The four elements of a Zero Trust compute strategy


The complexity of today’s cyberattacks, expansive attack vectors, and constant threats can often paralyze even the nimblest enterprises. Zero Trust helps simplify your approach to security, to make managing your environment easier.


Essentially, the Zero Trust security model replaces faith in the integrity of secure network perimeters (such as private networks, firewalls, and VPN/VPC) with that of the individual software systems which are managing critical data.


VLCM Platinum Partner, Hewlett Packard Enterprise has recognized that, for customers and partners to be able to deliver a robust and agile Zero Trust security solution for their most critical data systems, trust must be built into everything they use—from the silicon that runs the software to the software itself.


“Zero Trust is not about implementing one or another security or networking technology,” says Simon Leech, Senior Advisor for the Worldwide Security and Risk Management Practice at HPE, “It’s a completely new approach to the way you do security architecture.”


Zero trust in compute

The compute layer of security is critical to enable Zero Trust architecture across every other layer of your data ecosystem. There are four elements of HPE’s Zero Trust compute strategy that work together to fortify your environment:


  1. Platform certificates detect any tampering and verify that your system is completely unmodified between manufacturing and delivery.
  2. IDevID is a cryptographic identity that provides secure, zero-touch onboarding without human intervention, enabling automatic provisioning and access management for integrated applications.
  3. HPE iLO simplifies server setup, health monitoring, power and thermal optimization, and remote server administration, offering administrators a reliable way to integrate HPE servers into existing security environments.
  4. A trusted supply chain brings together security, processes, and people to deliver protection for your most sensitive applications and data even before your server is built. Only HPE Trusted Supply Chain provides a new first line of defense against cyberattackers with select servers built to the world’s toughest security standards in secured facilities.


Deep security regardless of industry or business size

Only HPE Gen10 Plus servers can provide enterprises, government entities, or small to-medium businesses with the highest levels of protection against firmware attacks, and the HPE Gen10 Plus product line offers a zero-trust enabled architecture that starts in the supply chain and extends a cryptographically attested with an immutable chain of trust to the silicon and beyond—regardless of the server line you purchase. 

For enterprise and government agencies, there are HPE ProLiant rackmount servers, HPE Synergy compute modules, and HPE Apollo Systems high-density and high-performance computing (HPC) servers. For smaller businesses and remote branch offices, the HPE ProLiant ML series tower servers offer the same Silicon root of trust from HPE as the more powerful servers. 


In close

Recently, attacks to data and systems are steadily increasing, in number and complexity, shifting from network perimeter, software, and applications to the physical platform itself. Yet, network firewalls, antivirus scanning, and even security monitoring tools are lacking, because they fail to detect firmware tampering. 

While these threats are constantly evolving, HPE remains the only manufacturer of industry-standard servers with security two generations ahead of the competition. Building this trust starts with an uncompromised and trusted supply chain, acting as the first line of defense and ensuring security before your infrastructure arrives.

During the life of your HPE Gen10 Plus Servers—equipped with a server-specific digital fingerprint and automated security including early detection and recovery— over 4 million lines of firmware will be protected from malware, malicious code, and ransomware. And when it’s time to retire or repurpose old infrastructure, you’re protected too: The safeguarded removal of passwords, configuration settings, and data is simple. 

HPE’s commitment to increasing security across all three critical pillars of the environment—protect, detect, and recover—provides confidence from the firmware up. 

Need assistance with security? VLCM’s cybersecurity architects are here to help you be more cyber secure. See how at or learn more about HPE’s 360 degree security at