Skip to main content



Cisco Defense Orchestrator

How Does CDO Communicate With Meraki

Configuration changes that you make in CDO for a Meraki MX device are staged in CDO until you decide to deploy them. When you deploy the configuration changes, CDO forwards them to the Meraki Dashboard, which implements them on the Meraki MX device.

CDO manages firewall policies, while Meraki dashboard manages the Meraki networks the policies are applied to. Both operations affect how traffic flows through the Meraki MX device and how it is processed.

Some customers with older tenants may connect the Meraki MX device to CDO through a Secure Device Connector (SDC). If you are one of those customers, you can continue to use this method or you can remove the SDC by re-onboarding your Meraki MX or updating the connection credentials. You do not need an SDC to connect CDO to Meraki MX.

One difference between CDO and the Meraki dashboard is the use of objects. For rules that are created on the Meraki dashboard, CDO takes Meraki IP address groups or IP address ranges and turns them into objects that can be attached or associated to rules and the device policy. When you deploy objects that are created in CDO to Meraki appliances, the Meraki dashboard translates those objects back into IP address groups or ranges. Objects in CDO are unique and versatile since they are compatible with other device platforms; if you have other devices onboarded in CDO, you may be able to create a single object for all your devices. See Objects Associated with Meraki Devices for more information.  

Related Articles:

  • Was this article helpful?