Trusted by Design: Compute and Storage for an Untrusting World
Each Eagle-X server is purpose built for NIST compliance and incorporates the functions of the Confidentiality, Integrity, and Availability (CIA) triad within the hardware.
Eagle-X servers are designed, manufactured, assembled, and tested (DMAT) in the USA and are built with a tightly coupled triad of hardware silicon increasing system trust level by providing:
1. An immutable root so unique that it exceeds that of a fingerprint which anchors vital security features including memory encryption, secure boot, storage encryption, provisioning/reprovisioning, chain of custody, hardware attestation, certificate/key generation, and protection/validation of the BIOS and BMC firmware prior to authorizing management or the boot process.
2. Attestable integrity of the firmware and software running on the system during runtime. This also enables chain of custody tracking and ownership transfers.
3. Quantum ready entropy source (QRNG) which increases the security level and provides highly unique certificates and keys for all previously mentioned functions as well as secure communications TLS/VPN/IPSEC tunnels based on legacy (Diffie Hellman, AES) and enables the proper use of advanced quantum resistant algorithms (Crystals.Kyber, Kyber).
Eagle-X servers are inherently protected against zero-day attacks on or from the firmware, corrupted operating systems, and side-channel attacks against memory and storage. These protections are derived from the silicon-triad and optionally configured secure processor technology.
Eagle-X servers contain a quantum ready entropy source that is NIST 800-90A/B/C compliant providing multi-megabits per second of entropic data enabling the highest security level possible for each certificate/key generated for functions such as memory encryption, storage encryption, virtualization encryption, and communications encryption within each server.
Eagle-X servers may be configured to utilize automated technology to recover from security events including firmware and/or operating system corruption or compromise. Once detected this embedded automation can be used to recover validated firmware then optionally sustain the original workload, including operating systems, applications, and data, which restores access for sensors, users, and operators in minimal time.