<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: This is unacceptable. in Cloud Networking Platform</title>
    <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418103#M5894</link>
    <description>&lt;P&gt;&lt;STRONG&gt;Agreed — Meraki’s RBAC model needs to evolve.&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;I’d like to echo the point about outgrowing the current Admin vs. Read-only roles. For organizations with tiered support (Tier 1–4), the lack of granular access controls creates operational and security challenges — especially when using SSO.&lt;/P&gt;&lt;P&gt;Solutions like Boundless Digital offer the kind of role-based granularity that’s becoming essential. The real challenge is maintaining the “Meraki Simple” experience while expanding access control flexibility.&lt;/P&gt;&lt;P&gt;Would love to see Meraki explore native enhancements that strike this balance — perhaps starting with customizable permission sets tied to SSO roles.&lt;/P&gt;</description>
    <pubDate>Mon, 13 Oct 2025 13:08:58 GMT</pubDate>
    <dc:creator>Stephen007</dc:creator>
    <dc:date>2025-10-13T13:08:58Z</dc:date>
    <item>
      <title>This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418093#M5884</link>
      <description>&lt;P&gt;Hi ,&lt;/P&gt;&lt;P&gt;&lt;A href="https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overview" target="_blank" rel="nofollow noopener noreferrer"&gt;https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overview&lt;/A&gt; &lt;FONT size="1 2 3 4 5 6 7"&gt;( this will be updated )&lt;/FONT&gt;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;Read-only&lt;/STRONG&gt;&lt;SPAN&gt; and &lt;/SPAN&gt;&lt;STRONG&gt;monitor-only &lt;/STRONG&gt;are able to perform disruptive actions ( without any logs &lt;SPAN class="lia-unicode-emoji" title=":smiling_face_with_heart_eyes:"&gt;&lt;span class="lia-unicode-emoji" title=":smiling_face_with_heart_eyes:"&gt;😍&lt;/span&gt;&lt;/SPAN&gt; ) such as Cable-tests and port cycles.&lt;/P&gt;&lt;P&gt;And now it's getting worse. These roles are now able to perform packet captures on your switches. Does that make any sense ? Absolutly not.&lt;/P&gt;&lt;P&gt;Who thought that this was a good idea ..?&lt;/P&gt;&lt;P&gt;I feel like Meraki isn't taking security seriously.&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 12:00:29 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418093#M5884</guid>
      <dc:creator>Raphael_L</dc:creator>
      <dc:date>2025-10-10T12:00:29Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418094#M5885</link>
      <description>&lt;P&gt;Where do you see that read-only and monitor-only users can do pcaps?&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 13:44:07 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418094#M5885</guid>
      <dc:creator>Rasmus Hoffmann Birkelund</dc:creator>
      <dc:date>2025-10-10T13:44:07Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418095#M5886</link>
      <description>&lt;P&gt;I haven't tested all the ways to do it but this is one of them : &lt;/P&gt;&lt;P&gt;&lt;SPAN class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="RaphaelL_0-1760104522805.png" style="width: 400px;"&gt;&lt;span class="lia-inline-image-display-wrapper" image-alt="image.png"&gt;&lt;img src="https://community.cisco.com/t5/image/serverpage/image-id/264536i0D040D1C891E5DB2/image-size/large?v=v2&amp;amp;px=999" role="button" title="image.png" alt="image.png" /&gt;&lt;/span&gt;&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;Might also be accessible with the new UI from Intelligent packet capture&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 13:56:00 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418095#M5886</guid>
      <dc:creator>Raphael_L</dc:creator>
      <dc:date>2025-10-10T13:56:00Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418096#M5887</link>
      <description>&lt;P&gt;I think I remember that it is a bug. There was another thread about it some weeks ago. The doc also explicably says that it’s not present for read- and monitor-only users.&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 15:11:57 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418096#M5887</guid>
      <dc:creator>Rasmus Hoffmann Birkelund</dc:creator>
      <dc:date>2025-10-10T15:11:57Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418097#M5888</link>
      <description>&lt;P&gt;Confirmed by support this is not a bug. The doc as mentionned will be modified.&lt;/P&gt;&lt;P&gt;&lt;EM&gt;I have been advised by our development team the feature of packet capture is available in switch port page for Read-only user as by desgin in a new dashboard UI version. &lt;/EM&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;EM&gt;Our KB &lt;A href="https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocumentation.meraki.com%2FGeneral_Administration%2FCross-Platform_Content%2FPacket_Capture_Overview&amp;amp;data=05%7C02%7Craphael.letourneau%40desjardins.com%7C70587190bb7e49b1826a08de079577e5%7C728d20a50b4447dd947020f37cbf2d9a%7C0%7C0%7C638956535799983913%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;amp;sdata=iKcpdN8fm3ChTs2P5wiKVk429dgDcriXMhx%2FD84OInY%3D&amp;amp;reserved=0" target="_blank" rel="nofollow noopener noreferrer"&gt;Packet Capture Overview&lt;/A&gt; will be updated accordingly.&lt;/EM&gt;&lt;BR /&gt;&lt;BR /&gt;&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 15:23:54 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418097#M5888</guid>
      <dc:creator>Raphael_L</dc:creator>
      <dc:date>2025-10-10T15:23:54Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418098#M5889</link>
      <description>&lt;P&gt;I agree that cable testing and port cycle is not a read-only function as it is doing something, but packet capturing is a read-only function. Granular security would be nice, but it's still a passive/read only operation.&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 17:40:02 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418098#M5889</guid>
      <dc:creator>BHC_RESORTS</dc:creator>
      <dc:date>2025-10-10T17:40:02Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418099#M5890</link>
      <description>&lt;P&gt;I actually think there needs to be three levels.&lt;/P&gt;&lt;P&gt;manage&lt;/P&gt;&lt;P&gt;operate&lt;/P&gt;&lt;P&gt;view&lt;/P&gt;&lt;P&gt;I have several users who I want to be able to run cable tests, bounce ports, take packet captures etc. but not change things so with the current admin and read only, I'm happy for them to have the role.  I wouldn't give someone access at all if I was worried about them bouncing ports for fun.&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 19:19:20 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418099#M5890</guid>
      <dc:creator>CMR</dc:creator>
      <dc:date>2025-10-10T19:19:20Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418100#M5891</link>
      <description>&lt;P&gt;This ^ &lt;/P&gt;&lt;P&gt;I have around 400 users. Most of them are 100% clueless about networking. They only want to see the status of the switch ports ,  view the usage and so on. I don't want them to do packet captures, port cycles. Hell no.&lt;/P&gt;</description>
      <pubDate>Fri, 10 Oct 2025 21:08:11 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418100#M5891</guid>
      <dc:creator>Raphael_L</dc:creator>
      <dc:date>2025-10-10T21:08:11Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418101#M5892</link>
      <description>&lt;P&gt;I fully agree with you, read only should be read only without doing any action on the Dashboard&lt;/P&gt;</description>
      <pubDate>Sun, 12 Oct 2025 07:12:50 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418101#M5892</guid>
      <dc:creator>roland.hollatz1</dc:creator>
      <dc:date>2025-10-12T07:12:50Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418102#M5893</link>
      <description>&lt;P&gt;I think you have outgrown the Administrator access controls that are provided by Meraki and need to consider a more granular and formal RBAC system, such as that offered by Boundless Digital.&lt;/P&gt;&lt;P&gt;&lt;A href="https://www.boundlessdigital.com/product/access-control/" target="_blank" rel="nofollow noopener noreferrer"&gt;https://www.boundlessdigital.com/product/access-control/&lt;/A&gt;&lt;/P&gt;&lt;P&gt;The question in my mind is what solution fits 80% of the customer base while retaining the "Meraki Simple" philosophy.&lt;/P&gt;&lt;P&gt;I think on balance, the current controls and functionality offered are about right (including allowing packet captures, switch port tests, and port cycles) for the vast majority of customers.&lt;/P&gt;</description>
      <pubDate>Sun, 12 Oct 2025 20:32:08 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418102#M5893</guid>
      <dc:creator>Philip D'Ath</dc:creator>
      <dc:date>2025-10-12T20:32:08Z</dc:date>
    </item>
    <item>
      <title>Re: This is unacceptable.</title>
      <link>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418103#M5894</link>
      <description>&lt;P&gt;&lt;STRONG&gt;Agreed — Meraki’s RBAC model needs to evolve.&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;I’d like to echo the point about outgrowing the current Admin vs. Read-only roles. For organizations with tiered support (Tier 1–4), the lack of granular access controls creates operational and security challenges — especially when using SSO.&lt;/P&gt;&lt;P&gt;Solutions like Boundless Digital offer the kind of role-based granularity that’s becoming essential. The real challenge is maintaining the “Meraki Simple” experience while expanding access control flexibility.&lt;/P&gt;&lt;P&gt;Would love to see Meraki explore native enhancements that strike this balance — perhaps starting with customizable permission sets tied to SSO roles.&lt;/P&gt;</description>
      <pubDate>Mon, 13 Oct 2025 13:08:58 GMT</pubDate>
      <guid>https://community.cisco.com/t5/cloud-networking-platform/this-is-unacceptable/m-p/5418103#M5894</guid>
      <dc:creator>Stephen007</dc:creator>
      <dc:date>2025-10-13T13:08:58Z</dc:date>
    </item>
  </channel>
</rss>

