perfect page 666 material. This (or something like it) was our solution. Eventually we made a REALLY long IVR maze at extension 666. http://nerdvittles.com/?p=75 GnarlyCharlie4u fucked around with this message at 17:59 on Dec 9, 2016 |
# ? Dec 9, 2016 17:55 |
|
We are deploying a new building at the beginning of the year and are currently looking over our networking options and everyone above me is jacking off all over Meraki because of their interface. I've given up on the AP's, but our two options of switches have been narrowed down to Meraki and Cisco Catylst 2960x's. I have some selfish reasons for wanting to go Cisco (I'm currently studying for the CCNA and would love the exposure), but I also just feel more comfortable with a CLI and a product I know is reliable. Unfortunately, those arguments alone aren't going to get me anywhere. Anyone have any experience with Meraki switches? We are currently being quoted for the MS225 or MS250 for our IDF and the MS350 for our MDF.
|
# ? Dec 9, 2016 20:54 |
|
siggy2021 posted:We are deploying a new building at the beginning of the year and are currently looking over our networking options and everyone above me is jacking off all over Meraki because of their interface. I've given up on the AP's, but our two options of switches have been narrowed down to Meraki and Cisco Catylst 2960x's. I have some selfish reasons for wanting to go Cisco (I'm currently studying for the CCNA and would love the exposure), but I also just feel more comfortable with a CLI and a product I know is reliable. Unfortunately, those arguments alone aren't going to get me anywhere. I have an all meraki infrastructure. I didn't set it up, but am maintaining it. Did you have any specific questions? E: I have an mx80, an ms320, two ms220's, four mr32's, and a handful of z1's The Fool fucked around with this message at 21:00 on Dec 9, 2016 |
# ? Dec 9, 2016 20:56 |
|
How many users are we talking about? I wouldn't recommend deploying Meraki in anything bigger than a small branch office.
|
# ? Dec 9, 2016 20:56 |
|
Doesn't Cisco *own* Meraki?
|
# ? Dec 9, 2016 20:57 |
|
Yes, yes they do. That doesn't really change the conversation, though.
|
# ? Dec 9, 2016 21:00 |
|
I get Meraki for Wi-Fi because it's one of those things where it's good to have detailed analytics that you can use if you want to troubleshoot, easy setup of guest networks etc. But how often are you really changing your switch configurations around that you need a pretty web UI for it?
|
# ? Dec 9, 2016 21:03 |
|
The Fool posted:I have an all meraki infrastructure. I didn't set it up, but am maintaining it. Did you have any specific questions? Really just what your overall experience has been, and why would or wouldn't I want a Meraki switch over a Cisco switch. psydude posted:How many users are we talking about? I wouldn't recommend deploying Meraki in anything bigger than a small branch office. I think at this point the building is planned to have 90-100 physical drops in offices, so not huge. We'll have a decent chunk of wireless coverage, espeically in the warehouse for picking headsets and scan guns that run a terminal program connecting to an AS/400 application that will be up in the cloud soon. At this point my biggest selling point is ease of finding information for configurations if you don't already know something. For example, I was looking over some VMWare documentation on doing VLANs on the virtual switch and they gave me examples of a Cisco configuration for the physical switch end of the connection. We currently have HP Procurve switches in most of our infrastructure and that is one of the big downfalls for me - finding information on them can be difficult sometimes.
|
# ? Dec 9, 2016 21:03 |
|
This might help with those cases where you have IOS examples and need to put them into an HP switch https://h17007.www1.hpe.com/docs/interoperability/Cisco/HP-Networking-and-Cisco-CLI-Reference-Guide_June_10_WW_Eng_ltr.pdf
|
# ? Dec 9, 2016 21:04 |
|
I interviewed there a while back, it's Cisco-owned but run in its own building. Apparently, there was a clause in the buyout involving giant financial penalties if Cisco meddles with how it's managed too much. Didn't get the job... In any case, I look at them as separate products with shared infra as opposed to Meraki being Cisco's Lexus or whatever.
|
# ? Dec 9, 2016 21:05 |
|
Thanks Ants posted:I get Meraki for Wi-Fi because it's one of those things where it's good to have detailed analytics that you can use if you want to troubleshoot, easy setup of guest networks etc. But how often are you really changing your switch configurations around that you need a pretty web UI for it? That's another thing I argued after they showed us a demo. "Yeah, that's great and all, but we're a pretty simple environment and we will -never- leverage any of those options or use -any- of those features." Troubleshooting things that have never happened keep on coming up and Meraki makes that so easy! Except they didn't actually show us a broken switch or a problem. What happens when the switch loses it's internet connection? What happens when you forget to pay the subscription and something goes wrong? There's like a million things I don't want to deal with.
|
# ? Dec 9, 2016 21:05 |
|
Are Meraki switches still 3x Cisco Catalyst prices? I just don't understand why anybody would pay that much for a device that more or less gets set up correctly and runs itself 99% of the year.
|
# ? Dec 9, 2016 21:10 |
|
Wasn't there a problem for a while where you couldn't manage them if there was an internet outage?
|
# ? Dec 9, 2016 21:18 |
|
siggy2021 posted:Really just what your overall experience has been, and why would or wouldn't I want a Meraki switch over a Cisco switch. My overall experience has been pretty positive. I really like the wireless AP's and the switches. I have some complaints about the MX80 and auto-vpn not being flexible enough with non-meraki ipsec endpoints. Really though, the biggest advantage I get out of the meraki hardware is client management and reporting. You can go look at the full client list of your entire network, search and sort by a number of different fields, bring up client details, see network name, logged in user for windows clients, traffic and bandwidth analytics, see which switch/wireless ap/vpn their currently connected to, all in a real easy web interface that is accessible from anywhere.
|
# ? Dec 9, 2016 21:20 |
|
siggy2021 posted:Really just what your overall experience has been, and why would or wouldn't I want a Meraki switch over a Cisco switch. We went from a hodgepodge of everything under the sun to full Meraki two years ago. We have a Meraki inventory of 22 APs of various models, 14 switches, and 7 firewalls. Things I like about Meraki: decent UI that doesn't fight you, analytics are pretty good, it's dead easy to setup a new facility (takes me about 5 minutes to get a new network fully setup and running once it's racked), lifetime warranty on equipment, support is really good. Things I dislike about Meraki: licensing model, Systems Manager is quite expensive and doesn't function particularly well on Windows machines, lots of the dashboard/network features are super promising but not terribly fleshed out yet, lack of routing protocol options. If we were a company that just existed in a single office/building somewhere I would never go Meraki, but since we have two IT people for a bunch of facilities in several different states strewn across half of the US, this stuff is basically right up our alley for a lot of the reasons mention above. Very easy for us to troubleshoot things in the odd instances where something is actually wrong via a web interface I can get to from anywhere. Basically I don't mind the fact that we went on and did five year licenses on everything because it is pretty cool and works quite well so long as you aren't doing anything super complicated. Were I doing it all over again I'd probably give Ubiquiti a closer look just to save on licensing but other than that, no regrets really. Sheep fucked around with this message at 21:30 on Dec 9, 2016 |
# ? Dec 9, 2016 21:26 |
|
Dunno how big your envrionment is but at smaller offices we use fortiAPs, they're not as robust as the meraki's but you get decent information from them and they work well. Part of the reason is that we use fortinets as router/UTM
|
# ? Dec 9, 2016 21:27 |
|
Meraki is pretty nice for MSPs if you can convince your clients that it's worth the cost. Makes it easy to manage all of your clients from a single pane of glass. Also lets you send super junior guys into the field to install them since they report in and are easy to adopt and manage. Ubiquiti can do similar, but requires a bit of setup to get going. I'm not a big networking guy, but I haven't really found a brand of switch that I love these days. I enjoyed the older ProCurve stuff before the lines got blurred between the real deal and the 3Com garbage. And these days I'm not fond of HP as a company. I really think Cisco gear is expensive for what you get and the fact that they go out of their way to make things difficult to use is a pain. Plus I've run into some really awful bugs in their firmware over the past 2-3 years. Cisco Network Assistant is helpful for those of us who don't have IOS commands recognized. A big part of my decision making process these days is how easy it would be for a junior guy to manage or pick up if I get hit by a bus or move on. I need like a "switches for sysadmins" brand that isn't awful or awfully expensive. [Edit: 666 hail satan] Internet Explorer fucked around with this message at 21:37 on Dec 9, 2016 |
# ? Dec 9, 2016 21:32 |
|
Internet Explorer posted:I need like a "switches for sysadmins" brand that isn't awful or awfully expensive. As you said, old ProCurve stuff but yeah the 3Com thing sucks. Now when it comes to firewalls, I have no idea.
|
# ? Dec 9, 2016 21:56 |
|
psydude posted:Wasn't there a problem for a while where you couldn't manage them if there was an internet outage? I wondered about this. Anyone have an answer if this was actually a thing?
|
# ? Dec 9, 2016 22:10 |
|
Thanks Ants posted:I get Meraki for Wi-Fi because it's one of those things where it's good to have detailed analytics that you can use if you want to troubleshoot, easy setup of guest networks etc. But how often are you really changing your switch configurations around that you need a pretty web UI for it? The upshot to using an all-Meraki infrastructure is the reporting you can get. If you'r running Meraki from the firewall to the APs, the topography and client info you can pull from the web interface is amazing/very pretty. Troubleshooting is also easier via UI for certain things, I guess? But really it's the dynamically generate infomatics that still make me want their gear. (As other people have said, Meraki gear is a lifesaver for MSP-type businesses as well.)
|
# ? Dec 9, 2016 22:15 |
|
GnarlyCharlie4u posted:I wondered about this. Anyone have an answer if this was actually a thing? I don't know if it was, but it's not anymore. All of the meraki devices in my environment have a local web configuration page available. It is admittedly more limited, but it's enough to start troubleshooting an outage.
|
# ? Dec 9, 2016 22:22 |
|
The Fool posted:I don't know if it was, but it's not anymore. All of the meraki devices in my environment have a local web configuration page available. It is admittedly more limited, but it's enough to start troubleshooting an outage. There's always been limited conifg options, but I would assume they've expanded that stuff since I last used them a year+ ago. They were already in the midst of moving stuff out of the "Cloud only" model they had originally.
|
# ? Dec 9, 2016 22:26 |
|
Things keep working if they can't reach the cloud controllers, as well. It's not like you lose your WAN link and your entire network shuts down as a result. They have a four nines SLA on the dashboard/cloud controllers, among other things.
|
# ? Dec 9, 2016 22:27 |
|
666 the VLAN of the beast.
|
# ? Dec 9, 2016 23:18 |
|
skipdogg posted:Pretty much. Hopefully they don't have your contact info or you'll be getting cold calls and emails for the next 3 years, I mean until you die. I have a second set of business cards that go to a separate voicemail box that I never check.
|
# ? Dec 10, 2016 00:28 |
|
Bigass Moth posted:666 the VLAN of the beast. Printer vlan?
|
# ? Dec 10, 2016 00:29 |
|
Bigass Moth posted:666 the VLAN of the beast. tagged, of course.
|
# ? Dec 10, 2016 00:37 |
|
Local management of Meraki devices is still very limited, so if your network connectivity is down you won't be doing much other than changing vlan assignments for ports or configuring uplinks. But it's rarely been a problem for our customers that use it, since as remrarely making changes anyway, so you can generally wait until the network is back up. It makes a lot of sense for places with smaller IT staffs who don't necessary have of want to keep a networking up around. I think part of the issue is that people on the ops side look at Cisco and say "hell, I can run this, who cares about making it easier" whereas management looks at Meraki and say "anyone can run this, so if <admin that wants Cisco> leaves we won't need to find someone else who is Cisco savvy enough to come in and keep things working, which will make hiring easier and cheaper." The end to end visibility when you're doing the full Meraki suite is really nice as well. We have a few customers that run the full Meraki stack (ap, firewalll, switches) and they're happy with it. And I'm happy enough with it because they can usually figure things out on their own, so I don't have to answer so many questions post-install. As far as things not working after support expires, you get a grace period of 90 days or so where you get progressively more and more urgent notifications and requests to renew support before they finally kill it. It doesn't happen on day 0.
|
# ? Dec 10, 2016 01:56 |
|
big money big clit posted:Local management of Meraki devices is still very limited, so if your network connectivity is down you won't be doing much other than changing vlan assignments for ports or configuring uplinks. But it's rarely been a problem for our customers that use it, since as remrarely making changes anyway, so you can generally wait until the network is back up. It makes a lot of sense for places with smaller IT staffs who don't necessary have of want to keep a networking up around. As much as I like Meraki (working for an MSP, for exactly the reasons you or someone posted upthread), the switches still don't necessarily make sense because of the expense. If they were half the cost, I'd absolutely go for them, but unlike APs or even firewalls switch configs don't get changed often and I don't need to know wired throughput / client statistics, mostly because I care more about usage on wireless than wired, so $5-6000 for a 48 port PoE stackable is not value for money. My other gripe about Merakis in terms of full stack is their firewalls' lack of support for regular IPSec clients like Shrewsoft. I get why they went for supporting the built in VPN clients on Mac and Windows, and it certainly makes it faster and easier for users (though I believe split-tunneling is not simple to set up - haven't looked at this in a while). But I need to VPN to many places at once (or rather, not simultaneously at once but many different clients throughout the day), and it's more convenient to have it all in one client, especially since we don't have everyone on Meraki firewalls so most of my connections are regular IPSec. Having one or two clients in Windows VPN (and without split tunneling so it fucks up all my other connections when I connect) and the rest in Shrewsoft is a pain in the rear end. And yes, they technically do support IPSec, and there's even a KB article about it, but at least with the MX64 we have at one client those settings simply don't work, and I haven't had time to sit down and do packet caps to find out why. Maybe they've updated their firmware since June when I last tried this to be more IPSec friendly, but I doubt it. Anyway I'm sure it's really nice to have the full Meraki stack, but for switches I'm not sure it matters enough to overcome the giant loving initial hit to the wallet (not to mention a 10 year old Cisco gigabit switch works just as well now, other than not having PoE+, whereas a Meraki in 10 years will be a brick unless you cough up more and more dough - how much for one year's license extension for an 8-switch stack?). APs I expect we'll replace in 3-5 years anyway because 802.11wqoraufh will be out, but switches don't change that fast. Page 666 supremacy! <image of Trump on Time cover with M being devil horns>
|
# ? Dec 10, 2016 03:18 |
|
Sickening posted:Someone on the other side of the building has a speaker at their desk and is playing Christmas music. I couldn't help myself. I've temporarily disabled the windows audio service on a few computers for similar reasons.
|
# ? Dec 10, 2016 03:57 |
|
Meraki switches are expensive, but I'm not paying for them, so if a customer wants the full stack experience and is willing to pay the premium I've got no problem with that. If you save 20k a year as a business by going with Meraki because you don't need to keep someone that is cisco conversant on staff that extra cost makes itself up pretty quickly.
|
# ? Dec 10, 2016 04:13 |
|
Cisco switches just have such low buffers for the price.
|
# ? Dec 10, 2016 04:24 |
|
Internet Explorer posted:Cisco switches just have such low buffers for the price. If you're blowing through the buffer on a 2960-X in a 150 person building then IDK what to tell you.
|
# ? Dec 10, 2016 05:05 |
|
Bigass Moth posted:666 the VLAN of the BYODs.
|
# ? Dec 10, 2016 05:06 |
|
|
# ? Dec 10, 2016 05:33 |
|
Cisco 3650 or bust.
|
# ? Dec 10, 2016 05:51 |
|
big money big clit posted:Meraki switches are expensive, but I'm not paying for them, so if a customer wants the full stack experience and is willing to pay the premium I've got no problem with that. If you save 20k a year as a business by going with Meraki because you don't need to keep someone that is cisco conversant on staff that extra cost makes itself up pretty quickly. I interviewed at a place where the guy couldn't stop poo poo talking Cisco because people who use their equipment are "overpaid command line programmers" and he didn't want to deal with any of that. I was a bit offended.
|
# ? Dec 10, 2016 06:29 |
|
|
# ? Jun 11, 2024 05:22 |
|
Show me an overpaid command line programmer and I'll show you 100 'Click Next Admins'
|
# ? Dec 10, 2016 09:21 |