cancel
Showing results for 
Search instead for 
Did you mean: 

Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?

A model citizen

Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?

Hi all, I debated putting this in the Network-Wide but figured this might be a better place. 

 

I was just hoping to find out if anyone here falls under NIST 800-171 compliance and are achieving this using the Meraki full stack? 

 

If so, are you having to incorporate any other vendor products to meet specific network requirements? 

 

I've only started diving into this, so take it easy on me Smiley Wink


Found this helpful? Give me some Kudos! (click on the little up-arrow below) and If my reply solved your issue, please mark it as a solution Smiley Happy
4 REPLIES 4
Kind of a big deal

Re: Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?

I have nothing to do with 800-171.

 

Note that only meta-data goes to the Meraki cloud, not actual customer data (or in your case "controlled" data").  You might have to be careful around AMP - but it could only possibly submit something that was sent over an unsecured channel - would hopefully no one wanting 800-171 would be doing.

 

When I have worked with Government bodies, once I explain the different between meta data and their actual user data they seem to be ok.

 

You can also look at the general "trust" page:

https://meraki.cisco.com/trust

A model citizen

Re: Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?

At this point, I don't think I'm quite as worried about the "cloud-controller" meeting the compliance requirements. Most of the controls around that can be put into place easily enough. 

 

I don't know, however, if the Meraki VPN (both client and site-to-site) holds up to the standards required. FIPS 140-2 Validated encryption, I believe. Hoping to hear some more input around that. 


Found this helpful? Give me some Kudos! (click on the little up-arrow below) and If my reply solved your issue, please mark it as a solution Smiley Happy
New here

Re: Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?

Have you discovered anymore offline?
A model citizen

Re: Compliance Discussion: NIST 800-171 capable with Meraki Full Stack?

Sorry @SunshineJulie but I really haven't. I went through an assessment as best as I could at the time. We've tabled this for the time being as we're not currently under this requirement. 


Found this helpful? Give me some Kudos! (click on the little up-arrow below) and If my reply solved your issue, please mark it as a solution Smiley Happy
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.