Hewlett Packard Enterprise becomes the only major server manufacturer to ship the world’s most secure industry-standard servers with U.S. Country of Origin
OCTOBER 1, 2020 • PRESS RELEASE
IN THIS ARTICLE
- The HPE Trusted Supply Chain further expands and secures HPE’s supply chain offerings to reduce sourcing risk and ensure customers receive verifiable cyber assurance
- New supply chain initiative advances protection by including additional hardened security features and assigned U.S. HPE employees to products during manufacturing process
New HPE Trusted Supply Chain initiative launched today to expand HPE’s supply chain offerings and advance end-to-end security in servers that feature hardened data protection during manufacturing process
Hewlett Packard Enterprise (HPE) today announced it is delivering the highest level of security1 for a growing number of U.S. federal and public sector customers that prefer U.S. sourced products with verifiable cyber assurance by expanding and further securing its supply chain. HPE is the only major server manufacturer to produce industry-standard servers with U.S. Country of Origin.2 The new servers include advanced security features that are built by vetted HPE employees in highly secure U.S. facilities as part of the HPE Trusted Supply Chain initiative launched today.
The new HPE ProLiant DL380T server is shipping today to U.S. customers as the first industry-standard server to be produced through the HPE Trusted Supply Chain process, which HPE plans to expand to the rest of its portfolio in 2021.
Available now: HPE ProLiant DL380T server produced through the HPE Trusted Supply
HPE Expands Industry-leading Security Capabilities from the Edge-to-Cloud
HPE is the world’s leading supplier for trusted computing by being the first vendor to embed silicon-based security into its industry-standard servers. Its exclusive silicon root of trust technology runs in over two million servers globally today and has formed the foundation for HPE’s vision for securing the enterprise to deliver experiences from the edge-to-cloud, platform as-a-service.
HPE also delivers the industry’s most advanced, embedded network security with Aruba’s high-performing, highly reliable and secure wired and wireless network infrastructure solutions. Additionally, HPE’s recent acquisition of Scytale further extends zero trust capabilities by standardizing and accelerating service authentication across cloud, container, and on-premises infrastructures.
“Customers turn to HPE to accelerate innovation and power any application need while gaining data protection throughout the lifecycle,” said John Grosso, vice president of Global Operations Engineering, Supply Chain, at HPE. “With the new HPE Trusted Supply Chain, we are furthering our commitment to deliver the highest level of security in all of our server products by diversifying our supply base with U.S. sourcing and applying stronger security at the factory floor. We are ensuring that our customers will have full visibility and cyber assurance of their servers to focus resources on deploying their new solutions and optimizing their IT experience.”
Responding to Customer Demand for U.S. Sourced and Secure Servers
The HPE Trusted Supply Chain is another step forward in HPE’s ongoing mission to provide customers with the highest level of cyber assurance to ensure they receive verifiably authentic and uncompromised products and solutions by further strengthening security from the time servers are manufactured to prevent tampering or compromised products.
The HPE Trusted Supply Chain supports U.S. customers across federal, public sector, banking and financial services, and healthcare organizations that require highly secure products sourced in the U.S. It also addresses customer demands for an additional supply base to increase resiliency and identify and reduce risk in the midst of COVID-19 that has impacted supply chains globally.
New HPE servers that are part of the HPE Trusted Supply Chain will offer the most comprehensive, end-to-end data protection by featuring a pre-installed layer of hardened security before the server is shipped to the customer.
Extending End-to-End Security for Entire Product Lifecycle
HPE further extends its security capabilities in a server from distribution and shipping, through its complete lifecycle while it is still active. The new features are built on top of the HPE-exclusive, silicon root of trust security technology, which has been recognized for the ability to reduce risk by insurers in the new Cyber Catalyst program from Marsh Insurance. Hardened security features activated during the manufacturing process will offer the following benefits:
- Prevent booting of any compromised operating system (OS) by using new hardening to connect the server firmware security to the operating system by activating the UEFI secure boot
- Reduce attack surface by placing servers in high security mode to verify user authenticity, ensuring that more than four million lines of firmware code is valid and uncompromised
- Prevent tampering of server firmware and hardware using server configuration lock to verify unauthorized addition of options (NICS, drives) or malicious activity by capturing the inventory or a “picture” of the server, its hardware and firmware at the factory to provide protection throughout the supply chain process
- Alert customers with embedded alarm and physical lock if the server has been opened during the supply chain process when an intrusion detection latch, inserted on the server chassis, registers unauthorized opening even if the power is off
Securing the Human Factor
HPE will also assign its employees, with verified background and security checks, to build products produced through the HPE Trusted Supply Chain that adheres to the strictest sourcing, inspection and traceability standards.
In 2021, HPE plans to expand production through the HPE Trusted Supply Chain to include its other servers and systems. Customers from select countries can purchase products delivered through HPE Trusted Supply Chain in 2021.
All new HPE servers produced through the HPE Trusted Supply Chain will be offered as-a-Service through HPE GreenLake for a highly secure cloud experience.
HPE GreenLake offers customers with subscription-based, agile and elastic capabilities while keeping their data on-premises for security, data sovereignty, compliance, visibility, and cost controls.
Expanding the HPE Trusted Supply Chain to other Country-of-Origins
HPE will make additional country of origin choices available for European customers in 2021.
- Blog: HPE extends supply chain security with HPE Trusted Supply Chain initiative
- Blog: HPE and Ponemon Institute Survey Highlights Cybersecurity Best Practices for Edge to Cloud Transformation and infographic
- Tune in for a virtual discussion on cybersecurity on October 20: “The Element of Protection” will feature guest speakers from the Defense Information Systems Agency (DISA), Texas Children’s Hospital and more. Save the date here
About Hewlett Packard Enterprise
Hewlett Packard Enterprise is the global edge-to-cloud platform-as-a-service company that helps organizations accelerate outcomes by unlocking value from all of their data, everywhere. Built on decades of reimagining the future and innovating to advance the way we live and work, HPE delivers unique, open and intelligent technology solutions, with a consistent experience across all clouds and edges, to help customers develop new business models, engage in new ways, and increase operational performance. For more information, visit: www.hpe.com.
1 Based on source from Infusion Points: HPE provides the world’s most secure industry-standard servers with its exclusive silicon root of trust.
2 Based on source from Infusion Points: https://www.infusionpoints.com/blogs/how-hpe-leading-supply-chain-security