We have a customer who recently suffered from an unsuccessful attack to/through their MX250 from a country that should not be trying to access their network.
I understand that this could have been a hidden address range etc and that it is possible to manually blacklist IP addresses/ranges but is there an automated update of malicious IP addresses that can be sent to the MX, maybe from Talos that provides automatic protection from known malicious ranges?
You can ask this question in Meraki's area of communication.
I'm not an expert on Meraki, but I'll try to help. I do not know any type of solution of TALOS referring to these specific cases, however, within the Meraki you have the option to request the performance of the TALOS team.
What is the current version of MX is?
Thanks. Happy to repost on the Meraki forum but the models are MX250 (and an MX84), which should have the latest version of software downloaded as soon as they connect to the cloud.