Your customers need server solutions that have security features that are built in and designed from the ground up. Pairing Microsoft Windows Server 2016 with HPE ProLiant Gen10 Servers gives them a server infrastructure with improved security that is built directly into the hardware and software. Today we will take a look at a few of the specific features found in Windows Server 2016 and HPE ProLiant Gen10 Servers that can help customers protect their admin credentials and strengthen threat detection.
Just-in-time and just enough administration (JEA) allows organizations to only give administration credentials when needed for a finite time. Customers can best enforce their business IT security by restricting IT administrative rights, and these features allow them to configure roles for specific administrative functions, and limit the admin rights beyond those functions.
How it works: Just-in-time & just enough administration assigns single-use, task-based administrative rights and privileges.
How it helps your customers: Increases data security and helps protect critical information systems from threats caused by loss, compromise, and misuse of privileged administrator credentials. Gives greater control and enhanced server management and administration with user rights that are determined by, and limited to, chosen areas of responsibility.
- Reduce the number of administers
- Enhance security control of particular tasks
- Improve auditing and reporting activities
Shielded Virtual Machines were introduced to Windows Server 2016 Datacenter to help protect virtual machines (VMs) from compromised or malicious administrators in the fabric, such as storage admins, backup admins, etc. by encrypting disk and state of virtual machines so only VM or tenant admins can access it.
How it works: VMs are encrypted with keys stored in virtual Trusted Platform Module (TPM) that is part of the VM. Existing VMs can also be converted to Shielded VMs.
How it helps your customers: Helps ensure the content of the customers’ VM (IP, data, account info, etc.) is secure from VM theft and unauthorized fabric admin intrusion. The VM will not unlock and cannot be accessed on or mounted off premises, unless required keys are provided through Host Guardian Services.
Strengthen Threat Detection Capabilities
In terms of IT administration and provisioning, additional built-in security features help monitor suspicious activity by applying machine learning to help identify potential behavioral risks. If abnormal activity that resembles potential malicious behavior is identified, the suspected users’ access to the network is temporarily terminated until more thorough vetting can be conducted
How it works: Applies machine learning to behavioral actions, allowing customers to quickly identify suspicious activity.
How it helps your customers: This portion of the secure compute lifecycle allows customers to set up customizations and behavioral based learning patterns which would enable them to quickly identify potential behavioral risks shown by certain users throughout their IT ecosystem; offering behavioral-based security threat identification/notification.
Be sure to check back next week as we continue our HPE Gen10 + Windows Server 2016 Security blogs series and take a closer look at features that help detect compromised code or malware (and protect against it) and improve virtual machine protection.
Have questions about Gen10 + Windows Server 2016 security features or HPE OEM Microsoft products/solutions? Join the Coffee Coaching community to keep up with the latest HPE OEM Microsoft news and interact with HPE and Microsoft experts.
Follow us on Twitter | Join our LinkedIn group | Like us on Facebook | Watch us on YouTube
Willa
Willa manages the HPE | Microsoft Coffee Coaching program. Follow along to learn more about the latest HPE OEM Microsoft product releases and how the HPE Microsoft partnership can benefit partners and customers.
