Meraki WAP
Version: MR Series
The Meraki MR series is the world’s first enterprise-grade line of cloud-managed WLAN access points. Designed for challenging enterprise environments, the MR access points use advanced 802.11ac and 802.11n technologies including MIMO, beam forming and channel bonding to deliver the throughput and reliable coverage required by demanding business applications. Netsurion’s Open XDR platform amasses and examines logs generated by Meraki WAP to help an administration to monitor IP traffic, Rogue AP, SSID spoofing etc.
Netsurion Data Source Integrations for Meraki WAP allows you to monitor the following:-
- Operations – Client machine disassociation, Client machine authentication deauthentication and Client machine association
- Security – Rogue SSID detected and SSID spoofing detected
Once Meraki WAP is configured to deliver events to Netsurion Open XDR Manager; alerts, reports and dashboards can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Meraki WAP – Rogue SSID detected | This alert is generated when rogue SSID is has been detected in Meraki WAP. |
| Security | Meraki WAP – SSID spoofing detected | This alert is generated when SSID spoofing has been detected in Meraki WAP. |
| Operations | Meraki WAP – Client deauthentication | This alert is generated when client tries to login to the AP but due to wrong credentials it gets deauthenticated. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | Meraki WAP – Rogue SSID detected | This report provides information related to an rogue SSID that has been detected and their fields are Computer, Event Type, SSID Name, Broadcast SSID, VLAN ID, Wired MAC Address, Source MAC Address, Destination MAC Address. |
| Security | Meraki WAP – SSID spoofing detected | This report provides information related to an SSID spoofing that has been detected and their fields are Computer, SSID, Destination MAC Address, Source MAC Address, Broadcast SSID and Channel. |
| Operations | Meraki WAP – Client machine disassociation | This report provides information related to client machine getting disassociated from AP and their fields are Source IP Address, ARP Source Address, Client MAC Address, DNS Server, DHCP Server MAC Address, Radio, Total Duration, Event Type. |
| Operations | Meraki WAP – Client machine authenticate deauthenticate | This report provides information related to Client machine getting authenticated or deauthenticated and their fields are Computer Event Type, Client IP Address, Client MAC Address and identity. |
| Operations | Meraki WAP – Client machine association | This report provides information related to client machine getting associated to an AP and their fields are Computer Event Type, Client IP Address, Client MAC Address , Channel and Radio. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x and later, Meraki Wireless Access Point (WAP) MR series
Download Integration Guide for configuration instructions and more information.