Device Identity and Component Attestation comes to HPE Gen10 Plus servers
Supply chain and cyber-attacks are dominating headlines in 2021. The need for assurance of the provenance, security, and trustworthiness of hardware, firmware, and software running today’s workloads is increasingly understood to be fundamental to protecting against these modern threats. Security practitioners are looking to new architecture models like Zero Trust to combat the threat as technologies and products that support it become available.
HPE has released its HPE ProLiant Gen10 Plus servers, continuing to build-in key enabling features for Zero Trust architectures. Building from the HPE-exclusive silicon root of trust as a foundation, HPE has now added Platform Certificates, a Trusted Computing Group (TCG) Compliant Platform Certificate implementation that provides the ability for customers to attest to the authenticity of the server and components from the original factory condition. Along with platform certificates, they also announced that they are providing a Trusted Platform Module (TPM) with all HPE ProLiant Gen10 Plus servers and will be provisioning all servers from the factory with IDevIDs, an industry standard device identity for both the server and HPE Integrated Lights Out (iLO) enabling Zero Trust use cases. HPE has been working with us at InfusionPoints since 2017 when we first tested their silicon root of trust, and we were invited to take a look at Device Identities.