Manualshelf

Release Notes

ManualsBrandsDell ManualsConverged InfrastructureSystems Management Solution Resources
12345678910
Table Of Contents
Dell EMC Root of Trust and BIOS live scanning
ID 390
2 Dell EMC Root of Trust and BIOS live scanning
2.1 Root of Trust
Dell EMC takes security seriously and has adopted Boot Guard technology on its new generation of
PowerEdge servers to counter BIOS tampering issues. On the latest AMD Dell EMC PowerEdge servers with
iDRAC9, iDRAC first boots with chain of trust authentication, and then verifies BIOS integrity. iDRAC takes on
the role of hardware-based security technologies as well, and accesses the primary BIOS ROM through SPI
in addition to AMD’s fusion controller hub (FCH) and performs the RoT process.
iDRAC9 4.10.10.10 directly accesses the BIOS primary ROM to perform a RoT operation on the processor,
on both the security block and the host initial BootBlock.
iDRAC
FCH AMD
SPI MUX
BIOS
Primary
ROM
iDRAC accessing BIOS image ROM.
Under the following conditions, iDRAC9 recovers the BIOS.
1. BIOS integrity check failed.
2. BIOS self-check failed.
3. Using racadm command.
a. Racadm command:
racadm recover BIOS.Setup.1-1