My company is in the process of acquiring another company and there is a possibility of either using Cisco IWAN or Meraki. Can someone please share some pros/cons for the both? Which solution is better and more reliable? Which solution will take less time to implement?
I have deployed a lot of both.
Personally I would only use Cisco Meraki now. Considerably faster to deploy. Much much easier to manage. Excellent monitoring. Very flexible.
it is obviously a matter of preference, but the below incident was prominent in the news. Maybe it is old fashioned, but I am reluctant to trust The Cloud with sensitive data...
On August 3rd, 2017, the engineering team made changes to the North American object storage service, the change caused some customer data to get deleted. Cisco stated the change was "an erroneous policy" that was applied. The data loss mostly affected media files uploaded by customers. Data that was lost included:
Systems Manager - Custom enterprise apps and contact images.
Meraki Communications - IVR audio files, hold music, contact images and VM greetings.
Wireless Device Dashboard - Custom floor plans, device placement photos, custom logos used for interface branding and reports and custom splash themes.
On the 7th it was announced some data on the cache service could be recovered. On the 9th customers were informed the recovery efforts were still underway but they "do not expect to be able to recover most assets".
I am totally with you and this is not the only case. I believe the question should be rephrased in terms of trust:
Why do people trust so much cloud solutions?
It will be very nice to hear from all of you guys if you have an answer to that.
To me, Meraki is an excellent product but should never be the only one to be considered as a solution. Sensitive data and control over what you produce should alwyas be on the back of our minds before taking a decision.
"Those clever and outsourced services are managed by people you have no control over and this is why I would like more people approaching clouds with more caution. Your Titanic example is not really fitting because the Titanic had its own crew and made its own mistake."
I think you're making my point. I don't recall the passengers of the Titanic having much control over the crew, but if your thinking the crew of the Titanic was only at fault, they didn't design the ship or set the number of lifeboats, decisions made by others not part of the crew, nor on-board. This also applies to other commercial passenger disasters, or other engineering disasters (like bridge failures - or o-rings in rocket boosters). So, the Titanic and other disasters are often setup or caused by people not there at the time.
I agree using clouds should probably be used with more caution, but I've seen lack of prudence for internal systems too. Having direct control over people and systems doesn't always guarantee such systems are "better or safer", although with internal systems you might have the "pleasure" of firing staff after the disaster. ;)
"Why do people trust so much cloud solutions?"
There are many reasons, but usually because they get access to far greater technical resource and capability on a 24x7 basis then they could ever hope to have themselves internally.
I could also ask the question "Why do people trust so much internal solutions?",
Id have to go for meraki - as stated, its very flexiable, monitiroing is also very good and its easy to implement as such that you dont even require the hardware to do it - It can be done even before your hardware arrives on site so then you just need to attach it.
The SD-WAN feature of the meraki is exceptional to implement , just a couple of clicks and you have stie-stie vpn no need to create any vpn profiles, maps acls etc.
As for cloud - I think its an old way of thinking regards its security, Deletion of data occurs no matter what plafrom you use.
The way things are moving now with SDN and ACI it wont be long before everthing is cloud managed Its just a question of time.
It will be the norm for an office worker to just come along and plug a router/switch/FW into the network and its up and running-- zero touch just like you can do now with meraki.