“We are introducing the world’s most secure industry-standard servers.” /HPE/
With this, fairly courageous, statement HPE announced their newest generation of servers – ProLiant Gen 10. Noteworthy is also the fact that the statement is backed up by a cybersecurity research done by InfusionPoints
Nowadays almost all server components (such as HDD`s, storage controllers, network cards etc.) have their own firmware and thus are a subject of cyber-attacks.
According to Information Systems Audit and Control Association (ISACA) research, more than 50 percent of cyber security professionals reported at least one incident of malware-infected firmware in 2016.
Additionally, we have to note that firmware attacks can occur both through network and physical access to the server or a single component. Traditional security solutions work mainly on the OS level, therefore are very likely to miss this attack.
HPE Silicon root of trust
HPE’s advantage is the in-house developed silicon of iLO 5 compared to other vendors who use third party products. This silicon has all the essential firmware (HPE iLO 5, UEFI, IE and ME) anchored and at the server boot they all are checked and verified. After that all the other component firmware is checked. If any inconsistency is found, the server won`t boot and will offer to either restore the firmware from iLO 5 repository or shut the server down for further investigation.
Together with the new server introduction a new license has been added – HPE iLO Advanced Premium Security Edition, which adds on top of well-known iLO Advanced features and previously mentioned built-in firmware verification the ability to automatically restore corrupted firmware and monitor firmware status real time while the server is running.
We can help you choose the best and safest solutions for your needs!