A malicious hacker who has physical access to a system can tamper with the BIOS. A tampered BIOS code poses a high security threat and makes the system vulnerable to further attacks. With the Secured-core feature, OMIMSWAC ensures that your cluster boots only using the software that is trusted by Dell.
Secured-core feature is supported on the following configurations:
- AMD processor types:
- AMD Milan with cluster nodes BIOS version must be 2.3.6 or above.
- Intel processor types:
- Cluster nodes BIOS version must be 1.3.8 or above.
Note: The following Intel processor types are not supported for Secured-core feature:
- E-23 series and Pentium SKUs such as G6605, G6505, G6505T, G6405, and G6405T.
- OS versions:
- Azure Stack HCI OS 22H2.
- TPM V2.0 module must be installed with firmware 7.2.2.0 or above.
- OMIWAC Premium License must be installed on each cluster node.
Secured-core feature includes enabling BIOS and OS security features. Both Dell Technologies and Microsoft recommend enabling BIOS security features and OS security features respectively to protect infrastructure from external threats. In Windows Admin Center, use Dell OpenManage Integration with Microsoft Windows Admin Center extension to enable BIOS security features and use Security extension to enable OS security features. For more information about OS security features, see the Microsoft guidelines.
Enable BIOS security features as follows: