Protecting a business from cybercrime has never been more challenging. Today, there are more than 720 million hack attempts every 24 hours1 worldwide and worse, companies lose $9 million, on average, each year due to cybercrime2. It goes without saying that security is a mounting concern that every IT professional has on their mind today. To help organizations stay secure, they need a comprehensive approach to security that spans the server hardware and software.
For that reason, Hewlett Packard Enterprise & Microsoft have partnered to deliver new innovations to help secure customers' server environments end to end with HPE ProLiant Gen10 Servers and Windows Server 2016.
One of the biggest innovations on the HPE side of things is in our new Integrated Lights-Out (iLO) 5 server management chip.
Need a quick recap on what HPE iLO is all about? HPE Integrated Lights-Out (iLO) 
So, what is new in our latest installment of iLO? iLO 5 is jam packed with a number of new features to ensure server environments are secure. Here are a few noteworthy capabilities found in iLO 5 and Windows Server 2016 that work together to safeguard server infrastructures:
Protection from the Foundation
HPE ProLiant Gen10 Servers have an exclusive advancement in security protection called silicon root of trust. In our unique root of trust implementation, the server essential firmware is anchored to the iLO 5 silicon—an immutable fingerprint that verifies all the firmware code is valid and uncompromised. This bond guarantees that only valid and uncompromised firmware code can boot.
Pairing Windows Server 2016 with HPE ProLiant Gen10 Servers puts an extra padlock on the door with Secure Boot, a trusted certificate in the UEFI that analyzes the boot loader to ensure it is both the right one and is signed by Microsoft. Secure Boot defines how platform firmware manages certificates, authenticates firmware, and how the OS interfaces with this process.
Threat Detection
Ensuring security at boot is essential, but what about protection during the server runtime? During server operation, HPE has a revolutionary new feature that conducts daily runtime firmware validation. If compromised code or malware is inserted in any of the critical firmware, an HPE iLO audit log alert is created to notify the customer that a compromise has occurred. This functionality is made possible by the exclusive silicon root of trust. In addition, Windows Defender, found in Windows Server 2016, offers always-on built-in protection against malware and related security threats. Available at the first initialization of OS and with Internet connectivity, Windows Defender provides automated updates of malware definitions for continuous protection.
Secure Recovery
While we hope it is never needed – recovery capabilities post a security breach are essential to getting a server environment back to an operational state.
New in iLO 5, users can now automatically recover essential server firmware to a previous known good state or factory settings if so desired. In addition to essential firmware recovery, the HPE server system restore feature leverages HPE iLO Amplifier Pack software to securely restore up to 10,000 servers3 with a single click. In the event of a ransomware attack or other breach, users can leverage this feature to automatically, or manually, recover the server's essential firmware, firmware configuration settings, operating system, and host environments back to an operational state.
You may be asking “how does one get access to some of these new Gen10 security features”? The answer is our new HPE iLO Advanced Premium Security Edition License! Learn more here or give this license a free 60 day trial.
Of course the security features don't stop there. Windows Server 2016 offers several other security features such as Just in Time Administration and Just Enough Administration (which enable users to set limits on administrator access) and shielded VM and Host Guardian Services (which help protect virtualized environments).
I could go on and on about new and improved server security features found in Gen10 and Windows Server 2016, but let's sum it all up now: when you pair HPE ProLiant Gen10 Servers, the most secure industry standard servers, with Windows Server 2016, your customers can run their businesses with confidence and peace of mind knowing their server hardware and software are working together to help guard against today's threats.
1. CNBC 2016
2. 2016 Cost of Cyber Crime Study & the Risk of Business Innovation, Ponemon, 2016
3. HPE Internal Testing, February 2017
Have questions about HPE OEM Microsoft products/solutions, Windows Server 2016, or HPE Servers? Join the Coffee Coaching community to keep up with the latest HPE OEM Microsoft news and interact with HPE and Microsoft experts.
Follow us on Twitter | Join our LinkedIn group | Like us on Facebook | Watch us on YouTube | Email us a question
Meet today’s guest blogger, Victoria Lee Hanrahan:Victoria is the marketing manager for the HPE portfolio of embedded server management technologies and Gen10 security.
Willa
Willa manages the HPE | Microsoft Coffee Coaching program. Follow along to learn more about the latest HPE OEM Microsoft product releases and how the HPE Microsoft partnership can benefit partners and customers.