Automatically audit your Cisco Meraki configuration against the five Cyber Essentials controls. Know where you stand in seconds, not weeks.
Start Free TodayCyber Essentials is a UK government-backed certification scheme designed to help organisations protect themselves against the most common cyber attacks. It defines five key technical controls that, when implemented correctly, can prevent around 80% of cyber attacks.
Cyber Essentials Plus (CE+) goes further by requiring an independent, hands-on technical audit of your systems. An assessor verifies that the five controls are actually working as expected, not just documented.
For organisations running Cisco Meraki networks, many of these controls map directly to dashboard configuration settings — firewall rules, wireless encryption, admin access, and device patching. MerakiGuard checks all of them automatically.
Each scan pulls your live Meraki configuration and benchmarks it against Cyber Essentials+ requirements. Here is what we inspect.
Verifies all wireless SSIDs use WPA2 or WPA3 encryption. Detects open networks, WEP, or weak authentication modes that fail CE+ requirements.
Checks that MX firewall rules follow a deny-by-default posture. Flags overly permissive rules, any-any allows, and missing default deny entries.
Confirms that multi-factor authentication is enforced for all Meraki Dashboard administrator accounts. Single-factor admin access is a CE+ failure.
Checks that all MX, MS, and MR devices are running firmware within the vendor-supported window. Outdated firmware fails the patch management control.
Validates proper network segmentation between trust zones. Checks that guest, corporate, and IoT traffic are isolated via VLANs and inter-VLAN firewall rules.
Identifies devices and SSIDs still using manufacturer default credentials or common weak passwords. Default credentials are an automatic CE+ failure.
Cyber Essentials is mandatory for some organisations and strongly recommended for many more. Here is who should be paying attention.
Mandatory for any contract involving the handling of sensitive or personal information. No CE+ certification means no bid.
MOD and central government departments increasingly require CE+ as a minimum threshold for all technology suppliers.
Demonstrating baseline cyber hygiene to clients, partners, and insurers. CE+ is increasingly expected in supply chain due diligence.
Failing to meet Cyber Essentials requirements does not just risk certification — it exposes your organisation to real consequences.
Without CE+ certification, you are automatically disqualified from public sector tenders that handle sensitive data. Revenue lost before you even bid.
The five CE controls address the most common attack vectors. Gaps in firewall rules, unpatched firmware, or missing MFA are the entry points attackers look for.
Cyber insurers are increasingly requiring CE certification as a baseline. Without it, premiums rise or coverage is denied entirely.
Large enterprises now require CE+ from their supply chain. Without certification, you risk being dropped from preferred vendor lists.
Connect your Meraki dashboard, run a scan, and get a clear Cyber Essentials+ compliance scorecard. No agents to install, no consultants to book.
Start Free Today