What is HPE iLo?
HPE iLO is a new feature that is rolling out with all gen 10 HPE servers. ILO stands for integrated light outs. ILO is a better way to protect and maintain your servers. HPE iLO is a HPE security chip that protects your server firmware from cyber-attacks. The iLO 5 chip has a preset fingerprint of your server’s firmware and checks your firmware before startup to make sure that it has not been compromised. Now let us jump into how it protects your servers and what this fingerprint is.
How does HPE iLo work?
First, let us look at the iLo chip. What does this chip exactly do? Well, this chip is the first of a 6-step process intended to protect your servers. The silicon chip contains a fingerprint or a copy of what the server iLo firmware is supposed to look like. The first thing that happens before your server starts up is this chip does a comparison from your server firmware and this fingerprint. If they match the process continues if it does not it replaces the firmware with a verified version of your firmware. You might wonder how this the chip performs this comparison?
Well, This chip does a bit comparison to check that every line of code in the firmware matches the fingerprint. The way this bit comparison works is it takes both lines in binary and compares them with a third-string of binary numbers. If both of those lines produce the same answer from that comparison, then they are the same. Any differences between the firmware and the fingerprint means that the firmware has been tampered with. This prevents hackers from inserting code telling the program to jump somewhere else and start running the malicious code. Now we have our first step what is next?
What does the iLo firmware do?
Next, with the iLo firmware verified it checks the server platform services, Innovation Engine, System programmable logic devices, UEFI BIOS. These checks are done by your verified iLO firmware which is the base for the whole secure start base of your server. These checks and comparisons are done by your firmware which is pulling its verified version of this software from Non-volatile flash storage. This Non-volatile flash storage is just a fancy way of saying that it is a memory that you can only read from. If any of these checks fail your server will not startup and will replace the fail software with a version from the Non-volatile flash storage. We Now have the secure start base that ensures your server is protected. This base allows you to Protect, Detect, and Recover.
iLo comes with some extra features that help improve protection and usability. The first of these features is HPE’s Agentless management, which runs independently of the OS and main CPU. This offers a robust server monitoring without the complexity of other OS-based agents. Also because this monitoring service runs on the iLo processor it starts working the moment that you connect the power. Next, is HPE Active health system proactively monitors the health of your servers. This also gives you take action to repair damages of affected sections of your servers and is easily accessible through a web-based portal. The last is Remote support and access to your servers, this gives you access and support 24×7.
What is HPE iLo advanced?
Unlock further functionality of HPE iLO with iLO advanced a paid license. These include fully-integrated remote consoles, virtual keyboard, video and mouse KVM, multi-user collaboration, console record and replay, an GUI-based and script virtual media. The advanced license allows your IT managers to perform system admin tasks without having to physically visit your servers. For more information on HPE iLO advanced click here.
Interested in any gen10 HPE server or any HPE server? Feel free to contact us. You can contact us by using the form found below or by emailing us at firstname.lastname@example.org and find out about the Powerland difference. We will gladly get you in contact with one of our friendly and knowledgeable representatives.