11 Replies Latest reply on Feb 16, 2017 12:25 AM by FerumMan

    Autoreboot with whole drive encrypting (servers like)

    FerumMan

      Hello!

      It seems that Intel have some mans with brains so I hope you can help me a little...

      I need to make one small server (based on standard but robust PC components Intel G45 + Q9550S) whole encrypted and with auto-reboot possibility without admin present each time. The purpose for encryption is to secure server data from direct access by unscrupulous datacenter stuff: by copying whole HDD, or just stealing 1 of 2 HDD from RAID, etc. And don't tell me about "case access alert" etc - this information will not help to protect stolen data.

      What possibilities I already examine:

      A) HDD password does not encrypt data at HDD, so if someone stole HDD its possible to open data by: removing password protection, change HDD controller to similar, etc.

      B) Windows BitLocker with default settings have 2 huge security problems: a) all system is encrypts with keys that stored at unsecure area of the same HDD (yes, BL have many levels etc, but nevertheless its unsecure); b) data stored at user private area encrypts better and keys are hidden, but its impossible to access encrypted users data (like database or web server) without entering a password manually, so auto-reboot will not work. So at default settings BitLocker is useless.

      C) TC/DC/BC/PGP/etc whole disk encryption have no security issue but they required a manually entered password at boot time - so admin must be there and enter password via keyboard.

      D) PXE boot with DC have problem because DC loader with keys transfers via internet without encryption - it is a total security hole.

      E) iPXE boot with DC already have TLS/HTTPS connection, but still require not encrypted boot image with DC keys that must always lie opened via internet and awaiting for server reboots - that is too a huge security problem because that host with boot-image can be broken by some hackers methods via internet.

      F) iLO/RILOE/IP-KVM is a standalone old hardware versions of new Intel AMT-KVM technology and cost too high money for they primitive possibilities, also no one knows does they secure or not?!

      G) Intel AMT with KVM-VNC gives possibility to enter password at boot time for whole disk encryption made by TC/DC/BC/PGP/etc via secure TLS/HTTPS protocol, but it still needs admin for password entering, so auto-reboot does not work.

      H) So it seems that only automated and secure method is to use TPM soldered on MB (TPM added via TPM-connector also can be stolen or fastly copied). TPM can be used with BitLocker so encryption keys will lie inside soldered on motherboard TPM - that is secure enough (not many can crack TPM and extract keys from it).

      So here is my questions:

      1. Does anyone can add something to my list? Another methods? Problems resolves?

      2. What method of server encryption do you use and recommend?

      3. What method you can suggest to owners of motherboards without soldered TPM, without TPM-connectors, without Intel AMT-KVM? (as I have)