Cisco Meraki Loses Customer Data in Engineering Gaffe (cloudpro.co.uk) 63
Cisco has admitted to losing customer data during a configuration change its enginners applied to its Meraki cloud managed IT service. From a report: Specific data uploaded to Cisco Meraki before 11:20 am PT last Thursday was deleted after engineers created an erroneous policy in a configuration change to its US object storage service, Cisco admitted on Friday. The company did say that the issue has been fixed, and while the error will not affect network operations in most cases, it admitted the faulty policy "but will be an inconvenience as some of your data may have been lost." Cisco hasn't said how many of its 140,000+ Meraki customers have been affected. The deleted data includes custom floor plans, logos, enterprise apps and voicemail greetings found on users' dashboard, systems manager and phones. The engineering team was working over the weekend to find out whether the data can be recovered and potentially build tools so that customers can find out what data has been lost.
No backups? (Score:4, Insightful)
For the $ they charge they can't afford backups?
Re: (Score:2)
From the sound of it, Once people tell what is missing they can get it restored. But I figure it is hard for them to do a mass fix, because on how much the data is being used. Sure I bet Cisco could had done something better. But what do you expect when you purchase a big company to do this type of work.
Re: (Score:1)
For anything important that you're not willing to lose: if you don't back up your own data *before* you upload it to the cloud, you assume a risk. Sure it would be nice if Cisco or any other cloud provider keeps backups because these things happen. But no one cares about your data as much as you do. If you act like you care about it, then events like this amount to a minor inconvenience.
Shit happens. Plan for it.
Re: (Score:2)
The problem is too many people out side of IT, don't have the skills to backup the data. Even just copying the files onto a separate drive, is often witch craft to them, yes even in 2017.
Re: (Score:2)
Note that a lot of these services seemingly intentionally make it hard to have offline backups. For example, doing graphical type work in an editor in their webapp, no option to save or export.
I don't know about Cisco's, but generally speaking, the name of the game is to lock the users in to assure recurring revenue, and portable data is counter to that goal.
Re: (Score:2)
Re: (Score:1)
There are no tools to export this data, or, really, much of any data in Meraki's tools. No API access to your data, no "export," no "backup"...
The best you can expect is to beg them for this until they tell you either "this isn't a bug, it is a feature request, gtfo" for a bug report or for a feature request.
In other words, if you aren't documenting this info as you add it, and if you aren't willing to re-add it (by hand) at a moment's notice, then your data is at risk, and they offer you no tools to mana
Re: (Score:1)
In my experience: this.
Cloud is bad? (Score:2)
Re: (Score:2)
I see cloud services like air travel. Statically it is the safest way to go. However when there is a problem it is a really big deal. Then you combine putting your data in someone else hand, creates all kinds of fear.
However, the real problem that I see, is people using cloud services where they really shouldn't be doing so. If you have the money for a data center and the data you are working with is very customized for your company. Going with a cloud solution usually brings more pain then reward.
However
Re:What's a 'Cisco Meraki'? (Score:5, Funny)
What's a 'Cisco Meraki'? What's a 'cloud managed IT service'? Can we get these described with real words, and not marketing babble?
I don't know, my eyes read it as "Cisco Meerkat" for a split second when I first read the headline.
That's why you don't trust members of the mongoose family to look after your data.
Re: (Score:3, Funny)
That's why you don't trust members of the mongoose family to look after your data.
Unless of course your data is under attack from snakes. Then a mongoose is exactly what you want.
It's all about the threat model.
Re:What's a 'Cisco Meraki'? (Score:5, Informative)
Meraki is a product-line of Cisco's. Saying, "Cisco Meraki," is like saying, "Chevrolet Impala."
"Cloud-managed IT service," is a bit oversimplified but not greatly so for anyone that knows how Meraki products work. Imagine all of your managed switches, routers, WAPs, etc connecting not to your own infrastructure for centralized management, but to Cisco's infrastructure for remote-centralized management. You log in to Cisco's Meraki website and do your config changes there through a GUI instead of SSHing or otherwise consoling-in to a switch locally or using something like Prime running on your own servers.
"Cloud-managed IT service," is also not especially strong marketing-speak when you consider the definition of "cloud" as someone else's server, as we've been using the term for the better part of a decade on Slashdot and elsewhere. Given how many different disparate IT functions Meraki can potentially do, "IT service," as in network infrastructure aspects of IT, is probably the furthest one can nail it down.
Either way though, if you've been paying attention to Cisco's products then you probably have some inkling of what the Meraki product-line does or how it works.
Re: (Score:2)
If Meraki would allow one to go either way, either Cisco-hosted management or else locally-hosted management, I would be much more inclined to consider them, but since there is no locally-hosted management option I can't justify them in an enterprise setting.
Re: What's a 'Cisco Meraki'? (Score:2)
"Other vendors have similar, or allow you to run your own manager that the devices contact for provisioning, but Cisco's is all cloud."
I believe it is more correctly "Cisco's Meraki product line is all cloud", as last I checked (granted, that was a year ago) Cisco is still developing, selling and supporting their more traditional Wireless LAN Controller product (that they had since before they aqcuired Meraki) for their AiroNet APs running the "managed" (default these days) version of the firmware. IIRC WLC
Re: (Score:2)
Non-Meraki solutions aren't going anywhere at all. Unfortunately Prime sucks when it comes to anything beyond WAPs.
We have about 2600 managed switches and perhaps 6000 WAPs, and Prime just bogs, regardless of how much hardware we throw at it. It's so bad that I'm about ready to try to take the switches out entirely and figure out some other solution for them.
Re: (Score:2)
Because it is grossly over priced that way!
Re: (Score:1)
What's a 'Cisco Meraki'? What's a 'cloud managed IT service'? Can we get these described with real words, and not marketing babble?
If you don't know what that name means, it means you are not in the IT field and it shouldn't concern you.
Re: (Score:1)
Re: (Score:2)
Also, another recycled comment - I remember this comment being posted before, almost word-for-word.
I don't see you complaining about Slashdot reposting the same kind of story, sometimes two or three times in the same day.
Re: (Score:2)
Go eat a cock burger asshole.
Have some Spam-flavored Macadamia Nuts [amzn.to] with your whine.
Someone Else's Server (Score:5, Informative)
And this is what happens when you entrust your data to someone else's server.
I have exactly one meraki switch that's slated for replacement, I got it very cheap, but had I realized exactly what was entailed in using it I would never have bought it in the first place. I guess I like having entirely local control for my network infrastructure. Even if I can't afford Catalyst, those Linksys-derived SG-series small business switches would probably be better than Meraki if only so that I don't have to pay a subscription just to keep frames forwarding.
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
You don't need smartnet for Catalyst 2960 or 3560 either. You also don't need it for 3850 L3 switches including the 10G models. They all have limited lifetime warranty.
We're looking to replace our ME3600X and 4500X models with 3850 models to get away from smartnet, I can justify it that even keeping three or four on the shelf for immediate-swapout I'll still save us money.
Re: (Score:2)
And this is what happens when you entrust your data to someone else's server.
That's not a given. To generalise for the vast majority of the industry: In most cases someone else is far better and managing my data than I am.
Re: (Score:2)
Our IT department went with Meraki security appliances, with great gusto, after I got one free from the Cisco demo.
The reason for it? It saves us a lot of time - and it survives in the oddest of places. Basically we use them for our satellite offices where there is no IT guy - we just tell them to unpack it, plug it in, and away it goes - we configure them to VPN into our Meraki firewalls and when they plug it in, it creates the tunnel and everyone's happy. We have ours in a warm spare arrangement - the mai
Re: (Score:2)
Re: (Score:2)
I have a hundred sites across a metro area. There are three of us that deal with racking, configuring, and maintaining switches, about 2600 switches in perhaps a thousand IDFs and cabinets. So far it hasn't required a whole lot of hands-on and we trust the desktop techs to handle limited patching when they call-in.
Re: (Score:2)
Re: (Score:2)
Makes sense. We support about 70,000 users, and the department has around 60 total employees. Networking is rather thinly staffed though, compared to the rest.
In my case (Score:2)
They lost the floor plans graphics as well as the Captive portal Splash Pages HTML files.
Took me half an hour to fix. TBH, it's not so bad, the new templates for the splash pages look more modern .
The only cloud provider I need (Score:1)
is a McDonnell Douglas F-15E. (Sorry, I'm never going to call it Boeing.)
50 years ago ... (Score:1)
the moon was there for the taking.
50 years later ...
Cisco can fuck anything up, at will, at any time, and brag about it.
This saddens me.
Im fully capable of losing my own data. (Score:2)
But seriously that is one of the problems with cloud providers is accountability if something does go wrong. There was a pretty bad outage on amazons s3 services due to an employee fuckup as well. At least when companies ran their own servers the outage would generally only affect that one company instead of hundreds or thousands.
Just my .02
Re: (Score:2)
At least when companies ran their own servers the outage would generally only affect that one company instead of hundreds or thousands.
For some business folk, this is an advantage. If all your competitor's are down too, great! If you are an IT manager and it's the vendor's fault, again great!
Sadly, many folks don't care as much about an outage or data loss as they care about who gets blamed.
My experience with Meraki. Hint: 0 *'s (Score:2)
He had started replacing old campus switches with Meraki units. Meraki is a marketing company that is owned by Cisco. Meraki hardware runs Linux, but they've locked it down to the point of uselessness. They prey on those in the business who have no idea what they are doing by offering a "Simple" solution. They are worth staying away from for many reasons, some of which I'll list here:
A. Technical suppo
Re: (Score:1)
I can pretty much echo Dan's experience.
They once pushed a patch to a customers Meraki switches which cause packet loss for their phone system (it was a call centre).
I asked for the release notes to see the known issues, and bug fixes. No dice, "we don't offer release notes", it's all secret and you are not to know.
They refused to accept their patches did anything to cause the problem.
Again they pcap'd data and said all was fine, but would provide no diagnostic as to what the switches were actually doing.
As
Re: (Score:2)
I'll let the other bits of your rant go but this one is not true. It's pretty straight forward. Go into Organization -> License Info and it says right there the date when everything expires. And since everything co-terminates, your entire infrastructure goes tits up at the same time.
Re: (Score:1)
I really meant that part of my message to be about budgeting for the care and feeding of Meraki devices.
If you purchase a license for 10 switches, the clock starts ticking when you buy the license, not when you activate the switches.
If you activate "claim" only 9 switches, the clock still counts 10
Remove a device, the clock is still ticking as if you had ten.
If then you were to buy five more licenses for a completely different (Let's say less expensive) product,
Re: (Score:2)
Oh yeah, I agree. I just activated a switch with a 6 year (one year free) license and my end date for all my equipment went forward by a whopping one week. And yeah, it sat in the box for two months before I could get to it -- and I did notice the license started at purchase date.
Then again, I like it because it forces my employer's hand. Too often in the past they've let service contracts expire despite my pleading because they say they are comfortable with the risks, then when a failure happens they hol
Meh, not really bothered. Still love my Merakis. (Score:2)
I don't get the criticisms I'm seeing. They don't match my experience in any respect. There are a few things that are lacking or need improvement, but when isn't that the case? If there's a perfect product out there, I've never seen or heard of it.