Menu
|
Menu
In 2024, manually configuring Meraki networks was tedious. In 2026, it’s a liability.
The tools have changed. Cisco launched native Workflows in the Meraki dashboard. Templates are being deprecated in favor of more flexible approaches. And the scale of enterprise Meraki deployments has outgrown what a human can reliably manage by clicking through dashboards.
Yet most network teams are still doing these five tasks by hand. Every single one of them is a candidate for automation — and every single one creates risk when it isn’t.
This is the one that surprises people, because it seems simple. You have a new firewall rule. You need it on every MX. How hard can it be?
At 10 sites, not hard. At 50 sites, annoying. At 500 sites, dangerous.
A manufacturing company we work with has teams logging into each site’s dashboard individually to update firewall rules. Across 50+ locations and 26,000 switch ports, a single rule change becomes a multi-day project. Worse, manual rollout means some sites get the change on Monday and others don’t get it until Thursday — creating an inconsistent security posture for days.
Automated firewall rule deployment pushes the change everywhere simultaneously, with validation checks confirming the rule applied correctly at each site. One action, full coverage, no drift window.
Firmware scheduling in Meraki is straightforward — for one organization. But enterprises don’t run one organization.
A global hospitality company managing over 70 Meraki organizations told us firmware upgrades are a “manual nightmare.” Each org requires individual scheduling. There’s no way to batch a firmware push across all 70+ orgs, no way to set a global rollback window, and no way to confirm every device actually upgraded without logging into each org afterward.
Automated firmware orchestration handles the scheduling, batching, verification, and rollback across every org from a single pane. The alternative is a spreadsheet, a prayer, and two engineers spending their weekend monitoring progress.
When a site closes, a store rebrands, or hardware gets refreshed, devices need to be systematically removed from the Meraki platform. That means unclaiming devices, cleaning up network objects, updating inventory records, and ensuring license counts are accurate.
Most teams handle this ad hoc. The result is ghost devices still consuming EA licenses months after they were physically removed, network objects that reference hardware that no longer exists, and inventory discrepancies that surface at the worst possible time — during True Forward.
That same hospitality company has properties closing and rebranding regularly. Each closure means hundreds of devices that need clean removal. An automated decommissioning workflow handles the full sequence: unclaim, clean, update inventory, adjust licensing reports. No missed devices, no license waste.
Your security team has a documented standard for how networks should be configured. VLANs, SNMP settings, firewall policies, SSID configurations — all of it should match a baseline.
Checking that baseline manually means logging into each network, comparing settings against the documented standard, and flagging deviations. At 100 networks, that’s a quarterly project. At 1,000 networks, it simply doesn’t happen — which is why drift goes unnoticed until an auditor finds it.
Automated compliance checks run on a schedule (daily, weekly, whatever your policy requires), compare every network against your golden baseline, and surface deviations the moment they appear. One customer told us their compliance team requires daily proof across 4,394 networks. The only way to do that at scale is automation.
This one seems minor until you realize that every other automation depends on it. Tags determine which networks get firmware upgrades, which sites receive config pushes, which devices are included in compliance scans.
A national grocery chain with 500 stores learned this firsthand. With Meraki templates being deprecated, they pre-tagged every network by region, store type, and device role — before building any automation. Smart move. Without those tags, their automation workflows would have had no way to target the right subset of networks.
If your tags are inconsistent or incomplete, every automation you build on top of them will be unreliable. And maintaining tags manually across hundreds of networks is exactly the kind of task that falls behind when teams get busy.
All five of these tasks share the same pattern: they’re simple at small scale and dangerous at enterprise scale. The manual approach works until it doesn’t — and the moment it fails, the consequences are outages, audit findings, or license waste.
The good news is that none of these require your team to learn Python or build custom scripts. Cisco’s native Workflows platform, combined with tools like Boundless Automation modules, provide pre-built workflow templates that cover these use cases out of the box.
The question isn’t whether to automate these tasks. It’s how much risk you’re carrying by not automating them yet.
If all five feel overwhelming, pick one. The highest-impact starting point for most teams is whichever task your team spends the most time on or has failed at most recently. For many, that’s firewall rule deployment or firmware upgrades — the tasks that directly affect security posture and uptime.
Build the first workflow. Watch it work. Then expand from there.
Boundless builds pre-certified automation modules for Cisco Workflows, available on the Cisco GPL and Meraki Marketplace. From firewall deployment to device decommissioning, each module is designed for enterprise teams managing at scale.
1207 Delaware Ave #552, Wilmington, Delaware 19806
Americas: +1 (347) 464 6510 - EMEA: +33 (0) 181 22 12 80
