Meraki Firewall

Version: Meraki Firewalls MX Series.

Meraki Firewalls are cloud-managed network security appliances designed to make distributed networks fast, secure, manageable by employing stateful inspection and auto-configuring VPN options. Netsurion Open XDR amasses and examine logs generated by Meraki Firewall to help an administrator to monitor IDS alerts, VPN sessions, web traffic, user behavior and system activity.

Netsurion Data Source Integration for Meraki Firewall allows you to monitor the following:-

  • Operations – Web traffic and VPN sessions
  • Security – IDS alerts and blocked web content
  • Compliance – User behavior and system activity 

Once Meraki Firewall is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

TypeNameDescription
SecurityMeraki Firewall – IDS alert detectedThis alert is generated when unusual traffic is detected by IDS.
SecurityMeraki Firewall – Suspicious content blockedThis alert is generated when suspicious web content is blocked by content filter.

Reports

TypeNameDescription
SecurityMeraki Firewall – IDS alert detailsThis report provides information related to threats detected by IDS which includes Source MAC, Source IP, Source Port, Destination MAC, Destination IP, Destination Port, Protocol Type and Alert Details fields.
SecurityMeraki Firewall – Blocked web content detailsThis report provides information related to web content blocked by content filter which includes Host Address, Host Port, Blocked URL Category and Blocked URL fields.
OperationsMeraki Firewall – Traffic flow detailsThis report provides information related to traffic flow which includes Source MAC, Source IP, Source Port, Destination MAC, Destination IP, Destination Port, Protocol Type and Rule Name fields.
OperationsMeraki Firewall – Web traffic detailsThis report provides information related to web traffic which includes Source MAC, Source IP, Source Port, Destination MAC, Destination IP, Destination Port, Request Type and Requested URI fields.
OperationsMeraki Firewall – VPN session detailsThis report provides information related to VPN sessions establishment, connection or disconnection which includes VPN Type, VPN Status, User Name, Source IP, Source Port, Destination IP and Destination Port fields.
ComplianceMeraki Firewall – User authentication detailsThis report provides information related to local user authentication attempt which includes Host MAC, User Name, User Details and Group Details fields.
ComplianceMeraki Firewall – Device activity detailsThis report provides information related to configuration changes and system events which includes Device Name, Event Time and Activity fields.

Documentation

The configuration details are consistent with Netsurion Open XDR 7.x or later, and Meraki Firewall.

Download Integration Guide and How-to Guide for configuration instructions and more information.