AnyConnect for Meraki MX provides reliable and easy-to-deploy encrypted network connectivity from smartphones and tablets. It also provides persistent corporate access for employees on the go.
A Cisco technology, AnyConnect extends the corporate network out to remote devices on the other side of the organization’s security barrier, and it does to securely. It can also push out things like an Umbrella Client (lightweight, nimble cloud-delivered security service), antivirus, and other security features to those remote devices. So it sallies out beyond the “firewall,” and takes security with it to the end user. So it can also be used as a management or deployment mechanism.
Whether an employee is accessing business email, a virtual desktop session, or other enterprise applications, the AnyConnect client is an easy-to-use interface for business-critical information. The client uses Datagram Transport Layer Security (DTLS), IP Security Internet Key Exchange version 2 (IPsec IKEv2), and TLS (HTTP over TLS/SSL) to provide business-critical applications, including latency-sensitive applications such as voice over IP (VoIP), with encrypted access to corporate resources.
And it’s super easy to set up and manage, of course. Once you’re up, you’re able to properly manage the VPN from a central location, unlike the standard client VPN which can be difficult to manage. Just make sure your MX is upgraded to at least Firmware 16.
Why use AnyConnect for Meraki MX?
AnyConnect is good for any application you want to secure and not publicly expose to the internet. For example, a financial server, or a terminal server.
And AnyConnect allows split tunnel VPN. Combine that with Cisco Umbrella, and users are protected no matter what they do.
AnyConnect is typically a far superior product to built-in VPNs in Windows/Mac. Those tend to be dodgy at best, with all kinds of weird errors occurring. AnyConnect basically just works. And, with AnyConnect you can log on to VPN before you log on Windows.
Features
There’s a bunch. You have SSL (TLS & DTLS), including per-app VPN of course, TLS compression, DTLS fallback to TLS, IPsec/IKEv2, Split Tunneling, Dynamic Split Tunneling, Enhanced Dynamic Split Tunneling, and Split DNS. There is also Proxy auto config (PAC) file generation, Internet Explorer connections tab lockdown, Local LAN access, IPv6, Management VPN tunnel and more.
AnyConnect is more than just a VPN client. It is a fully-fledged endpoint mobility client solution. However, it’s different from the AnyConnect implementation on the ASA or FirePOWER with support for multiple features like Host scan, Web launch, etc. The MX security appliance supports SSL Core VPN and other AnyConnect modules that do not require additional configuration on the MX.
If you would like to know more about AnyConnect for Meraki MX, just reach out to us, or call Corporate Armor at 877-449-0458. Thanks for reading!
Additional AnyConnect for Meraki MX features
| Further IPv6 implementation |
| Certificate pinning |
| Local printer access via client firewall rules |
| Optimal gateway selection |
| Ignore browser proxy |