Meraki

Community

eOn-prem data encryption AES-256-XTS

Solved
markus_albisser
Here to help
‎Nov 16 2022 12:17 AM
‎Nov 16 2022 12:17 AM

eOn-prem data encryption AES-256-XTS

Greetings

 

I learned that all the data which is at rest on Meraki devices is encrypted with AES-256-XTS. The question from our security department came now up where the key is stored and who has the control of it. In other words, where is the possibility to decrypt this existing data on the on-prem devices if this goes offline or will be disposed? Is the key to decrypt this data under Meraki's control and where is it stored?

 

Thanks a lot

Markus

Labels:
0 Kudos
1 Accepted Solution
In response to PhilipDAth
markus_albisser
Here to help
‎Nov 17 2022 9:48 PM
‎Nov 17 2022 9:48 PM

Hi PhilipDAth

I was not able to find any hint about this encryption. I will get back to my Meraki representative from where I got the information about the encryption.

 

Thanks, Markus

View solution in original post

0 Kudos
5 Replies 5
cmr
Kind of a big deal
Kind of a big deal
‎Nov 16 2022 2:36 AM
‎Nov 16 2022 2:36 AM

@markus_albisser there shouldn't be any data stored on the MX devices, or are you referring to the configuration that might include hostnames etc. in firewall rules?

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
cmr
Kind of a big deal
Kind of a big deal
‎Nov 16 2022 2:37 AM
‎Nov 16 2022 2:37 AM

Or are you using the old cache feature?

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
markus_albisser
Here to help
‎Nov 16 2022 4:44 AM
‎Nov 16 2022 4:44 AM

It might be more the information on the devices which relates to the configuration as you mentioned (hostname, IP addresses, VLANs, interface descr. etc.), if a device becomes obsolete or gets lost (stolen), how can this type of information be decrypted? Is there only Meraki who knows the key and is this safe?

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 16 2022 11:25 AM
‎Nov 16 2022 11:25 AM

I don't know the answer, but try checking out the Meraki "Trust" section:

https://meraki.cisco.com/trust/ 

In response to PhilipDAth
markus_albisser
Here to help
‎Nov 17 2022 9:48 PM
‎Nov 17 2022 9:48 PM

Hi PhilipDAth

I was not able to find any hint about this encryption. I will get back to my Meraki representative from where I got the information about the encryption.

 

Thanks, Markus

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.