Home > Servers > Specialty Servers > White Papers > Bringing high performance and reliability to the edge with rugged Dell EMC PowerEdge XR servers > Keep data secure by building on cyber resilient architecture
Sophisticated cybersecurity threats from malware and ransomware continue to emerge at increasing rates, compromising critical data and grinding business to a halt. Cyber resiliency, or the ability to protect, detect, and recover from cyberattacks, is critical to keeping workloads at the edge available. PowerEdge XR11 and XR12 rugged servers are equipped with Dell’s cyber-resilient architecture that builds in multiple layers of security, from the supply chain to hardware and software.
Dell EMC PowerEdge XR platforms utilize NIST cybersecurity framework standards that focus on protection, detection, identification, response, and recovery to create a comprehensive approach to cybersecurity.
Dell builds security into each PowerEdge XR server from the start as part of the design process, rather than adding it as an afterthought, through a Secure Development Lifecyle (SDL) that requires awareness and discipline at each stage of development. Dell conceives, designs, prototypes, implements, sets into production, deploys, and maintains server features with security as a key priority.
Dell has created a long-standing partnership of trust among people, customers, and suppliers that enables Dell to champion security, integrity, quality, and resilience in every facet of its offerings. Dell Technologies has also created the Secured Component Verification (SCV) program that provides verification of hardware integrity from the outset.
Many of the key security layers that make up Dell’s cyber resilient architecture are listed below. One of the most important features is the immutable, silicon-based root-of-trust that cryptographically attests to the integrity of BIOS and iDRAC firmware. The proprietary iDRAC management tool allows administrators to monitor changes in the system, requiring signed firmware updates and detecting configuration and firmware drift beyond the authorized configuration for quick mitigation. With Enterprise or Datacenter licenses, iDRAC offers a feature that locks down a server’s hardware and firmware configurations, thereby preventing configuration drift and protecting against malicious attacks against embedded firmware. Lockdown mode can be enabled dynamically, without requiring a system reboot.