Challenges
The business challenges that led the profiled company to evaluate and ultimately select security features in HPE ProLiant Gen10 servers:
- Check for compromised server firmware at runtime without rebooting
Use Case
The key features and functionalities of security features in HPE ProLiant Gen10 servers that the surveyed company uses:
- Running the following workloads/applications on their HPE ProLiant Gen10 servers to aid their security concerns:
- Collaboration applications (email, conferencing, social)
- Content applications (content management, enterprise portals)
- Structured data analytics (query, reporting, analysis)
- Application development and test workloads
- Virtual Desktop Infrastructure applications
- Media streaming applications
- Web serving applications
Results
The surveyed company achieved the following results with security features in HPE ProLiant Gen10 servers:
- Believes that HPE ProLiant Gen10 servers are superior to/better than similar servers in the market because:
- Their server can never boot with compromised code due to the HPE Silicon Root of Trust
- They are confident that servers arrive from production to their facility with no tampering
- They are immediately notified of any malware or compromised code in server essential firmware through my iLO logs
- Rates the value of the security capabilities offered on HPE ProLiant Gen10 servers:
- Immutable fingerprint in the HPE silicon that ensures Gen10 servers cannot boot compromised code: Very valuable
- Ability to check the integrity of essential firmware before it is executed: Very valuable
- Ability to check the integrity of essential firmware while the server is up and running: Very valuable
- Support for high-grade Commercial National Security Algorithm (CNSA) for encryption renumber: Valuable
- Ability to automatically recover essential server firmware: Very valuable
- Ability to recover firmware at scale (up to 10,000 servers in one click): Very valuable
- Ability to recover the host environment, operating system, applications, and firmware settings: Valuable
- Assurance that their servers are equipped with National Institute of Standards & Technology (NIST) 800-53 Controls: Very valuable
- Rates their confidence in defending their server against malware attacks with HPE ProLiant Gen10 servers:
- Protecting their server against a malware attack: Very confident
- Detecting a malware attack on their server: Very confident
- Recovering from a malware attack on their server: Very confident
- Rates the time spent doing the tasks needed to secure their server from firmware attacks:
- Before /without Proliant Gen10: ~1 day – 1 week
- After Proliant Gen10: Less than an hour
- Saw improvements in the time required for the following tasks since using HPE ProLiant Gen10 security features:
- Time needed to conduct daily server firmware validation checks: >50%
- Time needed to recover from a malware attack: >50%