Vik

Dell To Add Off-Host BIOS Verification To Endpoint Security Suite Enterprise
  • Comments are Closed

Dell To Add Off-Host BIOS Verification To Endpoint Security Suite Enterprise

At CES this year, Dell kind of broke from tradition and focused more on their business products. When I had a chance to talk to them, they were very enthusiastic about the fact that Dell is one of the few companies that does complete end to end solutions for the enterprise. Part of that end to end solution is Dell’s Endpoint Security Suite Enterprise, which includes data protection, authentication, and malware prevention.

A new feature coming to this suite is going to be BIOS verification. Dell found that there was a gap in the market with regards to securing the boot process. BIOS attacks are especially nasty, because they load up before the operating system and can more easily avoid detection. Most malware protection products focus on heuristics and virus signatures, but that landscape is changing with less mass targeting of malware and more directed attacks at specific companies, or even people. Dell’s Endpoint suite was recently updated to use Cylance as their anti-virus engine, and it uses machine learning which, according to Dell, can stop 99% of malware, even if it’s a zero-day or unknown exploit. Signature based detection is accurate 50% or less of the time, according to the same tests.

But all of that is to protect the operating system. If malware gets into the BIOS, it can be very difficult to detect. There are already methods to help deal with this – Microsoft Windows offers protection called Measured Boot which verifies the BIOS with help of the Trusted Platform Module. Dell wants to take this one step further, and remove the local host from the equation at all. Instead, Dell computers with the Endpoint Suite will be able to compare a SHA256 hash of the BIOS against a known good version kept on Dell’s servers. Since Dell is the one that originally creates the BIOS, they would be the authority to ensure that it has not been compromised.

Dell’s suite will perform a hash function on the BIOS, and send it to Dell. If the BIOS is found to have a non-matching return value, Dell’s servers will send an alert to the designated IT admins for the organization.

Dell’s Latitude 13 7000 will be available with BIOS Verification

Unlike Secure Boot, Dell’s solution does not actually stop the device from booting, or even alert the end user. The hashing and comparison is not done in real-time, but rather after the machine finishes booting, the Endpoint Suite will send it to Dell. Dell made it very clear that their intention was not to interfere with the device itself, but rather to give the IT admins notification of an issue so that they can deal with it through their own response and policy.

One obvious question I had to ask was if this same hashing could be done on a continuous basis, rather than just at boot, because the Endpoint Suite is what gathers the information and sends it to Dell. They were happy to let me know that a policy based scan of the BIOS is something they are working on, and they are hoping for it to be available in Q2 of this year. Scanning the BIOS every hour, or whatever is deemed a good time by the IT admins, would give them a leg up to catch the software before it even gets to go through a boot process and get itself into the system.

Dell has focused very much on being a one-stop shop for all of a companies computing needs, from servers, to desktops, to displays, and even services. This addition to their Enterprise Security Suite Enterprise will initially be available for Dell’s lineup of commercial PCs based on 6th generation Intel processors. They were keen to point out that BIOS attacks are not anywhere near as commonplace as traditional malware, but it is important to be out in front of these types of attacks.

Source: Dell

  • Comments are Closed

Who Controls the User Experience? AMD’s Carrizo Thoroughly Tested

In Q2 of 2015, AMD officially launched Carrizo, their new APU aimed at mobile devices such as laptops and portable all-in-ones that normally accommodate 15W-35W processors. Quoted in the media as ‘the biggest change to Bulldozer since Bulldozer itself’, the marketing arm of AMD released information regarding the architecture of the new processor which contained a long list of fluid and dynamic implementations on improving the Bulldozer based architecture over the previous iteration of Steamroller. Despite this, AMDs target market for the Carrizo platform has not been receptive to AMDs product stack in recent generations due to issues surrounding performance, battery life and designs. AMD believes to have solved the first two of those with Carrizo, whereas the third is out of their hands and up to the OEMs to embrace AMDs platform. We wondered if the OEM’s concerns were well placed, and organized some special testing to confirm AMD’s claims about Carrizo.

  • Comments are Closed

Who Controls the User Experience? AMD’s Carrizo Thoroughly Tested

In Q2 of 2015, AMD officially launched Carrizo, their new APU aimed at mobile devices such as laptops and portable all-in-ones that normally accommodate 15W-35W processors. Quoted in the media as ‘the biggest change to Bulldozer since Bulldozer itself’, the marketing arm of AMD released information regarding the architecture of the new processor which contained a long list of fluid and dynamic implementations on improving the Bulldozer based architecture over the previous iteration of Steamroller. Despite this, AMDs target market for the Carrizo platform has not been receptive to AMDs product stack in recent generations due to issues surrounding performance, battery life and designs. AMD believes to have solved the first two of those with Carrizo, whereas the third is out of their hands and up to the OEMs to embrace AMDs platform. We wondered if the OEM’s concerns were well placed, and organized some special testing to confirm AMD’s claims about Carrizo.

ioSafe Launches BDR 515 Backup and Disaster Recovery Appliance
  • Comments are Closed

ioSafe Launches BDR 515 Backup and Disaster Recovery Appliance

ioSafe’s disaster-resistant storage devices are unique in the market. Yesterday, they introduced the latest member of their backup and data recovery (BDR) server lineup – the BDR 515. It is a 5-bay x86 NAS running Windows Server 2012 R2. Earlier NAS appliances from ioSafe such as the 1513+ and 1515+ were based on Synology’s DSM OS. With the BDR 515, the focus has shifted to consumers who want the familiarity and capabilities of Microsoft’s server platform.

Before going into the details of the BDR 515, it might be useful to see the conditions under which a BDR NAS unit might make sense. These appliances are usually installed in server rooms and automatically back up all the data stored on servers both locally and to the cloud. If the servers are damaged because of a major hardware outage, a natural disaster, or other emergency, BDRs can help to quickly restore the data. Thanks to the fact that BDRs store data both locally and in the cloud, they can restore data even if they are physically damaged as well. Moreover, the BDR can act as a replica of the server it is attached to and work as a backup machine.

ioSafe’s BDR 515, like their complementary NAS offerings (1515+, 1513+ and the 214), is resistant to both fire and water damage. The protection specifications are the same as before – fire with temperatures up to 1550°F for 30 minutes (in accordance with the ASTM E-119 testing standard) and submergence in 10-feet deep water for three days without any harm to data. Unlike other BDR servers, the model 515 from ioSafe protects data immediately after it is recorded on its HDDs thanks to its ability to protect data in the harshest environments. Even if the Internet connection is absent after a fire or flooding, the protection for the hard disks in the BDR 515 allows data to be restored from the device after retrieval of the appliance from the disaster site.

The ioSafe BDR 515 is based on the dual-core Intel Core i5-4570T (2.90 GHz) and is equipped with 16 GB DDR3 memory. It uses the Areca ARC-1225-8i hardware RAID controller and two Intel i210 Gigabit Ethernet controllers. The BDR 515 can be equipped with up to five 6 TB WD Red hard disk drives and store up to 30 TB of data. ioSafe’s previous flagship BDR – the 1515+ running Synology’s DSM – utilized a low power Intel Atom processor. The 515’s Core i5-4570T should help ioSafe to significantly improve performance of the solution, but, at the cost of higher power consumption.

To ensure that the BDR 515 can handle the CPU with higher TDP, ioSafe had to install a dedicated air duct to pull fresh outside air directly across the processor heat sink. In addition, the company increased the quantity of FloSafe vents for greater airflow over HDDs. The fans are also larger compared to the ones in the 1515+.

The device will only be available via ioSafe’s channel partners and its price depends on actual configuration.

ioSafe Launches BDR 515 Backup and Disaster Recovery Appliance
  • Comments are Closed

ioSafe Launches BDR 515 Backup and Disaster Recovery Appliance

ioSafe’s disaster-resistant storage devices are unique in the market. Yesterday, they introduced the latest member of their backup and data recovery (BDR) server lineup – the BDR 515. It is a 5-bay x86 NAS running Windows Server 2012 R2. Earlier NAS appliances from ioSafe such as the 1513+ and 1515+ were based on Synology’s DSM OS. With the BDR 515, the focus has shifted to consumers who want the familiarity and capabilities of Microsoft’s server platform.

Before going into the details of the BDR 515, it might be useful to see the conditions under which a BDR NAS unit might make sense. These appliances are usually installed in server rooms and automatically back up all the data stored on servers both locally and to the cloud. If the servers are damaged because of a major hardware outage, a natural disaster, or other emergency, BDRs can help to quickly restore the data. Thanks to the fact that BDRs store data both locally and in the cloud, they can restore data even if they are physically damaged as well. Moreover, the BDR can act as a replica of the server it is attached to and work as a backup machine.

ioSafe’s BDR 515, like their complementary NAS offerings (1515+, 1513+ and the 214), is resistant to both fire and water damage. The protection specifications are the same as before – fire with temperatures up to 1550°F for 30 minutes (in accordance with the ASTM E-119 testing standard) and submergence in 10-feet deep water for three days without any harm to data. Unlike other BDR servers, the model 515 from ioSafe protects data immediately after it is recorded on its HDDs thanks to its ability to protect data in the harshest environments. Even if the Internet connection is absent after a fire or flooding, the protection for the hard disks in the BDR 515 allows data to be restored from the device after retrieval of the appliance from the disaster site.

The ioSafe BDR 515 is based on the dual-core Intel Core i5-4570T (2.90 GHz) and is equipped with 16 GB DDR3 memory. It uses the Areca ARC-1225-8i hardware RAID controller and two Intel i210 Gigabit Ethernet controllers. The BDR 515 can be equipped with up to five 6 TB WD Red hard disk drives and store up to 30 TB of data. ioSafe’s previous flagship BDR – the 1515+ running Synology’s DSM – utilized a low power Intel Atom processor. The 515’s Core i5-4570T should help ioSafe to significantly improve performance of the solution, but, at the cost of higher power consumption.

To ensure that the BDR 515 can handle the CPU with higher TDP, ioSafe had to install a dedicated air duct to pull fresh outside air directly across the processor heat sink. In addition, the company increased the quantity of FloSafe vents for greater airflow over HDDs. The fans are also larger compared to the ones in the 1515+.

The device will only be available via ioSafe’s channel partners and its price depends on actual configuration.