Monday, December 13, 2021

Intrinsic infratructure security for the hybrid world

Windows Admin Center 2110 was announced generally available (GA) at Ignite 2021. In this release, Windows Admin Center introduced Secured-core server as part of the Security tool to support Azure Stack HCI clusters. The Security tool now also provides support for both single server and Azure Stack HCI clusters, making security management and control even easier. 

Now, we are further excited to announce the release of a new version of the Dell EMC OpenManage extension with Windows Admin Center that includes key new security-themed features. The OpenManage extension brings in intrinsic security management streamlined for Azure Stack HCI and Windows Server. Complementing Windows Admin Center’s native Security tool, the Dell EMC OpenManage extension helps IT administrators configure Secured-core server end-to-end from the BIOS level. Additionally, in this version a key protection has been made available with the new Infrastructure lock feature, which leverages iDRAC9 system lockdown to prevent and control any unintended changes, resulting in a fully protected system.  

Secured-Core server automation for Azure Stack HCI and Windows Server 2022

Protect your infrastructure with Secured-core server from Microsoft. By leveraging Dell Technologies Cyber Resilient Architecture, comprehensive protection from deployment to retirement can be achieved to protect, detect, and recover systems from cyberattacks. The partnership between Dell Technologies and Microsoft delivers end-to-end security of Secured-core server, enabling advanced protection with Hardware based Root of Trust at various levels:  

  • At the platform level with Dell EMC’s immutable, silicon-based Root of Trust  
  • Built into modern CPUs, enabled at BIOS level 
  • Operating system security features in Windows Server and Azure Stack HCI.  


Achieving this end-to-end protection can now be entirely automated by leveraging the Microsoft Windows Admin Center Security tool, the Secured-core extension for OS level configuration, CPU level protection settings of Trusted Platform Module (TPM) 2.0, Dynamic Root of Trust Measurement (DRTM) etc., enabled at the platform BIOS level can now be done from Dell EMC OpenManage Integration in a Cluster-Aware fashion for protection to the fullest extent against current and future threats.  



















Infrastructure lock to prevent unintended changes 

Infrastructure lock is now available for your Dell Technologies iDRAC9 based systems. Dell EMC focuses on “protect”, a key component of the NIST Cybersecurity Framework, which serves to guard against cybersecurity attacks. Staying protected with integrated security is essential for a cyber-resilient server architecture for the hybrid world. Protect the infrastructure by preventing unauthorized BIOS, firmware changes, downgrades, or updates that could potentially be a vector of attack. This feature, when enabled, prevents infrastructure from any unintended changes to BIOS, iDRAC, firmware, drivers involving updates and configuration changes to HCI, clusters and systems. The OpenManage Windows Admin Center extension’s new security-themed features focuses on these infrastructure assets, providing robust protection against unauthorized access to resources and data with the fullest protection of infrastructure. Dell EMC recommends enabling the infrastructure lock for unintended changes for Azure Stack HCI, Windows Server HCI, failover clusters and PowerEdge Servers. Protection is done as an autonomous operation by enabling the infrastructure lock where applicable in a Cluster-aware fashion with no perceived downtime to running workloads. 


The infrastructure lock does, however, allow for continued access to key operations from Windows Admin Center with notifications and confirmation from the OpenManage extension by an administrator for updates and configuration changes. Key infrastructure operations such as power capping and power cycling, health monitoring and virtual console access will be allowed, while keeping cluster and server workloads running. All container, hypervisor and OS functionality are also fully available and accessible. 













About the Dell EMC OpenManage Integration extension 

The OpenManage extension and snap-in is a native integration offering streamlined lifecycle management across edge, local and remote environments. With no additional software or agent, it offers automation of full stack and hardware cluster-aware updating (CAU), as well as hybrid features that assist IT administrators in essential visibility, control, and management of HCI, clusters and servers running on-premises and Azure hybrid environments.  

For further details check out Microsoft HCI Solutions from Dell Technologies Infohub and the Life Cycle Management whitepaper from Dell Technologies lab testing. 

Download now!

We hope you enjoy this latest update of Windows Admin Center and the Dell EMC OpenManage extension, including all the new security-themed functionality. You can download the latest version of the Dell EMC OpenManage extension through the Windows Admin Center extension feed or from Dell EMC eSupport 

Posted at