Skip to main content



Cisco Defense Orchestrator

Welcome to Meraki Management

About Meraki

Meraki MX is an enterprise security and software-defined wide-area-network (SD-WAN) next-generation firewall appliance designed for distributed deployments. It is managed remotely using the Meraki dashboard. 

After you onboard a MX device to CDO, CDO communicates with the Meraki dashboard to manage the device. CDO does not communicate with the MX directly. See Meraki Next-Gen Firewall Technologies and Meraki product documentation for more information. CDO securely transfers configuration requests to the Meraki dashboard which then applies the new configuration to the device. CDO does not communicate with the MX directly.  See How Does CDO Communicate With Meraki for more information.

 CDO helps you optimize your Meraki environment by identifying problems with objects and policies and gives you ways to fix them. Use CDO to:

  • Onboard one or multiple devices and simultaneously manage them.
  • Monitor and manage MX devices alongside your FTD and ASA devices in an all-encompassing environment.
  • Troubleshoot policies.  

Onboard Devices

You can onboard either a MX device to CDO. See Onboard a Meraki device to Defense Orchestrator for more information. 

Note: Once you onboard a MX device, any policy or configuration changes made on the Meraki dashboard are not detected by CDO; you must delete and re-onboard the MX device on to CDO for this.


Meraki Layer 3 Rules and CDO

Layer 3 rules enforce policy at the Network Layer of the OSI model. See Using Layer 3 Firewall Rules for more information. 

The Meraki environment allows you to create Layer 3 outbound rules in the Meraki dashboard. CDO reads in the Layer 3 rules you have defined in the Meraki dashboard when you onboard a device into CDO. You can then manage these rules just as you would manage FTD or ASA rules in CDO. See Manage Meraki Access Control Policy for more information.


Fine-tune your new access control policy with objects. The Meraki dashboard uses protocols and groups of IP addresses or IP address ranges; in contrast, CDO uses a variety of objects to manage rules. To understand how CDO transfers Merkai protocols into objects, see Objects Associated with Meraki Devices for more information. 

  • Was this article helpful?