Cisco Meraki MX105

Basic Information

• Model: MX105-HW
• Version: Part of the MX series, a new generation of appliances.
• Release Date: Announced June 2021, generally available July 6, 2021.
• Minimum Requirements: Designed for large branch environments, supporting up to 750 users.
• Supported Operating Systems: Not applicable; it is a hardware appliance managed via a cloud-based web dashboard.
• Latest Stable Version: Firmware updates are automatic and cloud-managed through the Meraki Dashboard.
• End of Support Date: As a replacement for the MX100, its End-of-Support (EOST) date is expected to be significantly later than the MX100's EOST of October 31, 2026. Specific EOST for the MX105 is not yet publicly announced.
• End of Life Date: Not yet announced. As a newer model, its End-of-Life (EOL) date is expected to be well beyond its predecessor's.
• Auto-Update Expiration Date: Tied to the active license subscription. Firmware updates are automatic as long as the license is valid.
• License Type: Requires a mandatory license for operation. Available license types include Enterprise, Advanced Security, and Secure SD-WAN Plus, offered in 1, 3, 5, 7, and 10-year subscription options.
• Deployment Model: 100% cloud-managed with zero-touch provisioning. It can be deployed as a VPN concentrator or in routed mode.

Technical Specifications

• Processor: Not specified.
• RAM: Not specified.
• Storage: Not specified.
• Display: Status LEDs.
• Ports:
  • WAN: 2x 10GbE SFP+, 2x 2.5GbE RJ45 (one with PoE+)
  • LAN: 4x 1GbE RJ45, 2x 10GbE SFP+
  • USB: 1x USB 2.0 for 3G/4G cellular failover.
  • Management: 1x RJ45 management port for local status page access.
• Operating System: Proprietary Meraki OS, cloud-managed.
• Dimensions: 1U rack-mount, 44 mm (H) x 315 mm (D) x 484.6 mm (W) or 1.73 in (H) x 12.4 in (D) x 19.08 in (W).
• Weight: 10.74 lb (4.87 kg) with two fans and two PSUs.

The Cisco Meraki MX105 is a robust 1U rack-mountable appliance designed for high-performance network security. Its extensive port configuration, including multiple 10GbE SFP+ and 2.5GbE RJ45 interfaces, supports diverse WAN and LAN connectivity requirements. The inclusion of PoE+ on a WAN port and a USB port for cellular failover enhances its versatility for various deployment scenarios. While specific internal components like processor, RAM, and storage are not detailed, the appliance's throughput capabilities indicate powerful underlying hardware optimized for network security functions.

Support & Compatibility

• Latest Version: Firmware updates are automatically delivered and managed via the cloud-based Meraki Dashboard.
• OS Support: Managed through a web-based interface, compatible with standard web browsers across various operating systems.
• End of Support Date: Not yet publicly announced for the MX105. It is a newer model that replaced the MX100, whose support ends October 31, 2026.
• Localization: The Meraki Dashboard supports multiple languages, providing a localized management experience.
• Available Drivers: Not applicable; the MX105 is a network appliance managed via its cloud dashboard.
• Cartridge and Ink Codes: Not applicable; this is not a printer.

The Cisco Meraki MX105 offers strong support through its cloud-managed architecture, which ensures automatic firmware updates and centralized management. This simplifies maintenance and keeps the device current with the latest features and security patches. Compatibility is broad, as management is web-based, making it accessible from virtually any device with internet access. The lack of a specific end-of-support date for the MX105, given its status as a replacement for an older model, suggests a long expected support lifecycle. Extensive documentation and community resources are also available for configuration and troubleshooting.

Security Status

• Security Features: Includes a comprehensive suite of features such as Stateful Firewall, 1:1 NAT, DHCP, DMZ, static routing, Identity-based policies, Auto VPN™ for self-configuring site-to-site VPN, Client VPN (IPsec), User and device quarantine, VLAN support, SD-WAN capabilities, application-based firewalling, content filtering (Webroot BrightCloud CIPA-compliant URL database), web search filtering (Google SafeSearch, YouTube for Schools), SNORT®-based Intrusion Detection & Prevention (IDS/IPS), Cisco Advanced Malware Protection (AMP), geo-IP-based firewalling, Layer 7 fingerprinting, and 4G cellular failover. Optional integration with Cisco Threat Grid is also available.
• Known Vulnerabilities: Not specifically detailed in general product overviews, but regular, automatic firmware updates are designed to address and mitigate vulnerabilities.
• Blacklist Status: Not applicable.
• Certifications: The integrated Cisco SNORT® engine contributes to PCI 3.2 compliance.
• Encryption Support: Supports IPsec VPN for secure communication.
• Authentication Methods: Features Active Directory integration for user authentication.
• General Recommendations: Full utilization of advanced security features like content filtering, IDS/IPS, and AMP requires an Advanced Security License.

The Cisco Meraki MX105 offers a robust and multi-layered security posture, functioning as a Unified Threat Management (UTM) solution. Its cloud-managed nature ensures that security definitions and firmware are consistently up-to-date, providing continuous protection against evolving threats. The integration of industry-leading technologies like SNORT® IDS/IPS and Cisco AMP, combined with granular control over network traffic and user access, provides a high overall security rating. The appliance's ability to enforce identity-based policies and support secure VPN tunnels makes it suitable for environments requiring stringent security and compliance.

Performance & Benchmarks

• Benchmark Scores:
  • Stateful Firewall Throughput: Up to 5 Gbps.
  • Advanced Security Throughput: Up to 2.5 Gbps.
  • Maximum VPN Throughput: Up to 3.5 Gbps.
  • Concurrent Site-to-Site VPN Tunnels: 1000.
• Real-World Performance Metrics: Recommended for networks with up to 750 users.
• Power Consumption: Idle: 53 W; Maximum: 123 W.
• Carbon Footprint: Not specified.
• Comparison with Similar Assets: The MX105 significantly outperforms its predecessor, the MX100, in firewall, VPN, and advanced security throughput, and supports more users. It also offers higher throughput capabilities compared to other models in the MX series like the MX95.

The Cisco Meraki MX105 demonstrates strong performance metrics, particularly in its throughput capabilities for stateful firewall, advanced security, and VPN. These figures position it as a high-performance appliance suitable for demanding large branch and enterprise environments. Its ability to handle up to 750 users and 1000 concurrent VPN tunnels underscores its scalability and capacity for complex network architectures. The appliance's performance is a key strength, ensuring that security features do not compromise network speed.

User Reviews & Feedback

User reviews and feedback consistently highlight the Cisco Meraki MX105's strengths in its cloud-managed nature, ease of deployment, and intuitive management interface. The zero-touch provisioning and automatic firmware updates are frequently praised for simplifying network administration and reducing the need for on-site technical staff. Users appreciate the comprehensive suite of integrated security features, including SD-WAN, advanced firewalling, and malware protection, which eliminate the need for multiple appliances. The scalability and seamless integration within the broader Cisco Meraki ecosystem are also noted as significant advantages. Some feedback points to the mandatory licensing model as a potential cost consideration, though the value provided by the extensive feature set and simplified management often outweighs this concern for many users. A reported issue with Master/Master HA configuration in VPN concentrator mode was identified and resolved, indicating that while minor challenges can arise, solutions are typically available.

Recommended use cases include securing large branch offices, distributed sites, campuses, and serving as a VPN concentrator for data centers. It is particularly well-suited for organizations seeking a Unified Threat Management (UTM) solution and those with hybrid or fully online workforces requiring reliable VPN, content filtering, and malware protection.

Vulnerabilities

• CVE-2025-20212
  Published: 2025-04-02 - Updated: 2025-04-07 - CVSS: 7.7 - EPSS: 0.14%
  A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device.
• This vulnerability exists because a variable is not initialized when an SSL VPN session is established. An attacker could exploit this vulnerability by supplying crafted attributes while establishing an SSL VPN session with an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.
  Published: - Updated: - CVSS: - EPSS:
  
• Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers without manual intervention.
  Published: - Updated: - CVSS: - EPSS:
  
• CVE-2024-20513
  Published: 2024-10-02 - Updated: 2025-06-04 - CVSS: 5.8 - EPSS: 0.30%
  A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected device.
• This vulnerability is due to insufficient entropy for handlers that are used during SSL VPN session establishment. An unauthenticated attacker could exploit this vulnerability by brute forcing valid session handlers. An authenticated attacker could exploit this vulnerability by connecting to the AnyConnect VPN service of an affected device to retrieve a valid session handler and, based on that handler, predict further valid session handlers. The attacker would then send a crafted HTTPS request using the brute-forced or predicted session handler to the AnyConnect VPN server of the device. A successful exploit could allow the attacker to terminate targeted SSL VPN sessions, forcing remote users to initiate new VPN connections and reauthenticate.
  Published: - Updated: - CVSS: - EPSS:
  

View more

Summary

The Cisco Meraki MX105 is a high-performance, cloud-managed security and SD-WAN appliance designed for large branch environments and distributed enterprises. Its key strengths lie in its robust security feature set, including advanced firewall capabilities, IDS/IPS, and advanced malware protection, all managed seamlessly through the intuitive Meraki Dashboard. The appliance offers impressive throughput for stateful firewall (up to 5 Gbps), advanced security (up to 2.5 Gbps), and VPN (up to 3.5 Gbps), supporting up to 750 users and 1000 concurrent VPN tunnels. Its extensive connectivity options, with multiple 10GbE SFP+ and 2.5GbE RJ45 ports, provide flexibility for diverse network architectures.

The zero-touch provisioning and automatic firmware updates significantly simplify deployment and ongoing management, making it an attractive solution for organizations prioritizing operational efficiency. While a mandatory licensing model is required, the comprehensive features and simplified management often justify the investment. The MX105 effectively replaces the MX100, offering superior performance and an extended lifecycle.

Overall, the Cisco Meraki MX105 is an excellent choice for enterprises seeking a powerful, all-in-one security and SD-WAN solution that combines advanced threat protection with unparalleled ease of management and scalability for large and distributed networks.

Information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.