Abstract: In one or more embodiments, one or more systems, method, and/or processes may receive processor instructions via an out-of-band system of an information handling system (IHS) and store the processor instructions via a storage device. For example, the processor instructions may be stored via a hidden partition of the storage device. While the out-of-band system receives the processor instructions, one or more of the IHS and a processor of the IHS may be in a low-power state. For example, the processor may not execute any instructions in the low-power state. While the out-of-band system receives the processor instructions, one or more of the IHS, an operating system of the IHS, and IHS firmware of the IHS may be impaired or inoperable, and the processor instructions may provide one or more remedies and/or repairs. In one or more embodiments, the IHS may be booted after the processor instructions are stored.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may receive, independently of a processor of the information handling system (IHS), first credential management information and may modify, independently of the processor and based on the first credential management information, credential information stored via a secure object store of the IHS. For example, modifying the credential information may include modifying the credential information such that the IHS denies access to at least a portion of the IHS based on the credential information. In one instance, denying access to at least the portion of the IHS may include disabling at least one of password, biometric information associated with a user, and an encryption key. In another instance, denying access to at least the portion of the IHS may include remapping, independently of the processor, at least one human interface device.

Abstract: Information handling systems interacting through a network, such as gaming between distal locations, remotely control ambience lighting of rooms in which the games are presented to enhance the interactive experience. An Internet of Things environmental lighting control system accessed by a remote information handling system adjusts illumination responsive to settings communicated from the remote information handling system.

Abstract: Plural Internet of Things (IoT) gateways detect, secure against and remediate malicious code with an autonomous communication of tokens between the IoT gateways on a time schedule. Detection of an invalid token or a token communication outside of a scheduled time indicates that malicious code may have interfered with token generation or communication. Once malicious code is verified on an IoT gateway, the failed gateway is remediated to an operational state, such as with a re-imaging by another IoT gateway through an in band communication or a re-imaging by a server information handling system through an out of band communication.

Abstract: Systems and methods are provided for recording and validating modifications to a secured container. Modifications to the secured container by trusted parties are logged. The log may be maintained in a secured memory of an IHS (Information Handling System) and may be periodically validated. Each logged modification specifies a timestamp of the modification and the digital watermark assigned to the trusted party making the modification. Upon completing modifications, the secured container is sealed by imprinting the first digital watermark and the first timestamp at locations in the secured container specified by a watermarking algorithm assigned to the trusted party making the modification. Additional modifications may be serially watermarked on the secured container according the watermarking algorithm of the trusted party making each modification. The secured container is unsealed by re-applying each of the watermarking algorithms in reverse order.

Abstract: A secured container provides access to enterprise data while isolated from the operating system of an Information Handling System (IHS). The secured container remains secured during its delivery and deployment. A secured container is configured to provide a user of the IHS with access to enterprise data. The secured container is encrypted using a symmetrical key that is transmitted to a secured storage that is isolated from the operating system of the IHS via out-of-band communications. The encrypted secured container is digitally signed using an asymmetric key pair. The digital signature and the encrypted secured container are transmitted to the IHS via in-band communications. At the IHS, the public key of the asymmetric key pair is used to validate the digital signature and the private symmetric key is retrieved from secured storage to decrypt the secured container. Additional embodiments provide a technique for securely migrating a secured container between IHSs.

Abstract: A secured virtual environment provides access to enterprise data and may be configured remotely while isolated from the operating system of an Information Handling System (IHS). In secured booting of the IHS, references signatures are received via an out-of-band connection to the IHS. The reference signatures specify reference states for components of the IHS. Prior to launching a secured virtual environment, a trusted resource of the IHS, such as embedded controller isolated from the operating system, is queried for updated signatures specifying operating states of the component. The integrity of the IHS is validated based on comparisons of the respective reference signatures and updated signatures. If the integrity of the IHS is validated, a secured virtual environment is configured such that particular user may access the enterprise data according to applicable policies that may be periodically revalidated. The secured virtual environment may then be launched on the IHS.

Abstract: Embodiments provide access to enterprise data via a secured virtual environment hosted on an Information Handling System (IHS), with the integrity of the IHS validated prior to launching the virtual environment. The integrity of the IHS may also be continuously validated during operation of the launched virtual environment. Policies for accessing the enterprise data are stored in a secured memory that is isolated from the operating system of the IHS. A virtual environment is configured, according to the policies, with resources for a particular user to access the enterprise data. If the integrity of the IHS is validated by a trusted resource on the IHS, the virtual environment is launched. During operation of the virtual environment, the trusted resource periodically confirms the integrity of the IHS. If the integrity of the IHS is not verified or policy changes are identified, access to the secured workspace may be revoked.

Abstract: Plural Internet of Things (IoT) gateways detect, secure against and remediate malicious code with an autonomous communication of tokens between the IoT gateways on a time schedule. Detection of an invalid token or a token communication outside of a scheduled time indicates that malicious code may have interfered with token generation or communication. Verification of a token communication to an IoT gateway that failed in turn to pass the token to another IoT gateway indicates that the IoT gateway is a threat that may include malicious code.

Abstract: Plural Internet of Things (IoT) gateways detect, secure against and remediate malicious code with an autonomous communication of tokens between the IoT gateways on a time schedule. Detection of an invalid token or a token communication outside of a scheduled time indicates that malicious code may have interfered with token generation or communication. Once malicious code is verified on an IoT gateway, the failed gateway is quarantined from the passing of the token and functions of the failed IoT gateway are assigned to other IoT gateways.

Abstract: Systems and methods for continued runtime authentication of Information Handling System (IHS) applications. In an illustrative, non-limiting embodiment, an IHS may include one or more processors and a memory coupled to the one or more processors, the memory including program instructions stored thereon that, upon execution by the one or more processors, cause the IHS to: receive a command to execute an application; initially verify a plurality of tokens, where a first token is provided by the application, a second token is provided by an application manager, and a third token is provided by a hardware component within the IHS; and execute the application in response the initial verification being successful.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may create a task configured to configure an out-of-band system of an unconfigured information handling system and discover configured information handling systems and unconfigured information handling systems that include respective out-of-band systems operable to perform the task independently of respective main processors. The one or more systems, methods, and/or processes may provide, via a network, the task to the respective out-of-band systems of the unconfigured information handling systems. In one or more embodiments, the one or more systems, methods, and/or processes may create another task configured to unconfigure the out-of-band system that was configured via the task configured to configure the out-of-band systems and may provide, via the network, the other task to at least one information handling system that was provided the task configured to configure the out-of-band system.

Abstract: Systems and methods for agentless remediation and recovery. In an illustrative, non-limiting embodiment, an Information Handling System (IHS) may include a Central Processing Unit (CPU); a Basic Input/Output System (BIOS) coupled to the CPU; a logic controller coupled to the CPU; and a memory coupled to the logic controller, the memory having program instructions stored thereon that, upon execution by the logic controller, cause the IHS to: during a first stage, check an operational state of a plurality of hardware components within the IHS in the absence of any involvement by the CPU or the BIOS; and during a second stage following the first stage, identify a failed hardware component amongst the plurality of hardware components in the absence of any involvement by the CPU or the BIOS.

Abstract: In one aspect a disclosed method may include determining, by an information handling system, a future predicted system time that an unattended task is to be executed on the information handling system. The future predicted system time is based at least in part on first usage parameters for a user indicating first periods of usage activity, second periods of inactivity associated with the information handling system recorded during a first duration, and critical system parameters relevant to the present state of the information handling system. The method may also include ensuring that system resources of the information handling system are available for the unattended task to be able to complete. In response to the arrival of the future predicted system time, the unattended task is executed.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may create a task configured to configure an out-of-band system of an unconfigured information handling system and discover configured information handling systems and unconfigured information handling systems that include respective out-of-band systems operable to perform the task independently of respective main processors. The one or more systems, methods, and/or processes may provide, via a network, the task to the respective out-of-band systems of the unconfigured information handling systems. In one or more embodiments, the one or more systems, methods, and/or processes may create another task configured to unconfigure the out-of-band system that was configured via the task configured to configure the out-of-band systems and may provide, via the network, the other task to at least one information handling system that was provided the task configured to configure the out-of-band system.

Abstract: Systems and methods for agentless remediation and recovery. In an illustrative, non-limiting embodiment, an Information Handling System (IHS) may include a Central Processing Unit (CPU); a Basic Input/Output System (BIOS) coupled to the CPU; a logic controller coupled to the CPU; and a memory coupled to the logic controller, the memory having program instructions stored thereon that, upon execution by the logic controller, cause the IHS to: during a first stage, check an operational state of a plurality of hardware components within the IHS in the absence of any involvement by the CPU or the BIOS; and during a second stage following the first stage, identify a failed hardware component amongst the plurality of hardware components in the absence of any involvement by the CPU or the BIOS.

Abstract: In one or more embodiments, one or more systems, method, and/or processes may receive processor instructions via an out-of-band system of an information handling system (IHS) and store the processor instructions via a storage device. For example, the processor instructions may be stored via a hidden partition of the storage device. While the out-of-band system receives the processor instructions, one or more of the IHS and a processor of the IHS may be in a low-power state. For example, the processor may not execute any instructions in the low-power state. While the out-of-band system receives the processor instructions, one or more of the IHS, an operating system of the IHS, and IHS firmware of the IHS may be impaired or inoperable, and the processor instructions may provide one or more remedies and/or repairs. In one or more embodiments, the IHS may be booted after the processor instructions are stored.

Abstract: In one or more embodiments, one or more systems, methods, and/or processes may receive, independently of a processor of the information handling system (IHS), first credential management information and may modify, independently of the processor and based on the first credential management information, credential information stored via a secure object store of the IHS. For example, modifying the credential information may include modifying the credential information such that the IHS denies access to at least a portion of the IHS based on the credential information. In one instance, denying access to at least the portion of the IHS may include disabling at least one of password, biometric information associated with a user, and an encryption key. In another instance, denying access to at least the portion of the IHS may include remapping, independently of the processor, at least one human interface device.

Abstract: In one or more embodiments, one or more systems, method, and/or processes may receive an event from an operating system and provide the event to a management controller configured to perform out-of-band tasks. The management controller may provide information based on the event to at least one subscriber. In one example, the information may include a status of an information handling system (e.g., an impairment, a hardware failure, a progress of an update, etc.). In another example, the management controller may provide information utilizing a protocol that provides a measure of reliability. For instance, the protocol may include a transmission control protocol. In one or more embodiments, the protocol may include one or more of a hypertext transfer protocol (HTTP) and a HTTP secure (HTTPS).

Abstract: Systems and methods for agentless remediation and recovery. In an illustrative, non-limiting embodiment, an Information Handling System (IHS) may include a Central Processing Unit (CPU); a Basic Input/Output System (BIOS) coupled to the CPU; a logic controller coupled to the CPU; and a memory coupled to the logic controller, the memory having program instructions stored thereon that, upon execution by the logic controller, cause the IHS to: during a first stage, check an operational state of a plurality of hardware components within the IHS in the absence of any involvement by the CPU or the BIOS; and during a second stage following the first stage, identify a failed hardware component amongst the plurality of hardware components in the absence of any involvement by the CPU or the BIOS.