White Papers
Table Of Contents
- Dell Trusted Device Installation and Administrator Guide v3.6
- Contents
- Introduction
- Requirements
- Download the software
- Verify the installation package
- Installation
- Uninstall Trusted Device
- BIOS Verification
- Image Capture
- BIOS Events & Indicators of Attack
- Security Risk Protection Score
- Intel ME Verification
- Integration
- Run the BIOS Verification Agent
- Results, troubleshooting, and remediation
Tenant
The Tenant element configures the Event Repository with tenant information. Tenant information details the configuration
necessary to control which computers can register with this Event Repository instance. The following table details the elements
of the Tenant object:
Name Required Description
TenantName Yes The name of the tenant. This is typically based on the
company name or division. The TenantName should
be unique in an orgranization.
TenantApiKey Yes The TenantApiKey is a string that represents a
password that a computer must provide during
registration.
TenantUUID Yes A string representing a GUID unique to this tenant.
NOTE: To create a GUID in Windows PowerShell,
use the new-guid command. For more
information, see this Microsoft article.
SigningCertificate Yes Also known as the Tenant Certificate. This certificate
is used to sign the Identity Certificate generated
during registration.
JwtCertificate Yes The entire certificate chain used to validate bearer
tokens generated by the computers.
SigningCertficate
The SigningCertificate element requires the following entries:
● Signing certificate
● Private key associated with the signing certificate
The following table details the member used to describe the certificate and private key:
Name
Description
IssuerPublicCertsPem
IssuerPublicCertsFile
Provide one of the two choices. For IssuerPublicCertsPem,
the string is the PEM encoded X509 certificate with newlines
replaced with '\n' characters. For IssuerPublicCertsFile, the
string is the path to the file containing the PEM encoded X509
certificate.
IssuerPrivateKeyPem
IssuerPrivatekeyFile
Provide one of the two choices. For IssuerPrivateKeyPem,
the string is the PEM encoded private key associated with
the IssuerPublicCert. For IssuerPrivateKeyFile, the string is the
path to the file containing the PEM encoded private key. In
both cases, the private key must not be password protected.
Upload
The Upload element details the connection to the SIEM solution. The following table details the Upload components:
Name
Required Description
BaseFileName Yes A string containing a user-defined component of the
filename used for log files. The name of the file is
<date>-TenantName-BaseFileName.log
OutputLocation Yes The path indicating the folder where the output log
files are written.
MaxFileSizeMb Yes The maximum size to which a log file can grow. When
a log file exceeds this amount, the file is closed and a
new log file is created.
MaxActiveFileDays Yes The maximum amount of time, specified in days, for
which a log file can be open. When the log file is open
Integration 27