Cisco Meraki Loses Customer Data in Engineering Gaffe

Cisco has admitted to losing customer data during a configuration change its enginners applied to its Meraki cloud managed IT service. From a report: Specific data uploaded to Cisco Meraki before 11:20 am PT last Thursday was deleted after engineers created an erroneous policy in a configuration change to its US object storage service, Cisco admitted on Friday. The company did say that the issue has been fixed, and while the error will not affect network operations in most cases, it admitted the faulty policy "but will be an inconvenience as some of your data may have been lost." Cisco hasn't said how many of its 140,000+ Meraki customers have been affected. The deleted data includes custom floor plans, logos, enterprise apps and voicemail greetings found on users' dashboard, systems manager and phones. The engineering team was working over the weekend to find out whether the data can be recovered and potentially build tools so that customers can find out what data has been lost.

No backups?

[Archon]

For the $ they charge they can't afford backups?

Re:No backups?

[dschnur]

There is no way to backup Meraki configuration data. It's a tool they intentionally lock users out of.

Someone Else's Server

[TWX]

And this is what happens when you entrust your data to someone else's server.

I have exactly one meraki switch that's slated for replacement, I got it very cheap, but had I realized exactly what was entailed in using it I would never have bought it in the first place. I guess I like having entirely local control for my network infrastructure. Even if I can't afford Catalyst, those Linksys-derived SG-series small business switches would probably be better than Meraki if only so that I don't have to pay a subscription just to keep frames forwarding.

Re:What's a 'Cisco Meraki'?

[Oswald+McWeany]

What's a 'Cisco Meraki'? What's a 'cloud managed IT service'? Can we get these described with real words, and not marketing babble?

I don't know, my eyes read it as "Cisco Meerkat" for a split second when I first read the headline.

That's why you don't trust members of the mongoose family to look after your data.

Re:What's a 'Cisco Meraki'?

[TWX]

Meraki is a product-line of Cisco's. Saying, "Cisco Meraki," is like saying, "Chevrolet Impala."

"Cloud-managed IT service," is a bit oversimplified but not greatly so for anyone that knows how Meraki products work. Imagine all of your managed switches, routers, WAPs, etc connecting not to your own infrastructure for centralized management, but to Cisco's infrastructure for remote-centralized management. You log in to Cisco's Meraki website and do your config changes there through a GUI instead of SSHing or otherwise consoling-in to a switch locally or using something like Prime running on your own servers.

"Cloud-managed IT service," is also not especially strong marketing-speak when you consider the definition of "cloud" as someone else's server, as we've been using the term for the better part of a decade on Slashdot and elsewhere. Given how many different disparate IT functions Meraki can potentially do, "IT service," as in network infrastructure aspects of IT, is probably the furthest one can nail it down.

Either way though, if you've been paying attention to Cisco's products then you probably have some inkling of what the Meraki product-line does or how it works.

In my case

[moofo]

They lost the floor plans graphics as well as the Captive portal Splash Pages HTML files.

Took me half an hour to fix. TBH, it's not so bad, the new templates for the splash pages look more modern .

Re:What's a 'Cisco Meraki'?

That's why you don't trust members of the mongoose family to look after your data.

Unless of course your data is under attack from snakes. Then a mongoose is exactly what you want.

It's all about the threat model.

My experience with Meraki. Hint: 0 *'s

[dschnur]

A little while ago, I inherited a network form a-person-who-called-him-self-an-admin-but-was-clueless.

He had started replacing old campus switches with Meraki units. Meraki is a marketing company that is owned by Cisco. Meraki hardware runs Linux, but they've locked it down to the point of uselessness. They prey on those in the business who have no idea what they are doing by offering a "Simple" solution. They are worth staying away from for many reasons, some of which I'll list here:

A. Technical support with NO tools to provide support.
    4 support calls to Meraki.
    0 successful solutions.
    1 actual bug.
    1 email back with a link to a PDF of an advertising spec sheet.
    1 "Make a Wish" button.
    1 "lesson in Pcap" from a person who had no idea how to interpret the results.

B. No support for critical protocols.
    - CDP, nope.
    - LLDP, somewhat. If it fails, then they have you run Pcap. Silly since I know what's being sent to the switch and know how to diagnose what is going through my network. I needed to know what the switch was doing with the data once it got there.
    - 802.1s (MSTP), not at all. In fact, I had an "engineer" tell me that He would be "surprised if I had an actual use case to implement it." I responded by pasting a URL to the help section of Cisco's mainline web site back to him explaining its' uses and how to set it up on actual Cisco hardware.

C. Near complete lack of any ability whatsoever to debug what the switch was doing.
  - Their solution. You must not need what you are asking for. Did I mention Pcap?

D: A Faustian contract.
  - No better way to put it. The switches run Linux, but if you don't pay them they stop working at the end of the contract.
  - It's near impossible to actually predict when your devices will expire because of the complexity of the contract.
    - They provide an online "calculator" to help you figure out why a ten year support contract on a switch is actually only 9 months long.

D. Greasy sales people.
I received an email from them the other month telling me that Cisco was going to make them double all their prices, but "If I acted now..."

End game.

My response was simple. "It's ok, we're upgrading to Dell."

Their response, "Sorry to hear that, if there's anything we can do..."

Me, "Tell me about your upgrade program to mainline Cisco hardware."

Meraki, "We don't have a program like that."

Me, "It's ok, Dell does."

(Well, it might not, but I *had* to tell them that.)

We scrapped the last bit of Meraki equipment last week. Seems like it might have been pretty good timing on our part.

  _Dan