HPE Trusted Supply Chain
Do you want to defend applications and data before your server is built?
Only HPE Trusted Supply Chain provides a new first line of defense against cyber-attackers with select servers built to the world’s toughest security standards in secured facilities. HPE trusted supply chain brings together enterprise security, processes and people to deliver protection for your most sensitive applications and data even before your server is built.
- QuickSpecs
-
Existing selections will be lost. Click OK to proceed further.
More Information
Key Features
iLO Security State: High Security
Configuring iLO to use High Security mode reduces the attack surface for cyber attackers, making it more difficult to insert compromised code or malware into the server firmware.
Security state locks down the host and requires specific authentication through encryption before a user can log into the server.
UEFI Secure Boot feature: Enabled
For customers who ask Hewlett Packard Enterprise to load an OS at the factory, enabling UEFI Secure Boot connects the Silicon Root of Trust to the OS.
An industry-recognized feature, affixing the UEFI firmware to the boot loader ensures that the genuine and authenticated OS is initialized.
Any antivirus software actually runs in the OS, but cannot detect hackers or an intrusion until the OS is fully running. Some astute bad actors try to compromise the OS before its antivirus tools have a chance to start.
The UEFI Secure Boot feature provides protection against this scenario. If a customer chooses to load the OS on their own, they can configure this feature when the HPE Trusted Supply Chain server is delivered to the end-user location.
HPE Server Configuration Lock: Enabled
This feature takes cryptographic measurements, or images, of the supported HPE Trusted Supply Chain server firmware, hardware components, and options. It creates a digital fingerprint of the server configuration. If any firmware, hardware, or options are altered, an alert is displayed at startup.
Enabling this feature at the factory essentially prevents all tampering or compromise to the server composition, no matter how slight.
This feature uses a password, created by Hewlett Packard Enterprise, to lock down the server configuration at the factory. The password is securely transmitted to the customer, who unlocks the server when it arrives.
HPE chassis intrusion detection switch: Enabled
This mechanism protects the HPE Trusted Supply Chain server from physical intrusion.
Complementing and reinforcing the protection from the Server Configuration Lock, the chassis intrusion detection switch registers an alert if the top of the server chassis is removed.
It logs an event in the iLO firmware, even if the server is powered off. If any cyber attacker or unauthorized personnel open the server chassis, the customer will know that someone might have tampered with the server.
Related Links
* Prices may vary based on local reseller.