Security Intrusion Detection and Prevention
Dashboard Location: Security and SD-WAN > Configure > Threat Protection
Security Intrusion Management
Security intrusion detection and prevention (IDS/IPS) in Meraki appliances provides comprehensive network threat protection through real-time traffic analysis, signature-based detection, and automated threat response. This functionality enables organizations to identify and block malicious network activity, protect against known attack vectors, and maintain security compliance through continuous monitoring. The intrusion protection system integrates with Meraki’s threat intelligence feeds to provide up-to-date protection against emerging threats while supporting customizable security policies for different network environments.
⚠️ License Requirement: This feature requires an Advanced Security license subscription.
Diagram
Classes
appliance (meraki.domains.organizations.networks)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
security_intrusion | Class | [security_intrusion] | No |
security_intrusion (meraki.domains.organizations.networks.appliance)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
mode | Choice | detection , disabled , prevention | No | |
ids_rulesets | Choice | balanced , connectivity , security | No | |
protected_networks | Class | [protected_networks] | No |
protected_networks (meraki.domains.organizations.networks.appliance.security_intrusion)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
use_default | Boolean | true , false | No | |
included_cidr | List | String | No | |
excluded_cidr | List | String | No |
Examples
Example-1: The example below demonstrates security intrusion detection and prevention configuration using tested YAML configuration from pipeline fixtures.
meraki: domains: - name: "!env domain" administrator: name: "!env org_admin" organizations: - name: "!env org" networks: - name: "!env network_name" product_types: - appliance - switch - wireless - camera - sensor - cellularGateway appliance: security_intrusion: mode: prevention ids_rulesets: balanced # Protected networks is valid configuration but can only be applied when appliance is in passthrough mode. # protected_networks: # use_default: true # included_cidr: # - "192.168.20.0/24" # excluded_cidr: # - "192.168.10.0/24"