Dell Storage NX3330, Precision 7920 Rack, PowerVault NX3200, EMC Secured Component Verification User Manual

Dell EMC Secured Component Verification Reference Guide for Servers
10 202 0 Rev . A 00
Notes, cautions, and warnings
NOTE: A NOTE indicates important information that helps you make better use of your product.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid
the problem.
© 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EM C, and other trademarks are trademarks of Dell Inc. or its subsidiaries. Oth er trademarks may be trademarks of their respective owners.
Contents
Chapter 1: Overview...................................................................................................................... 4
Secured Component Verification..................................................................................................................................... 4
System Requirements.........................................................................................................................................................4
Chapter 2: Secured Component Verification on WinPE.................................................................. 6
Creating an ISO image to run SCV using WinPE......................................................................................................... 6
Adding SCV to Custom ISO Image.................................................................................................................................. 7
Adding RACADM to an ISO image................................................................................................................................... 7
Running SCV on WinPE......................................................................................................................................................8
How to check SCV logs using WinPE............................................................................................................................. 9
Chapter 3: Secured Component Verification on Linux.................................................................. 10
Running SCV on Linux...................................................................................................................................................... 10
How to check SCV logs using Linux.............................................................................................................................. 12
Chapter 4: Getting help............................................................................................................... 13
Contacting Dell EMC.........................................................................................................................................................13
Support documents and resources................................................................................................................................13
Documentation feedback................................................................................................................................................. 13
Contents 3

Overview

This section provides an overview about Secured Component Verification (SCV) and the system requirements for running the application on the system.
Topics:
Secured Component Verification
System Requirements

Secured Component Verification

Secured Component Verification (SCV) is a supply chain assurance offering that enables you to verify that the PowerEdge server you have received matches what was manufactured in the factory. In order to validate components in a certificate containing the unique system component IDs is generated during factory assembly process. This certificate is signed in the Dell factory and is stored in iDRAC9, later used by the SCV application. The SCV application validates the system inventory against the SCV certificate.
The application generates a validation report detailing the inventory match and mismatches against the SCV certificate. It also verifies the certificate and Chain of Trust along with the Proof of Possession of the SCV Private key for iDRAC9. Current implementation supports direct ship customers and does not include VAR or Part Replacement scenarios.
Secure Component Verification (SCV) Application performs the following functions:
Downloads the SCV Certificate that is stored in iDRAC via RACADM and verifies the SCV certificate and issuer.
Validates the SCV private key that is paired to the SCV public key in SCV certificate.
Collects the current inventory of the system including the TPM EK Certificate Serial Number.
Compares current system inventory against the inventory in the SCV certificate, including TPM EK Serial.
Any swapping or removal of the components that are captured in the certificate will be identified as a "Mismatch".
1
NOTE:
SCV validates the virtual network ports as well. In systems with NPAR/NPAReP cards, run the SCV application
before enabling them.
NOTE: Ensure that the TPM is enabled before running the SCV application.
NOTE: SCV does not support InfiniBand and Fibre Channel (FC).
NOTE: SCV application must be run before mapping any storage devices to the system.
NOTE: FlexAddress should be disabled in modular systems, before running the SCV application.
NOTE: If internal and iDRAC USB ports are disabled, the SCV validation will fail.
NOTE: Ensure that any drive which is removed from the system registers in iDRAC or any other iDRAC interface, before
running the SCV validation, or it will report incorrect data in the SCV output.

System Requirements

Category
Supported Operating Systems WinPE 10.x and Red Hat Enterprise Linux 7.x
iDRAC Tools version iDRAC Tools 9.5.1 and above.
Requirement
4 Overview
Loading...
+ 9 hidden pages