ManualsPro DELL EMC DELL EMC R6415 PowerEdge Servers Instruction Manual

DELL EMC R6415 PowerEdge Servers Instruction Manual

June 15, 2024
DELL EMC

DELL EMC R6415 PowerEdge Servers

DELL-EMC-R6415-PowerEdge-Servers-product

SUMMARY

  • While there are many aspects of VDI deployments to consider, security risks should be considered and addressed.
  • Adequately securing a VDI environment goes beyond implementing just end-point and software-based security solutions.
  • Implementing Secure Boot and Secure Operation in infrastructure supporting VDI environments is critical.

opeartion

Securing VDI environments goes beyond implementing end-point security. Other security-related issues need to be considered, especially risks associated with infrastructure supporting those environments. One such example regards security controls for the virtualized OS, which need to provide the same level of security as those used for operating systems running directly on hardware. IT professionals should also determine whether other pre-hypervisor (BIOS, boot loader, etc.) steps and configurations are invoked according to the enterprise’s security standards. Physical security may not be the newest of risk mitigation techniques, but the IT professional’s assessment of the VDI environment should include assurance that all related hardware is appropriately restricted relative to physical access, thereby reducing the chance that CPU boot processes could be altered. That being said, Secure Boot and Secure Operation are two critical security measures that should be considered for implementation in VDI environments.

Secure Boot
The main objective of malware writers is to make malicious code start as early as possible, enabling it to make modifications to the operating system’s code and system drivers. Rootkits/bootkits are one of the most advanced tools available to cybercriminals since it enables malicious code to start before the operating system loads. ‘Secure Boot’ mitigates these threats by checking the cryptographic signatures for drivers and other code loaded prior to the OS running and preventing unsigned (untrusted) device drivers from being loaded.

Secure Operation
As many people know, systems provide encryption solutions for Data at Rest (on an HDD or SSD) and for Data in Motion (on a network), but data running in main system memory is not encrypted, leaving it vulnerable to attacks such as memory scrapes and cold boot attacks. ‘Secure Memory Encryption’ or SME mitigates this challenge by providing a solution that encrypts system memory and protects data at rest.

Implementing Secure Boot and Secure Operation
The combination of both hardware- and software-based security measures provides a far superior solution than implementing one or the other. Dell PowerEdge R6415, R7415 and R7425 servers, which are based on AMD EPYC processors, complete the second half of the equation by providing provide hardware-based security measures. These measures are implemented through what is called ‘System-on-a-Chip’ or SOC. This feature provides a dedicated 32-bit microcontroller located on the physical die of the chip.

SOC addresses the Secure Boot concern by prohibiting modifications to an operating system’s code and system drivers. It does this by providing a hardware root of trust that is designed to ensure only known and trusted software is loaded and run from the initial boot load through the BIOS load. It does this through 4 steps, as follows (see Figure 1):

  • An AMD ‘Secure Processor’ loads an on-chip, Boot ROM which includes a signing key (a key that is embedded in the AMD Secure Processor).
  • The Boot ROM then loads and authenticates, via the signing key, an off-chip “OS Boot Loader’.
  • This OS Boot Loader then authenticates the BIOS before the x86 cores start executing the BIOS code.
  • Once the BIOS is authenticated, the OS Boot Loader loads the OS or Hypervisor.

The OS Boot Loader also authenticates/loads code for the AMD Secure Processor to perform secure key management.
Leveraging capabilities of the AMD EPYC processor, the PowerEdge R6415, R7415, and R7425 servers also ensure that “data at work” (data that is in main system memory) stays safe via AMD’s ‘Secure Memory

Encryption’ or SME. Like Secure Boot, the AMD Secure Processor enables this by generating a single key that is used to encrypt everything in system memory. An added benefit is that this can be enabled with no changes to applications or the OS/hypervisor.
In-depth technical explanations of the above can be found in the Direct from Development tech note, ‘AMD CPU Security Features in PowerEdge Servers.’

Conclusion

There are many security aspects to address when implementing a VDI environment. While it may seem sufficient to implement end-point and/or software-based security solutions, security concerns associated with the underlying hardware must also be addressed. The Dell PowerEdge R6415, R7415, and R7425 servers, based on AMD EPYC processors, provide Secure Boot and Secure Operation security capabilities that prevent accidental or malicious alteration or corruption of BIOS, firmware, and data in memory. In doing so, these features implement security at the hardware level and should be seriously considered for implementation in servers that support VDI environments.

© 2018 Dell Inc. or its subsidiaries. All Rights Reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>

DELL EMC User Manuals

Dell EMC PowerEdge R650 Instruction Manual
DELL EMC
DELL EMC PowerEdge XR12 Rack Server Instruction Manual
DELL EMC
DELL EMC Support and Service for APEX Instructions
DELL EMC
DELL EMC R340 PowerEdge Rack Server User Guide
DELL EMC
DELL EMC Repository Manager Version 3.4.1 User Guide
DELL EMC
DELL EMC SC9000 Storage Array User Guide
DELL EMC
DELL EMC OpenManage Enterprise Power Manager 3.0 User Guide
DELL EMC
DELL EMC OpenManage Plug-in version 3.2.0 for Nagios Core User Guide
DELL EMC
DELL EMC Repository Manager Version 3.4.2 Release Notes User Guide
DELL EMC
DELL EMC PowerEdge MX7000 Management Module User Guide
DELL EMC
DELL EMC EMC PowerStoreOS Release Notes Instructions
DELL EMC
Dell EMC EMC PowerStore Scalable All Flash Storage User Guide
DELL EMC
Dell EMC MX7000 OpenManage Enterprise User Guide
DELL EMC
DELL EMC E660 VxRail Hyperconverged Storage User Manual
DELL EMC
DELL EMC PowerEdge R650xs Rack Server User Guide
DELL EMC
DELL EMC 12M1H PowerEdge R450 Intel Xeon Silver User Guide
DELL EMC
Dell EMC S3048-ON EMC PowerSwitch Installation Guide
DELL EMC
Dell EMC PowerEdge T440 Tower Server User Guide
DELL EMC
Dell EMC EMC Secured Component Verification Reference User Guide
DELL EMC
Dell EMC DRM-3-4-4 Repository Manager User Guide
DELL EMC

Related Manuals

caple INCH Built-Under Extractor Hood Instruction Manual
caple
LEVITON TSL06-1LT Toggle Slide Dimmer Switch Instruction Manual
Leviton
AfterShokz-Aeropex-Open-Ear-Bluetooth-headphones-Complete featured\Instruction Manual
AfterShokz
EXPLORER BEAR UR35-W Insulated Personal Cooler User Manual
EXPLORER BEAR
BLAUPUNKT A-R G 01-E Antenna Funline Instruction Manual
Blaupunkt
LIGHTSPEED Delta Zulu ANR Headset User Guide
lightspeed
eta Fenite Hot Air Brush User Manual
ETA
Polibi WF290950 Twin Full Bunkbed With Desk Instruction Manual
Polibi
WHITE SHARK ESL-K2 KATANA 100 Keys Mechanical Gaming Keyboard Instruction Manual
WHITE SHARK
woosim systems iTALK-310 2 Inch Mobile Printer Instruction Manual
Woosim Systems
Lenco DIR-140 Stereo Internet Radio with DAB+ FM and Bluetooth User Manual
Lenco
Knightsbridge EXBSCKIT 100mm-4 Inch Back Kit Instruction Manual
Knightsbridge
IZZY IZ -8222 4.5L Digital Air Fry Instruction Manual
Izzy
BEGA 51261.4K3 LED Wall Luminaire Instruction Manual
BEGA
QAZQA Karin SL Spot the Modern Ceiling Instruction Manual
QAZQA
DRAZICE OKCE 125 2-2 kW Tank Type Water Heater for Vertical Mounting Instruction Manual
Drazice
ooni Koda 16 Gas Powered Pizza Oven Instruction Manual
Ooni
CARSON Raupenbagger Excavator 2.4 GHz Instruction Manual
Carson
AVTEDU620 LED Heart Beat Instruction Manual
AVT
LG MFL719460102302rev00 OLED 55 Inch 4K Smart TV Owner’s Manual
LG
beeloom 1300074 Jungle Drum Play Table Chair Set Instruction Manual
beeloom
IMMERGAS 3.023961 Wall-Hung Modular Condensing Boiler Instructions
IMMERGAS
PETLIBRO PLCT004 INFINITY Cat Tree User Manual
PETLIBRO
Sunnydaze DECOR B09KH63G7Q 4 Foot Galvanized Steel Square Raised Garden Bed Instruction Manual
Sunnydaze DECOR
PHILIPS DLE1210GL Leading Edge Dimmer Controller Instruction Manual
Philips
rapidline RT3612 Side Table Installation Guide
rapidline
DELL Wyse Management Suite Software User Guide
Dell
Salta 5134 Guard Basketball Hoop User Manual
Salta
argo ORION Portable Air Conditioner Local Instruction Manual
argo
IFIXIT Acer Aspire R7 Battery Replacement User Manual
IFIXIT
Contact Us   Privacy Policy   3.992ms