(reveal music) >> We're kicking off with Deepak Rangaraj who's PowerEdge Security Product Manager at Dell Technologies. Deepak. Great to have you on the program. Thank you. >> Thank you for having me. >> So we're going through the infrastructure stack and in part one of this series, we looked at the landscape overall and how cyber has changed and specifically how Dell thinks about data protection in and security in a manner that both secures infrastructure and minimizes organizational friction. We also hit on the storage part of the portfolio. So now we want to dig into servers. So my first question is what are the critical aspects of securing server infrastructure that our audience should be aware of? >> Sure. So if you look at computing in general, right? It has rapidly evolved over the past couple of years especially with trends towards software defined data centers and with also organizations having to deal with hybrid environments, where they have private clouds public cloud, extra locations, remote offices and also remote workers. So on top of this, there's also an increase in the complexity of the supply chain itself, right? There are companies who are dealing with hundreds of suppliers as part of their supply chain. So all of this complexity provides a lot of opportunity for attackers because it's expanding the threat surface of what can be attacked. And attacks are becoming more frequent, more severe and more sophisticated. And this has also triggered around, in the regulatory and mandates around the security needs. And these regulations are not just in the government sector, right? So it extends to critical infrastructure. And eventually it will also get into the private sector. In addition to this organizations are also looking at their own internal compliance mandates and this could be based on the industry in which they're operating in or it could be their own security questions. And this is the landscape in which servers are operating in today. And given that servers are the foundational blocks of the data center it becomes extremely important to protect them, and given how complex the modern server platforms are, it's also extremely difficult and it takes a lot of effort. And this means protecting everything from the supply chain, to the manufacturing, and then eventually the assuring the hardware and software integrity of the platforms and also the operations. And there are very few companies that go to the lengths that Dell does in order to secure the server. We truly believe in the notion and the security mentality that, you know security should enable our customers to go focus on their business and proactively innovate on their business. And it should not be a burden to them. And we heavily invest to make that possible for our customers. >> So, this is really important because the premise that I set up at the beginning of this was really that I, as a security pro, I'm not a security pro, but if I were I wouldn't want to be doing all this infrastructure stuff because I now have all these new things I got to deal with. I want a company like Dell who has the resources to build that security in, to deal with the supply chain, to ensure the Providence et cetera. So I'm glad you hit on that but so given what you just said, what does cybersecurity resilience mean from a server perspective? For example, are there specific principles that Dell adheres to that are non-negotiable, let's say. How does Dell ensure that its customers can trust your server infrastructure? >> Yeah. Like when, when it comes to security at Dell, right it's ingrained in our product DNA. So that's the best way to put it. And security is non-negotiable, right? It's never an after thought where you come up with a design and then later on figure out how to go make it secure, right? With our security development life cycle, the products are being designed to counter these threats right from the beginning. And in addition to that, we are also testing and evaluating these products continuously to identify vulnerabilities. We also have external third party audits which supplement this process. And in addition to this Dell makes the commitment that we will rapidly respond to any mitigations and any vulnerabilities and exposures found out in the field and provide mitigations and patches for those in a timely manner. So this security principle is also built into our server life cycle, right? Every phase of it. So we want our products to provide cutting edge capabilities when it comes to security. So as part of that, we are constantly evaluating what our security model has done. We are building on it and continuously improving it. So till a few years ago, our model was primarily based on the NEST Framework of protect, detect, and regular. And it's still aligns really well to that framework. But over the past couple of years, we have seen how computers evolved, how the threats have evolved. And we have also seen the regulatory trends and we recognize the fact that the best security strategy for the modern world is a Zero Trust approach. And so now when we are building our infrastructure and tools and offerings for customers, first and foremost, they're cyber resilient, right? What we mean by that is they're capable of anticipating threats, withstanding attacks and rapidly recurring from attacks, and also adapting to the adverse conditions in which they're deployed. The process of designing these capabilities and identifying these capabilities, however is done through the Zero Trust Framework. And that's very important because now we are also anticipating how our customers will end up using these capabilities at their end to enable their own Zero Trust IT Environments and IT Zero Risk Deployments. We have completely adapted our security approach to make it easier for customers to work with us no matter where they are in their journey towards zero trust adoption. >> So thank you for that. You mentioned the NEST framework. You talked about Zero Trust. When I think about NEST I think as well about layered approaches. And when I think about Zero Trust, I think about if you don't have access to it, you're not getting access. You got to earn that access and you've got layers. And then you still assume that bad guys are going to get in. So you've got to detect that and you've got to response. So server infrastructure security is so fundamental. So my question is what is Dell providing specifically to for example, detect anomalies and breaches from unauthorized activity? How do you enable fast and easy or facile recovery from malicious incidents? >> Right, what that is, is exactly right. Breaches are bound to happen. Given how complex our current environment is it's extremely distributed and extremely connected, right? Data and users are no longer contained within offices where we can set up a parameter firewall and say, yeah, everything within that is good. We can trust everything within it. That's no longer true. The best approach to protect data and infrastructure in the current world is to use a Zero Trust approach which uses the principles, nothing is ever trusted, right? Nothing is trusted implicitly. You're constantly verifying every single user, every single device and every single access in your system at every single level of your IT environment. And this is the principle that we use on PowerEdge, right? But with an increased focus on providing granular controls and checks based on the principles of these privileged access. So the idea is that service first and foremost need to make sure that the threats never enter and they're rejected at the point of entry but we recognize breaches are going to occur. And if they do, they need to be minimized such that this fear of damage cost by attacker is minimized. So they're not able to move from one part of the network to something else, laterally or escalate their privileges and cause more damage, right? So the impact radius for instance, has to be reduced. And this is done through features like automated detection capabilities and automation, automated mediation capabilities. So some examples are, as part of our end to end boot resilience process we have what we call a system lockdown, right? We can lock down the configuration of the system and lock down the document versions and all changes to the system. And we have capabilities which automatically detect any drift from that lockdown configuration. And we can figure out if the drift was caused to do authorized changes or unauthorized changes. And if it is an unauthorized change can log it, generate security alerts. And we even have capabilities to automatically draw the firmware and roll those versions back to a known good version, and also the configurations, right? And this becomes extremely important because as part of Zero Trust, we need to respond to these things at machine speed, and we cannot do it at a human speed. And having these automated capabilities is a big deal when achieving that Zero Trust strategy. And in addition to this, we also have chassis intrusion detection where if the chassis, the box, the server box is opened up, it logs alerts and you can figure out, even later if there's an AC power cycle, you can go look at the logs to see that the boxes opened up and figure out if there was a, like an known authorized access or some malicious actor opening and changing something in your system. >> Great. Thank you for that. Lot of detail and appreciate that. I want to go somewhere else now because Dell has a renowned supply chain reputation. So what about securing the the supply chain and the server bill of materials? What does Dell specifically do to track the Providence of components it uses in its systems so that when the systems arrive a customer can be a hundred percent certain that that system hasn't been compromised. >> Right? And we talked about how complex the modern supply chain is, right? And that's no different for service. We have hundreds of components on the server and a lot of these require from where in order to be configured and run and these firmware competence could be coming from third party suppliers. So now the complexity that we are dealing with require the end to end approach. And that's where Dell pays a lot of attention into assuring the security of our supply chain. And it starts all the way from sourcing components, right? And then through the design and then even the manufacturing process where we are vetting the personal manufacturers and vetting the factories itself and the factories also have physical controls physical security controls built into them and even shipping, right? We have GPS tagging of packages. So all of this is built to ensure supply chain security but a critical aspect of this is also making sure that the systems which are built in the factories are delivered to the customers without any changes or any tamper. And we have a feature called the secure component verification, which is capable of doing this. What the feature does is when the system gets built in the factory, it generates an inventory of all the components in the system and it creates a cryptographic certificate based on the signatures presented to this by the competence. And this certificate is stored separately and sent to the customers separately from the system itself. So once the customers receive the system at their end they can run out to, it generates an inventory of the competence on the system at their end and then compare it to the golden certificate to make sure nothing was changed. And if any changes are detected we can figure out if there's an authorized change or an unauthorized change. Again authorized changes could be like, you know upgrades to the drives or memory and unauthorized changes could be any sort of tamper. So that's the supply chain aspect of it. And bill of materials is also an important aspect to guaranteeing security, right? And we provide a software bill of materials which is basically a list of ingredients of all the software pieces in the platform. So what it allows our customers to do is quickly take a look at all the different pieces and compare it to the vulnerability database and see if any of the vulnerable pieces which have been discovered out in the wild affect their platforms. So that's a quick way of figuring out if the platform has any known vulnerabilities and it has not been patched. >> Excellent. That's really good. My last question is, I wonder if you could, you know give us the sort of summary from your perspective. What are the key strengths of Dell server portfolio from a security standpoint? I'm really interested in, you know, the uniqueness and the strong suit that Dell brings to the table. >> Right? Yeah. We have talked enough about the complexity of the environment and how Zero Trust is necessary for the modern IT environment, right? And this is integral to Dell PowerEdge service. And as part of that, like, you know security stats with the supply chain, we have already talked about the second component verification which is a unique feature that Dell platforms have. And on top of it we also have a Silicon based platform mode of trust. So this is a key, which is programmed into the Silicon on the black server during manufacturing and can never be changed after. And this immutable key is what forms the anchor for creating the chain of trust. That is used to verify everything in the platform from the hardware and software integrity to the boot, all pieces of it. Right? In addition to that, we also have a host of data protection features, whether it is protecting data across in news or inflight, we have self encrypting drives which provides scalable and flexible encryption options. And this coupled with external key management provides really good protection for your data address. External key management is important because, you know somebody could physically steal the server, walk away but then the keys are not stored on the server. It's stored separately. So that provides your action layer security. And we also have dual layer encryption where we can compliment the hardware encryption on the secure encrypted drives with software encryption. In addition to this, we have identity and access management features like multifactor authentication, single sign on roles, scope, and time based access controls. All of which are critical to enable that granular control and checks for Zero Trust approach. So I would say like, you know, if you look at the Dell feature set, it's pretty comprehensive. And we also have the flexibility built in to meet the needs of all customers, no matter where they fall in the spectrum of, you know risk tolerance and security sensitivity. And we also have the capabilities to meet all the regulatory requirements and compliance requirements. So in a nutshell, I would say that, you know Dell PowerEdge service is cyber resilient infrastructure helps accelerate Zero Trust option for customers. >> Got it. So you've really thought this through, all the various things that you would do to sort of make sure that your server infrastructure is secure, not compromised, that your supply chain is secure, so that your customers can focus on some of the other things that they have to worry about, which are numerous. Thanks, Deepak, appreciate you coming on "The Cube" and participating in the program. >> Thank you for having me. >> You're welcome. In a moment, I'll be back to dig into the networking portion of the infrastructure. Stay with us for more coverage of a blueprint for trusted infrastructure and collaboration with Dell technologies on "The Cube". Your leader in enterprise and emerging tech coverage. (outro music)