This document will provide an in-depth look at the technology solutions available in the Meraki portfolio for retail customers. This solution architecture, along with the featured solutions are designed to help businesses embrace new technology and industry trends, reduce operational costs, and explore entirely new potential uses of their IT investments.

This guide can serve as a companion while discussing the scope of a project, the technologies needed and value possibilities. It can also provide a framework while conducting a Proof of Concept (PoC).


Date: October 2017

Version: 1.0 

Authors: Cory Guynn, Courtney Batiste, Colin Lowenberg, Tony Carmichael

Featured Solutions

Proximity Marketing Location Services Network Provisioning Services Integration

Target Audience

This architecture is based on the following business profile and characteristics, and is tailored to address these target audiences:

  • IT Manager
  • Systems Engineer (SE)
  • Systems Integrator (SI)
  • Technology Partner
  • C-suite (CTO, CIO, CMO, CEO)


A retail branch or store, owned and operated by a retailer, manufacturer or by someone other than a retailer in which merchandise is sold primarily to consumers.

  • Highly distributed or franchised

    Macy’s Herald Square, New York City
  • Physical and/or online commerce model
  • Range in size, and business focus, from high-volume transactional to high-touch

Technical Challenges and Requirements

In today’s fast-paced world, the primary focus of most retailers is to maintain a healthy operating margin, while providing a high-quality and customized experience to each guest. This general focus drives IT teams to focus on:

  • High availability
    • Credit card processing is critical for transaction purposes
    • WAN connectivity is critical for inventory management and other operational requirements
  • Remote management
    • A highly-distributed model means less “boots on the ground”, making retailers dependent on an efficient and centralized IT and services operating model
    • The operational costs of maintaining a large number of locations can quickly skyrocket
  • Store rollout – In order to keep up with constant market and technology changes, retailers often struggle to keep up with the continuous overhead of IT equipment rollouts
  • Customer engagement (online vs brick & mortar)
    • Customers expect a similar experience whether purchasing products in a store or online: Find items quickly, no wait to check out, etc.
    • Tying online and offline customer activity is becoming more important in establishing loyalty, and providing a consistent experience
    • Mobile devices are a powerful tool that retailers want to leverage in order to offer:
      • Guest wireless
      • Proximity marketing
      • Digital loyalty programs
      • Mobile checkout
  • Analytics, Business performance monitoring and insights
  • Security (physical)
    • Stores must protect their assets, typically done by installing a variety of anti-theft solutions and video surveillance systems
  • Security (digital)
    • PCI compliance – No retailer should operate without maintaining network compliance when accepting credit card transactions
  • Guest & Employee WiFi
  • Productivity

Meraki Technology Solutions


  • Connectivity
    • SD-WAN
  • Remote access & reduced overhead
    • Meraki Dashboard & cloud connectivity
    • Services integration (view solution guide)
  • Asset tracking & Inventory management



Retail Solution Dependencies

Connectivity is at the heart of every business. Meraki’s cloud managed approach to networking simplifies this process.

Beyond the basic utility of the network, Meraki provides a wealth of solutions to drive engagement with customers, automate business tasks and gain additional network and business insights.

The following section will provide a detailed description of the components required in order to benefit from each featured solution.

Solution Meraki Solution Components
Remote Management Cloud managed networking
Digital Security Meraki Security Appliance leveraging: Content Filtering, IDS/IPS, Malware, Firewall and Traffic Shaping
Theft Cloud managed cameras
Sales and Marketing Captive Portal, Location Services, Proximity Marketing
LAN Meraki Access Points and Switches
Cloud Service Integration Virtual MX for Microsoft Azure and Amazon AWS
Point of Sale Systems Manager
Network Automation and Integration Meraki APIs

Building a Retail Network

A modern retail business will typically have multiple locations and cloud services that must be interconnected. From there, each network will need to be built out to deliver the services.

The following diagram breaks out the various sites and core services that define the network architecture.

  • Meraki components (in green), will be responsible for the management and connectivity. In addition, Meraki provides IT solutions for physical security, communication and mobile device management.  
  • Cloud services, such as Microsoft Azure or Amazon AWS (in purple) can extend their networks to the company network easily with Meraki virtual MX appliances.
  • Finally, Meraki APIs will provide web based communication with online services.

Infrastructure components

The following section will discuss the various network building blocks, things to consider and some helpful resources to get started.

Bill of Materials

We will use this sample product list to focus on a few technologies for this solution. Any actual implementation will need to carefully consider  the following:

  • Hardware quantities
  • Performance
  • Connectivity (SFPs, copper/fibre, WiFi antennas & density)
  • Model availability (is there a more current version)

Hardware by site type

Additional Resources

Meraki Product Datasheets

MX Sizing Guide (2016)


Network Management

Meraki provides an intuitive interface for deploying and managing your network. By defining the structure of the business in Dashboard, you can assign security and configurations at scale.

  • Dashboard
  • Dashboard API
Key Functions
  • Network Management
    • Security Appliance
    • Switches
    • Wireless
    • Mobile Devices
    • Cameras
  • Reporting
    • Network Health
    • Analytics
Design Considerations
  • Organization Settings
    • Inventory
    • Licenses
    • Global Administrators
    • Global Defaults
  • Networks (Sites)
    • Tags
    • Local Administrators
    • Regions
    • Firmware Update Schedules

Implementation Resources

General Administration

Administrative Access

Dashboard API – General Doc

Internet and Security

The network design begins with connectivity. The Meraki MX Security Appliance has the important task of managing the local LAN security as well as controlling access to the Internet or VPN. The MX will receive an Ethernet handoff, which could be from a DSL modem or MPLS router.

  • MX Security Appliance
Key Functions
  • WAN / LAN Interface: NAT, VPN
  • VLAN routing
  • IP Addressing (DHCP)
  • Advanced Security
    • IDS/IPS
    • Content Filtering
    • Malware Protection
Design Considerations
  • Client count
  • Bandwidth
  • Security features
  • NAT vs Concentrator mode

MX and Z1 General Documentation

Branch Deployment Guide

SD-WAN and Branch Networking

In order to communicate with the various sites, a wide area network strategy must be in place. The data centers will likely be connected via an MPLS or dedicated line. The branches could vary dramatically based on size and regional offerings. The Meraki SD-WAN technology provides for consistent transport between locations as it sits on top of the underlying Internet circuit. The Auto-VPN technology at the core of this feature will dynamically establish site-to-site VPN connections, even if the branches have dynamically assigned IP addresses. The VPN is capable of establishing active/active connections over two WAN links for increased performance and resiliency. Several physical and virtual models are available to meet the requirements for each site.

  • MX Security Appliance
  • vMX Virtual Security Appliance
Design Considerations
  • Mesh / Hub & Spoke
  • VPN Throughput
  • Physical / Virtual
  • Security
Key Functions
  • VPN
    • Active/Active
    • Load Balancing
    • Traffic Policies
    • Plug and Play deployment

SD-WAN Deployment Guide (CVD)

Virtual MX Deployment Guide with Amazon AWS


Wired LAN

The wired LAN will consist of a collection of switches to interconnect your critical devices. The design is dependant on how many ports are needed, the speeds required, network cable length, and redundancy.

  • MS Access Switch
  • MS Distribution Switch
  • MX Security Appliance
Key Functions
  • Wired Ethernet access
  • LAN Segmentation
  • Internal routing
  • Security

Switch Deployment and Staging

Switch Templates Deployment Guide

Wireless LAN

There are many considerations when deploying a wireless network. Defining what you hope to achieve will set the guidelines for using the network and expectations of how it should perform.

  • MR WiFi Access Point
  • MXw Security Appliance w/ Wireless
Design Considerations
  • Client count
  • Coverage area
  • Speeds
  • Class of service (Critical, best effort)
  • Density
  • Interference
  • Regional regulations


Key Functions
  • Guests (free/paid)
  • Employees
  • Point of Sale (PCI compliance)
  • Voice



Physical Security

Protecting the network and business also requires a physical defense. By including a Meraki cloud managed camera system, you can easily monitor key areas of the facility.

  • MV Camera
Key Functions
  • Camera
  • Edge Encrypted Storage
  • Motion Search
  • Analytics
Design Considerations
  • Indoor / Outdoor
  • Viewing angle
  • Camera Wall



Additional Resources

Branch Deployment Guide (CVD)

SD-WAN Deployment Guide (CVD)