Servers & Systems: The Right Compute

Boost server security from the ground up with HPE Gen10 ProLiant DL385

Is your server security strong enough to defend against malicious intruders?

blog_serversecurity.jpgAs recently as five years ago, you probably believed that a strong perimeter limiting client and data access was sufficient to protect all of your IT assets. Today, however, businesses must keep up with a wealth of new technologies to support greater agility and innovation. And while the benefits are many, the control and security of these assets—particularly server security—often falls outside the scope of just one party.

Every element in an IT environment—from your server to the cloud—needs to protect and secure your enterprise IT ecosystem. Dealing with an increasing number of sophisticated threats to more of your infrastructure, however, requires a stable and targeted solution.

Risking your data, rep, and wallet

According to the Moor Insights whitepaper "Demystifying Server Root of Trust," less than 20 percent of the data derived each year from the Internet of Things is considered secure. For context, the IoT is expected to comprise in excess of 25 billion devices, generating 600 zettabytes of data per year.

Businesses that wish to maintain their standing as trusted members of their communities must not only watch out for bad actors who threaten their data, but also keep up with an array of government regulations and compliance ordinances. If you work in the health care industry in the United States, for example, you must adhere to Health Insurance Portability and Accountability (HIPAA) laws that govern patient privacy and set standards for the storage, handling, and security of patient data. If your business fails to properly secure confidential information in accordance with these laws, it may face stiff penalties. When a breach occurs, the cost of recovery combined with the cost of regulatory fines can also pose a tremendous financial burden on your organization. Companies lose, on average, $9 million each year due to cybercrime, according to the Ponemon Institute's 2016 Cost of Cyber Crime Study & the Risk of Business Innovation.

Getting to the root of the problem

A data breach can have terrifying consequences for not only your finances, but also your company's reputation. With a proactive approach, you can patch weak spots in your security before they become gaping holes.

The first step to preventing data breaches, or even equipment tampering by bad actors, is securing your supply chain so counterfeit parts or malicious software isn't introduced. HPE eliminates this danger by requiring its suppliers to comply with standards and best practices, including ISO and the Defense Federal Acquisition Regulation Supplement. It also provides product and part traceability for programmable logic components and has security features for parts at high risk of counterfeiting.

You also need to have infrastructure in place that implements server security from its core. The HPE Gen10 ProLiant DL385 Server is an ideal solution. This platform has the essential firmware anchored directly into the silicon, enabling the creation of an immutable "fingerprint," or Silicon Root of Trust (RoT), to ensure your system server won't boot unless there's a match between the firmware and that unique print. The new AMD EPYC™ 7000 Series processor at the core of the DL385 works in tandem with this Silicon Root of Trust, the latter connecting to the AMD EPYC SoC so that the chip can validate your firmware prior to boot-up.

Layering server security features

The data in your infrastructure is protected by controls based on guidelines prescribed by the National Institute of Standards and Technology (NIST) Cybersecurity Framework. Gen10 servers also offer the Commercial National Security Algorithm Suite (CSNA), promoted by the NSA, and the Federal Information Processing Standard (FIPS) 140-2. The latter is used by the government to approve cryptographic modules.

Additionally, Secure Memory Encryption (SME) enables all or a portion of memory to be encrypted, while Secure Encrypted Virtualization (SEV) isolates virtual machines from one another and from the hypervisor to protect access to data in shared guest data areas. Further, the HPE ProLiant DL385 offers the Silicon Root of Trust through HPE Integrated Lights Out (iLO) 5 to guarantee that your servers won't execute compromised code.

The HPE iLO server management solution is standard on all ProLiant servers. This component simplifies your setup, regulates ongoing health checks, controls power measurements, and plays a vital role in your remote server administration. It also enables a variety of levels of encryption and security by leveraging its intelligent microprocessor, secure memory, and dedicated network interface. In addition, with Runtime Firmware Validation, enabled by the HPE iLO Advanced Premium Security Edition, your firmware is rechecked every 24 hours to verify and validate essential system performance.

Supporting players make a difference

Secure servers can provide a strong foundation for your business evolution. That is why it's critical to fortify your IT environment. As a first step to identify the unique challenges your business faces and blueprint the optimal solution to tackle them, you can partner with HPE Pointnext Advisory and Transformation Services professionals. HPE also offers rapid deployment, integration, education, and operational services delivered by HPE Pointnext. By applying the economics and flexibility of the public cloud to the security and control of a traditional on-premises IT environment, the HPE GreenLake Flex Capacity service allows you to scale up or down rapidly and pay only for what you actually use, with no upfront cost.

With the support of HPE Pointnext, transitioning to a data center environment anchored by the HPE ProLiant DL385 Gen10 can set you up for long-term success. The server's many strong security features provide you with a solid foundation that can help mitigate threats and prevent cyberattacks as you grow. With its Silicon Root of Trust, exclusive security features and supporting services, the HPE ProLiant DL385 is the bedrock you need.

Meet Server Experts Blogger Kate Stanton Whalen, IT Journalist 

Kate was introduced to the world of IT at Digital Equipment Corporation (DEC) in the eKate (2).jpgarly 1980s, when DEC was a trailblazer in scientific, modular computing. There, she learned to merge her creative nature and love of the English language with the discipline of business communications. Her experiences at DEC, Compaq, and HP/HPE, as well as four New England-based communications and marketing agencies, enabled her to build a broad skillset in a variety of marketing and communications fields including event management, video production, brand stewardship, and social media marketing.

0 Kudos
About the Author


Our team of Hewlett Packard Enterprise server experts helps you to dive deep into relevant infrastructure topics.