Specifications
158 IBM Flex System p260 and p460 Planning and Implementation Guide
6.1 IBM Flex System Enterprise Chassis security
The focus of IBM on smarter computing is evident in the improved security
measures implemented in the IBM Flex System Enterprise Chassis. Today’s
world of computing demands tighter security standards and native integration
with computing platforms. For example, the virtualization movement increased
the need for a high degree of security, as more mission-critical workloads are
consolidated to fewer and more powerful servers. The IBM Flex System
Enterprise Chassis takes a new approach to security with a ground-up chassis
management design to meet new Trusted Computing Group (TCG)
security standards.
Here are additional security enhancements and features in the
Enterprise Chassis:
Single sign-on (central user management).
End-to-end audit logs.
Secure boot with Trusted Platform Module (TPM) and Core Root of Trust
Measurement (CRTM), also known as BIOS Bootblock.
Intel processor-based compute nodes using Intel Trusted Execution
Technology (TXT) technology.
Signed firmware updates to ensure authenticity.
Secure communications.
Certificate authority and management.
Chassis and compute node detection and provisioning.
Role-based access control.
Security policy management.
Management protocols that are the same as the protocols supported in the
BladeCenter AMM for compatibility with earlier versions.
Non-secure protocols are disabled by default in the Chassis Management
Module, with lock settings to prevent inadvertent or malicious enabling.
Supports up to 84 local Chassis Management Module user accounts.
Supports up to 32 simultaneous sessions.
Planned support for Dynamic Root of Trust Measurement (DRTM).