Manualshelf

Administrator Guide

ManualsBrandsDell ManualsConverged InfrastructureSecurity Solution Resources
12345678910
Technical support and resources
ID 483
3 Protect
The “protect” function is a key component of the NIST Cybersecurity Framework and serves to guard against
cybersecurity attacks. This function consists of several categories including access control, data security,
maintenance, and protective technology. The key underlying philosophy is that infrastructure assets must
provide robust protection against unauthorized access to resources and data. This philosophy includes
protecting against unauthorized modifications of critical components such as BIOS and firmware. The
platform meets the current recommendations in NIST SP 800-193.
The Cyber Resilient Architecture in PowerEdge servers offers a high level of platform protection that includes
the following capabilities:
o Cryptographically verified Trusted Booting
o User Access Security
o Signed Firmware Updates
o Encrypted Data Storage
o Physical Security
o Supply Chain Integrity and Security
3.1 Cryptographically verified Trusted Booting
One of the most critical aspects of server security is ensuring that the boot process can be verified as secure.
This process provides a trusted anchor for all subsequent operations such as booting an operating system or
updating firmware.
PowerEdge servers have used silicon-based security for several generations for features such as iDRAC
Credential Vault, an encrypted secure memory in iDRAC for storing sensitive data. The boot process is
verified using a silicon-based Root of\Trust to meet the following recommendations:
o NIST SP 800-147B “BIOS Protection Guidelines for Servers
o NIST SP 800-155 “BIOS Integrity Measurement Guidelines”
3.1.1 Silicon based Root of Trust
PowerEdge servers use an immutable, silicon-based Root of Trust to cryptographically attest to the
integrity of BIOS and iDRAC9 firmware. This Root of Trust is based on one time programmable, read-only
public keys that provide protection against malware tampering. The BIOS boot process leverages Intel
Boot Guard technology or AMD Root of Trust technology. This technology verifies the digital signature of
the cryptographic hash of the boot image matches to the signature stored in silicon by Dell EMC in factory.
A verification failure results in a shutdown of the server, and user notification in the Lifecycle Controller
Log. Then, the user can initiate the BIOS recovery process. If Boot Guard validates successfully, the rest of
the BIOS modules are validated by using a chain of trust procedure. Then, control is handed off to the
operating system or hypervisor.
In addition to Boot Guard, iDRAC9 4.10.10.10 or higher provides a Root of Trust mechanism which verifies
the BIOS image at the host boot time. The host can boot only after the BIOS image is successfully
validated. iDRAC9 also provides a mechanism to validate the BIOS image at run time, on demand, or at
user-scheduled intervals.
Next is a detailed review of the chain of trust. Each BIOS module contains a hash of the next module in the
chain. The key modules in BIOS are: