Review: HPE's ProLiant DL380 Gen10 Server Lets Feds Handle Any Computing Task

The Gen series of servers from Hewlett Packard Enterprise has always been focused on performance and scalability, in addition to reliability within demanding enterprise environments. While the previous generation of HPE Gen servers hit those marks, it has been almost completely surpassed by the new features and design advantages of the Gen10 servers.

The HPE ProLiant DL380 Gen10 server is a perfect ambassador for this new generation, starting with powerful features that should satisfy the requirements of nearly any federal IT environment. The bulk of the 2U rack-mountable server comprises three central bays. Onboard controllers are ready to handle multiple configurations as diverse as 30 small form-factor drives, eight SFF drives combined with a universal media bay and a Non-Volatile Memory Express module, or 12 large-format drives with four LFF midplane modules.

With so many options, the innovative ProLiant can serve files, become part of a cloud, anchor the core of a virtual machine network, house database apps, participate in Big Data functions or handle numerous other operations. It also provides agency IT departments with the option to buy a base unit and fill up drives or bays as needed — leaving plenty of room for future expansion or pay-as-you-go planning.

For performance, the unit tested had an Intel Xeon Processor with 10 cores (other ProLiant models offer up to 28). Not only that, but the server has slots available for as many as three of the powerful new double-wide graphics processing units, or five standard ones. This feature makes the ProLiant DL380 Gen10 able to contribute to supercomputer-type applications that rely heavily on GPU acceleration.

Redundancy and load-sharing are also built in to the ProLiant Gen10. It has two completely redundant power supplies and four Gigabit Ethernet ports per controller.

Working independently or as part of an array of Gen10 HPE units, the ProLiant DL380 can be configured to handle nearly any task within enterprise computing.

Embedded Security Foils Advanced Cyberattacks

One of the most innovative features of the HPE ProLiant DL380 Gen10 server may never be noticed, because it’s built in to firmware deep inside the unit.

HPE has set up a series of validation checks that occur between the various system components and the firmware each time the system is powered up. Similar to Trusted Platform Module chips on newer personal devices, this setup allows the server to test and verify that no modifications were made to the components or anything in the bootup code. In fact, with the DL380, millions of lines of firmware code run before the operating system even activates.

Because servers are rarely rebooted, HPE makes this protection ongoing while the DL380 is active. Specifically, Run-Time Firmware Validation, enabled by HPE iLO Advanced Premium Security Edition, which can be optionally installed on ProLiant servers, runs the bootup checks every 24 hours.

HPE calls this level of protection a Silicon Root of Trust because the security is hardwired into the motherboard. This makes it virtually hack-proof against threats such as rootkits, especially when combined with intrusion detection devices that can lock the system down if someone tries to fiddle with internal components.

Tossing advanced malware, which normally would alter boot-level instructions, at the DL380 did almost nothing. As soon as the daily security sweep occurred, the compromised code was easily detected because it didn’t match the firmware-based instructions. That triggered the Secure Recovery module, which rolled all server firmware code back to factory defaults.

Silicon Root of Trust won’t make a server unhackable; programs and applications running on the server can still be compromised. But it will prevent the server itself from being taken over, either through code injection or installation of noncompliant or compromised components. Knowing that your baseline is always secure is a huge advantage and a nice platform on which to build robust cybersecurity.