Welcome to the WEI Tech Exchange Blog

Secure Your Enterprise in a Zero Trust World with Intelligent Infrastructure

Written by Greg LaBrie | Apr 16, 2020 12:45:00 PM

We are learning a lot about risk these days. The medical industry is combating one of the greatest health threats of the modern era. Then there are the economic and financial risks that businesses and their employees are facing in a world of uncertainty. Lost in all of this, is the continual barrage of threats within the IT digital world that nearly everyone belongs to. The world currently undergoes 720 million hack attempts and more than 350,000 new malware strains are created every day.  It is no wonder we call it a zero-trust world today.

Managing Security the Same Way is no Longer Enough

Just think for a moment how much attack methodologies have advanced over the past decade. Yet, we approach security in much the same manner as ten years ago. Most enterprises today rely on the strategic placement of discreet appliances, usually at the network perimeter or core, for protection. These appliances are extremely expensive and operate in a nonlinear fashion. They have scalability limitations so when network traffic exceeds their thresholds, a more robust appliance must be purchased. In addition, malware has advanced to the point that AV rules can be avoided. Some enterprises still rely on “security by obscurity” which is completely outdated in an era when hackers can probe nearly anything. It is obvious that new approaches are needed.

Hackers are changing their Targets

This isn’t to say that past and present security appliances haven’t been successful. These solutions have definitely hardened operating systems and applications, thus eliminating a lot of low hanging fruit. To counter this success, cyberattacks have become more sophisticated and attackers are turning their attention to platform firmware and embedded systems. This trend is confirmed by the National Institute of Standards and Technology:

"As cyber-attacks become more sophisticated, the potential for BIOS or other firmware attacks is growing."

HPE’s Zero Trust Server Solution

HPE heralds its Gen10 servers as “The World’s Most Secure Industry Standard Servers.” That is a bold claim, but HPE has invested a great deal of time and money into bold solutions that IT teams can rely upon. HPE’s approach to server design is built on the belief that infrastructure should be the strongest defense, armed with the latest innovations to protect, detect, and recover from security attacks. When security is embedded into the server infrastructure itself, the reliance on dedicated security appliances is diminished. By adopting this new model, HPE is separating itself from its competition that still relies on external security sources. HPE has taken a huge step to offer the most secure infrastructure in the industry.

HPE Gen10 Servers are built on Zero-trust Design

HPE designed its Gen10 servers to trust nothing. This includes its own internal components. What this means is that no component, endpoint, or service will communicate with one another unless they know they are allowed to and can cryptographically authenticate. HPE calls it the Silicon Root of Trust. It protects against firmware attacks, detects previously undetectable compromised firmware or malware, and helps to rapidly recover the server in the event of an attack. HPE creates a digital fingerprint within the silicon itself, and they’re able to do this because HPE creates its own silicone and firmware. This customized security-embedded firmware is inserted into the server before the server is even built. This extra step separates them from competitors. In the event that the embedded code is ever compromised in an attack, the configuration of the firmware is changed, thus creating a mismatch of the digital fingerprint in the silicon.

Thanks to this collection of digital fingerprints within the silicon itself, a server will never boot with compromised firmware. This concept of code assessment during bootup is not new. HPE takes it a step further however by conducting daily runtime firmware validations. Should the silicon root of trust ever be unbroken, an audit log alert is created and the customer is immediately notified. Customers can then securely recover the firmware to a previous known good state in automatic fashion. 

Secure, Intelligent Infrastructure

Gartner says that intelligent infrastructure is the next innovation in delivering optimized systems for applications. The need for secure intelligent infrastructure is imperative in an era in which enterprise users are now spread out amongst remote workspaces. If your infrastructure isn’t secure, then your extended enterprise won’t be either. HPE is the only vendor to provide Silicon Root of Trust protection. With HPE ProLiant Gen10 servers, your server infrastructure can be your strongest defense in the cyber war against digital viruses, just as our attention to washing our hands and social distancing are our best defense against biological viral threats. We are living in a time of heightened security. Make sure your server infrastructure is one less thing that you have to worry about.

 

Real Tech with WEI: HPE ProLiant Gen 10 Servers

NEXT STEPS: Take a closer look at the HPE Gen10 Server in this Real Tech with WEI video featuring our Solutions Architect, Jay Cardin. He takes you 'under the hood' of the server built with security in mind, and reviews the key features that will benefit your business.