HPE's Gen10 Servers Will Have Security Drilled into Silicon

The company's custom silicon enables security at the firmware level.

Christine Hall

June 12, 2017

3 Min Read
HPE's Gen10 Servers Will Have Security Drilled into Silicon
HPEs iLO firmware chip. Photo: HPE

Hewlett Packard Enterprise unveiled Gen10 at Discover in Las Vegas last week, the first major upgrade to its ProLiant line of servers since Gen9 was released in 2014. While the release of a new server is generally not very interesting in this age of commodity hardware, this one is a bit more notable as it has some interesting security features built into the hardware.

The announcement was made by Alain Andreoli, head of HPE's infrastructure group, with no shortage of hyperbole: "We have definitively created the world's most secure industry standard server."

The security feature works at the firmware level, utilizing custom HPE silicon.

"In each Gen10 server we have created a unique individual fingerprint for the silicon," Andreoli explained. "Your server will not boot unless the firmware matches this print -- it is just locked end to end."

This silicon-level approach to security is reminiscent of the approach used by Google, which has designed custom security chips for servers its cloud runs on inside Google data centers.

Read more: Here's How Google Secures Its Cloud

According to HPE, the technology from the silicon to the firmware is proprietary. A mismatch is only possible if the firmware has been altered.

In addition, the servers have another level of built-in security protection that utilizes technology the company gained when it acquired the behavioral security analytics startup Niara earlier this year.

"We have embedded proactive detection and recovery," Andreoli said. "Your server has been turned into your own active spy. Every day it scans millions of lines of code to detect any potential malware. Then we decided to apply advanced machine learning to identify any malicious behavior. You can think of it this way: The system endlessly trains itself and learns again and again. It analyses patterns, identifies suspicious activity, and informs you if there is a threat so you don't have to be paranoid anymore.

"Finally, it's all about the life cycle of the data. Security's a long journey. We have even planned for the grave. When your server is being disposed of, its embedded data cannot be reconstructed or retrieved any longer. We protect it forever."

"This means that not only do we have the most secure industry standard servers," Andreoli said, "but also that none of our competitors will be possibly able to catch up."

HPE's competitors might have different ideas.

In addition to these security features, the new servers will offer Scalable Persistent Memory with terabyte capacity and includes another feature that Andreoli called "intelligent system tuning."

"What this does is optimize a new capability that Intel CPUs will have to tune their clock speeds for different levels of performance." This will evidently allow the server to match workload profiles, boosting overall performance.

The servers will also be available with a pricing option that will allow users to scale up or down while only paying for what they use. Current users of Gen9 servers will be able to "upgrade to Gen10 with no upgrade in your payments."

The servers are expected to be available this summer.

About the Author(s)

Christine Hall

Freelance author

Christine Hall has been a journalist since 1971. In 2001 she began writing a weekly consumer computer column and began covering IT full time in 2002, focusing on Linux and open source software. Since 2010 she's published and edited the website FOSS Force. Follow her on Twitter: @BrideOfLinux.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like