- Community Home
- >
- Partner Solutions and Certifications
- >
- Alliances
- >
- Defend against server attacks with HPE Secure Comp...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Printer Friendly Page
- Report Inappropriate Content
Defend against server attacks with HPE Secure Compute Lifecycle protection
HPE Gen10 Servers—the most secure industry standard servers1—have a strong security foundation to protect against malicious threats. The HPE Secure Compute Lifecycle offers cradle to the grave protection across the life of the server. Today, we're going to take a closer look how the HPE Secure Lifecycle can help boost your customers’ defenses against attacks.
1. Silicon to supply chain
With HPE Gen10 Servers, HPE offers the first industry standard servers to include a silicon root of trust. Before the server is even manufactured, HPE is designing the silicon root of trust which allows firmware to be scanned and monitored through a series of integrity checks that initiate from an immutable link embedded in the silicon. From the custom silicon fabrication facility, the HPE firmware anchored in the silicon root of trust is inserted in a mother board and the server is assembled. Once the server arrives safely at the customer location and it is put into operation, the iLO firmware is the first component to initialize. Over 1 million lines of firmware code run before the operating system is even started and the silicon root of trust acts as an authentication fingerprint, ensuring the server essential firmware has not been compromised.
2. Ongoing operations
While the server is operating, if any unwanted action to gain access to the server's firmware occurs, HPE will notify the customer through an iLO audit log alert. In addition, HPE provides the unprecedented ability to fully recover firmware to a known good state in the unlikely event of a security breach. HPE can automatically recover the server essential firmware through the HPE iLO 5 Advanced Premium Security Edition. This new license gives customers the option of recovering to the last known good state of firmware, the factory settings, or customers may choose to not recover and instead take the server offline for forensic analysis to determine how the breach occurred
3. Data flow
With HPE ProLiant Gen10 Servers, customers can choose from 4 levels of protection:
- CNSA (Commercial National Security Algorithm) Suite:
- HPE is the first server manufacturer to announce support for the new CNSA Suite.
- CNSA provides the very highest levels of protection for handling the most sensitive information.
- FIPS (Federal Information Processing Standards) 140-2
- Increased cryptography
- FIPS Validated
- High Security Mode
- Closes off host interface to traffic
- Higher grade cryptography
- Production Mode
- Secure on network
- Trusts OS authentication
- Maximum interoperability with existing software
4. Compliance Planning
Protection from cyber crime is not the only security customers need to worry about. They must also be sure to comply with a myriad of new data protection regulations. The HPE infrastructure stack, including servers, storage, and networking, has been validated against the National Institute of Standard and Technology (NIST) 800-53 controls —foundation for accelerating regulatory compliance initiatives like EU General Data Protection Regulation (EU GDPR).
5. End of Life
Along the HPE Secure Compute Lifecycle products will eventually reach their natural end of life. It is important to properly dispose of equipment and ensure data is securely erased and cannot be reconstructed or retrieved. Erasing data can be accomplished through the HPE Intelligent Provisioning Tool or through the HPE Point Next Services. HPE Point Next will ensure all data is erased in accordance with NIST guidelines so the information can never be resurrected, even by the most enterprising hacker.
The HPE Secure Compute Lifecycle provides a holistic and comprehensive approach to security for your customers’ server infrastructure. Want to increase security even more? Be sure to pair your customers’ HPE ProLiant Gen10 servers with Windows Server 2016 licensing from HPE. Not only will this ensure they have a complete server solution, but Windows Server 2016 also offers many new and improved security features such as:
- Trusted/Secure Boot: Secures the server environment and data and ensures the OS is not compromised. Protects Windows Server against malware or other tampering.
- Windows Defender: Provides immediate protection- minimizes security exposure during first-run and scheduled updates. Provides always-on protection that monitors and scans all downloads or applications.
- Just in Time (JIT) and Just Enough Administration (JEA): Reduces the number of administrators on the server, enhances security control of particular tasks, and provides improved auditing and reporting of activities.
Have questions about HPE OEM Microsoft products/solutions, Windows Server 2016, or HPE Servers? Join the Coffee Coaching community to keep up with the latest HPE OEM Microsoft news and interact with HPE and Microsoft experts.
Follow us on Twitter | Join our LinkedIn group | Like us on Facebook | Watch us on YouTube | Email us a question
1. Based on external firm conducting cyber security penetration testing of a range of server products from a range of manufactures, May 2017
- Back to Blog
- Newer Article
- Older Article
- JoeV_The_CT on: Streamline AI Workloads with HPE & NVIDIA
- iVAN LINARES on: Curious about Windows Server 2022 downgrade rights...
- HPEML350_22 on: Windows Server 2022 is here: how to implement it o...
- testingis on: How are you going to license that new server? A st...
- wowu on: Pick up the pace
- nice345 on: Don’t let the time slip away
- vmigliacc on: Frequently asked questions about HPE solutions for...
- MassimilianoG on: What are downgrade and Down-edition rights for Win...
- harithachinni on: Coffee Coaching's "Must See" Discover Virtual Expe...
- FannyO on: TOP 10 Reasons for choosing HPE for SAP HANA
-
Accenture
1 -
Citrix
13 -
Coffee Coaching
346 -
Event
62 -
Microsoft
179 -
Red Hat
7 -
SAP
37 -
Strategic Alliances
66 -
Veeam
8 -
VMware
32