Security Malware Protection
Dashboard Location: Security and SD-WAN > Configure > Threat Protection
Security Malware Management
Section titled “Security Malware Management”Security malware protection in Meraki appliances provides comprehensive threat detection and prevention through advanced file analysis, URL reputation checking, and signature-based malware identification. This functionality enables organizations to protect against malicious downloads, prevent malware propagation, and maintain security compliance through real-time threat analysis. The malware protection system integrates with Meraki’s cloud-based threat intelligence to provide continuous updates against emerging threats while supporting customizable allow-lists for trusted files and URLs.
⚠️ License Requirement: This feature requires an Advanced Security license subscription.
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”appliance (meraki.domains.organizations.networks)
Section titled “appliance (meraki.domains.organizations.networks)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| security_malware | Class | [security_malware] | No |
security_malware (meraki.domains.organizations.networks.appliance)
Section titled “security_malware (meraki.domains.organizations.networks.appliance)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| mode | Choice | disabled, enabled | Yes | |
| allowed_urls | List | [allowed_urls] | No | |
| allowed_files | List | [allowed_files] | No |
allowed_urls (meraki.domains.organizations.networks.appliance.security_malware)
Section titled “allowed_urls (meraki.domains.organizations.networks.appliance.security_malware)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| url | String | min: 1, max: 1024 | Yes | |
| comment | String | min: 1, max: 127 | Yes |
allowed_files (meraki.domains.organizations.networks.appliance.security_malware)
Section titled “allowed_files (meraki.domains.organizations.networks.appliance.security_malware)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| sha256 | String | min: 1, max: 1024 | Yes | |
| comment | String | min: 1, max: 127 | Yes |
Examples
Section titled “Examples”Example-1: The example below demonstrates security malware protection configuration.
This configuration enables advanced malware protection and anti-virus capabilities for network traffic inspection. The example includes malware scanning settings, URL allow-lists, and file signature management for comprehensive threat protection.
This configuration activates malware protection using “mode: enabled” to enable scanning functionality, “allowed_urls” with specific domains (cisco.com, meraki.com) and comments for trusted sites to bypass malware scanning, and “allowed_files” containing SHA256 hash values with descriptive comments for trusted files. Each allowed entry includes a comment field for documentation purposes, ensuring legitimate files and URLs are not blocked by the malware protection system.
meraki: domains: - name: !env domain administrator: name: !env org_admin organizations: - name: !env org networks: - name: !env network_name product_types: - appliance - switch - wireless - camera - sensor - cellularGateway appliance: security_malware: mode: enabled allowed_urls: - url: "www.cisco.com" comment: "Cisco" - url: "*.meraki.com" comment: "Meraki" allowed_files: - sha256: "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef" comment: "Test File 1" - sha256: "abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890" comment: "Test File 2"