Administrator Guide
Technical support and resources
ID 483
2 The Path to a Secure Server Infrastructure
Dell EMC PowerEdge servers have featured robust security for several generations, including the
innovation of using silicon-based data security. Dell EMC PowerEdge servers extended silicon-based
security to authenticate BIOS and firmware with a cryptographic Root of Trust during server boot process.
Dell EMC product team prioritizes features in PowerEdge servers to limit security threats faced in modern
IT environments.
• Protect: Protect server during every aspect of life cycle, including BIOS, firmware, data, and physical
hardware.
• Detect: Detect malicious cyberattacks and unapproved changes; engage IT administrators proactively.
• Recover: Recover BIOS, firmware, and operating system to a known good state; securely retire or
repurpose servers.
Dell EMC PowerEdge servers conform to key industry standards on cryptography and security and performs
on-going tracking and management of new vulnerabilities.
Dell EMC uses the Security Development Lifecycle process in every aspect of development, procurement,
manufacturing, shipping, and support, resulting in a Cyber Resilient Architecture.
2.1 Security Development Lifecycle
Delivering the Cyber Resilient Architecture requires security awareness and discipline at each stage of
development. The Security Development Lifecycle (SDL) model is a key part of the overall server design
process. This design process encompasses a view of security needs throughout the entire server life cycle,
as bulleted below and as shown in Figure 1:
• Features are conceived, designed, prototyped, implemented, set into production, deployed, and
maintained, with security as a key priority.
• Server firmware is designed to obstruct, oppose, and counter the injection of malicious code during all
phases of the product development life cycle.
o Threat modeling and penetration testing coverage during the design process
o Secure coding practices are applied at each stage of firmware development.
• For critical technologies, external audits supplement the internal SDL process to ensure that firmware
adheres to known security best practices.
• On-going testing and evaluation of new potential vulnerabilities using the latest security assessment
tools
• Rapid response to critical Common Vulnerabilities and Exposures (CVEs) including recommended
remediation measures as needed.