Manualshelf

White Papers

ManualsBrandsDell ManualsActive System ManageriDRAC7 Version 1.00.00
1234567
New Security Features in the Integrated Dell Remote Access Controller 7
3
Introduction
The Integrated Dell Remote Access Controller version 7 (iDRAC7) provides comprehensive management,
without relying on OS agents, for DellPowerEdge™ 12
th
generation servers. In addition to many new
functional and ease-of-use features, iDRAC7 includes the following new key security features. For more
information, go to www.dell.com/idrac7
.
Firmware code signing and verification
Built-in Hidden Root Key (provides a number of Trusted Platform Model (TPM)-like features to
iDRAC)
Credential Vault
Field Service Debug Authorization Facility
Lifecycle Controller wipe
iDRAC7 firmware signing
In response to a growing concern in the security industry and among security conscious customers about
the threat of malicious firmware, iDRAC7 firmware updates are signed and verified. Updates are signed
near the end of the firmware build process. The signatures are verified when firmware updates are
later applied by customers. The signature generation and verification processes are as specified by the
US Digital Signature Standard (FIPS-186-3). This verification results in a high level of assurance that
iDRAC7 only runs firmware designed and delivered by Dell.
The threat landscape
In the last few years, the threat of “phlash attacks” has gone from a theoretical concern to a real
phenomenon. From router rootkits, to hacked printers, to proofs of concepts of car hacks, to the many
instances of “open source firmware,” the viability of changing or replacing the manufacturers
firmware is well established.
While it would be both annoying and inconvenient to have a hacker ruin a home ink jet printer, a
phlash attack against a server management solution, such as iDRAC7, could have much more serious
consequences. Because iDRAC7 performs the important function of managing servers remotely, it can
also provide a ready vehicle for attacking servers. Using iDRAC7, server operation can be disrupted in a
large number of ways: from powering off the server all the way to erasing RAID configuration. Remote
access solutions even provide a way to remotely boot a server with the OS image of an attacker’s
choice.
Keeping pace
Dell server technology is keeping pace with the threat landscape by following a process of continuous
security improvement and innovation. Our focus is on good security features and on secure
development practices, while minimizing customer impact and providing high value. Firmware code
signing and verification exemplifies this approach.