Enterprise giant HPE's new zero-trust offering will make its debut later this year with the GreenLake hybrid cloud platform
HPE has announced a plan to integrate zero-trust security setups into its GreenLake and Ezmeral offerings. Known as Project Aurora, the new system will allow companies to add zero-trust security protections that will apply across everything GreenLake manages, ranging from edge compute servers in branch offices to public cloud instances.
The zero-trust setup will allow companies to verify that each of its servers have not been compromised by checking hardware and firmware signatures and making sure a single device has not been modified.
According to HPE, the main aim of Project Aurora is to prevent a single compromised server at the edge of the network from acting as the springboard for lateral movement across an entire enterprise network.
To do this, Gary Campbell, HPE vice president and CTO for security, said the company is going to be relying on a hardware-layer root of trust that can be verified and used to establish a chain of trust.
"This involves an anchor for the boot process rooted in hardware that cannot be updated or modified in any way. We combine this foundation with a cryptographically secured signature, there are no easily accessible gaps for hackers to exploit," Campbell explained in a blog post. "If a hacker inserts a virus or compromised code into the server firmware, the configuration of the firmware is changed, creating a mismatch to the digital fingerprint embedded in the silicon."
HPE said that Project Aurora will make its debut by the end of the year in GreenLake, GreenLake Lighthouse and Ezmeral platforms.
Zero trust saw a surge in interest and demand last year as many organizations shifted to remote work during the COVID-19 pandemic. Instead of relying on VPNs to provide secure connections for employees working from home, enterprises and government agencies are moving to zero-trust offerings that replaced traditional username and password logins with more specific authentication requirements for both users and devices.
While HPE has not traditionally been associated with enterprise security offerings, let alone zero-trust architectures, some analysts believe that the enterprise tech giant is one of the few vendors with a wide enough reach and deep enough resources to develop and bring to market a zero-trust system that can operate across its entire stack.
"All the big shops are trying to get a bigger sense of what zero trust means to them," Enterprise Management Associates research director Chris Steffen told SearchSecurity. "It is the shops like IBM and HPE that have an advantage because they don't have a point solution, they have solutions throughout the stack."
That does not, however, mean that getting zero trust up and running will be without its challenges for HPE.
John Grady, senior analyst at Enterprise Security Group, a division of TechTarget, said that convincing customers HPE can be that one-stop shop might be an uphill battle initially.
"The two things working against HPE are the fact that they're not perceived as a security brand and the fact that this is limited to GreenLake Lighthouse," said Grady.
"Our research has found that two of the most important attributes for technologies supporting zero trust are coverage across cloud and on-premises environments, and coverage for legacy applications and systems -- basically, consistency across all parts of the enterprise. Similarly, integrations are typically cited as critical as well in recognition that there is no single provider that can offer an end-to-end zero-trust platform."