Abstract: Systems and methods are provided for vulnerability proofing updates to an IHS (Information Handling System). An update system receives a notification of an update including updated configurations for hardware components of the IHS. The update system queries the IHS for vulnerability proofing requirements for updates that modify configurations of hardware components of the IHS. In response to the query, vulnerability proofing requirements are retrieved from a persistent data storage of the IHS and transmitted to the update system, where the vulnerability proofing requirements specify catalogs of known vulnerabilities of hardware components. The update system determines whether the updated configurations are identified as vulnerable in the one or more of catalogs. If the updated configurations are not identified in the catalogs, the update is transmitted to the IHS. If configurations from the update are identified in the catalogs, the update is terminated and the IHS is notified.

Abstract: Systems and methods provided vulnerability proofing of an IHS (Information Handling System) while it is being provisioned for deployment, such as upon receipt at a datacenter. An initial provisioning of the IHS is detected, where no provisioning of the IHS has been conducted other than the factory provisioning of the IHS. A profile is identified that is to be used in provisioning the IHS, where the profile includes configurations for one or more hardware components of the IHS. One or more catalogs are accessed that specify known vulnerabilities of hardware components. For each of the hardware configurations in the profile, configurations that are vulnerable are identified based on the catalogs of known vulnerabilities. If vulnerabilities are identified, further provisioning of the IHS is blocked until the profile is modified to include no hardware configurations with vulnerabilities identified in the catalogs.

Abstract: An information handling system may include a processor, a touchpad communicatively coupled to the processor, and non-transitory computer-readable media communicatively coupled to the processor and having stored thereon a program of instructions configured to, when read and executed by the processor in response to a trigger for enabling logical segmentation of the touchpad, logically segment the touchpad into a plurality of zones and map each zone to a respective corresponding feature displayed on one or more displays communicatively coupled to the processor such that user interaction with each of the plurality of zones manipulates the respective corresponding feature of such zones on the one or more displays.

Abstract: Systems and methods provided for vulnerability proofing updates to an IHS (Information Handling System). Upon receipt of an update to hardware component configurations of the IHS, vulnerability proofing requirements for modifications to the hardware component configurations are retrieved, including requirements for modifications that are validated for operation of a computational workload by the IHS. Based on the vulnerability proofing requirements, catalogs specifying known vulnerabilities of hardware components are consulted to determine whether the modifications are identified as vulnerable in the catalogs and whether remediations to the identified vulnerabilities are validated for operation of the workload. If the modifications are not identified as vulnerable in the catalogs, the update is transmitted to the IHS. If the modifications are identified as vulnerable in the catalogs and remediations to the identified vulnerabilities are not validated for operation of the workload, the update is terminated.

Abstract: Embodiments of systems and methods to provide a firmware update to devices configured in a redundant configuration in an Information Handling System (IHS) are disclosed. In an illustrative, non-limiting embodiment, an IHS may include a Baseboard Management Controller (BMC) having computer-executable instructions to receive a request to boot a factory firmware on the BMC in which the factory firmware is signed by a first private key of a first asymmetric private/public key pair. Using the first private key, the instructions verify an authenticity of the factory firmware using a public key associated with the first private/public key pair, and allow booting of the factory firmware only when it is authenticated by the first public key.

Abstract: An information handling system may include at least one processor and a memory. The information handling system may be configured to perform a maintenance operation involving a plurality of hosts of an information handling system cluster by: determining a score for each host based on a sum of working memory sizes for all active virtual machines executing on such host plus a sum of persistent storage sizes for all virtual machines stored on such host; based on the determined scores, selecting a first host for upgrading; migrating at least a portion of all virtual machines stored on the first host from the first host to one or more other hosts; and causing the first host to perform the maintenance operation.

Abstract: In a multi-tiered system, a read temperature classification and write temperature classification per virtual block (VLB) can be determined based on the content referenced by each VLB. The temperature classifications of VLBs can be determined using temperature scales which map read and write activity levels to corresponding temperature classifications. The temperature scales can have classification boundaries adjusted based on feedback of operations performed including down-tiering, garbage collection, and compaction and appending. In one use case, a number of free blocks in a high-performance first tier can be below a minimum and processing can be performed to locate a source block of the first tier partially filled with hot content, store the hot content contiguously on a target block of the first tier, flush write data from a log, and store the write data on the target block by appending the write data to the existing hot content.

Abstract: Systems and methods for integrating an embedded controller (EC) into a heterogenous computing platform. In an embodiment, an Information Handling System (IHS) includes a heterogeneous computing platform having a Reduced Instruction Set Computer (RISC) processor and a plurality of devices coupled to an interconnect, and an EC coupled to the interconnect. These systems and methods may provide an EC with access to an internal System-on-Chip (SoC)'s fabric, whether in a fully internal, partially internal/external, or fully external implementation (e.g., via an enhanced serial peripheral interface or “SPI”). These systems and methods may also provide voltage segregation factor and power sequencing, as well as various possible architectural variations on General Purpose I/O (GPIO) handling.

Abstract: Systems and methods are provided for vulnerability proofing an IHS (Information Handling System) while being administered using a bootable image. Launching of a bootable image by the one or more CPUs is detected and one or more IHS configurations to be made using the bootable image are identified. One or more catalogs specifying known vulnerabilities of hardware components are accessed and used to determine whether any of the IHS configurations to be made using the bootable image are identified as vulnerable in one or more of the catalogs. Configuration of the IHS using the bootable image is blocked until the configurations to be made using the bootable image are modified to include no configurations with vulnerabilities identified in the plurality of catalogs.

Abstract: A system of managing data, comprising a streaming data storage system operating on a processor that causes the processor to receive streaming data and to process the streaming data in response to an append command, a long-term storage system operating on a processor that causes the processor to receive the processed streaming data from the streaming data storage system and to generate a chunk of data, an object storage system operating on a processor that causes the processor to receive the processed streaming data from the streaming data storage system and to generate an object of data and a tables system operating on a processor that causes the processor to receive the processed streaming data from the streaming data storage system and to generate a table of data.

Abstract: Systems and methods are provided for vulnerability proofing the administration of hardware components of an IHS. A proposed configuration for a hardware component of the IHS is detected. Multiple catalogs specifying known vulnerabilities of hardware components are accessed, such as a catalog of known vulnerabilities provided by a manufacturer of the hardware component and such as a catalog of known vulnerabilities provided by a manufacturer of the IHS. The proposed configuration of the hardware component is evaluated as being vulnerable in the first catalog and also in the second catalog. If the proposed configuration is identified as vulnerable in either the first catalog or in the second catalog, the hardware component is disabled until the proposed configurations for the hardware component are changed to include no configurations with vulnerabilities identified in either the first or second catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the launching of application instances by an IHS (Information Handling System). The launching of an application instance on the IHS is detected, where the application instance is launched using an application template that includes configurations for one or more hardware components of the IHS. One or more catalogs are accessed that specify known vulnerabilities of hardware components. Hardware component configurations included in the application template are identified as vulnerable in one or more of the catalogs. If the application template includes configurations that are identified as vulnerable in the catalogs, launching of the application is prevented until the hardware component configurations within the application template are modified to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing subsystems of hardware components of an IHS (Information Handling System). A request to modify configurations of a hardware component of the IHS is detected. Catalogs specifying known vulnerabilities of hardware components are accessed to determine whether any of the modified hardware configurations are identified as vulnerable in one or more of the catalogs. When vulnerabilities are identified in the modified configurations for the hardware component, other hardware components of the IHS are identified that are interdependent on the hardware component as part of an IHS subsystem. Hardware configurations for any of the hardware components of the subsystem are evaluated for vulnerabilities based on the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the use of risk scores in the administration of hardware components of an IHS (Information Handling System). Proposed configurations for a first of the hardware components of the IHS are detected, where the proposed configurations are associated with a risk score. Catalogs specifying known vulnerabilities of hardware components are accessed and used to determine whether any of the proposed configurations of the first hardware component are identified as vulnerable in one or more of the catalogs. When a vulnerability for the proposed configuration is identified in the catalogs, the risk score of the configuration is increased based on the vulnerabilities identified in the plurality of catalogs. When the risk score is increased to an elevated level, the hardware component is disabled until the proposed configurations are changed to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods for providing an external embedded controller (EC) with access to internal resources of a heterogenous computing platform. In an illustrative, non-limiting embodiment, an Information Handling System (IHS) may include: a heterogeneous computing platform having a Reduced Instruction Set Computer (RISC) processor and a plurality of devices coupled to an interconnect; and an external EC coupled to the interconnect via a bridge integrated into the heterogeneous computing platform, where the bridge is configured to provide the external EC with access to the plurality of devices. These systems and methods may provide an EC with access to an internal System-on-Chip (SoC)'s fabric, whether in a fully internal, partially internal/external, or fully external implementation (e.g., via an enhanced serial peripheral interface or “SPI”).

Abstract: A method for processing data, comprising receiving a folder attached request at a virtual media service operating on a processor, creating a virtual image data file and lookup table in response to the folder attached request at the virtual media service, preparing content to be populated into a master boot record region in response to the folder attached request and generating a virtual USB device in response to the populated master boot record.

Abstract: A system, method, and computer-readable medium for performing a data center asset telemetry operation. The data center asset telemetry operation includes: determining telemetry capabilities of a plurality of data center assets; constructing normalized telemetry information collection requests; providing the normalized telemetry information collection requests to the plurality of data center assets; and, receiving telemetry information from the plurality of data center assets.

Abstract: An information handling system may include at least one processor; and an information handling resource, wherein the information handling resource has hardware definition information associated therewith, and wherein the hardware definition information is not stored in a physical storage resource of the information handling resource; wherein the information handling system is configured to: determine a storage location of a database including the hardware definition information of the information handling resource; and retrieve the hardware definition information from the database.

Abstract: A system can comprise a radio unit comprising a digital front end, wherein the digital front end comprises a group of tap points that are configured to receive a first custom signal. The system can also comprise a first component that is configured to originate the first custom signal. The system can also comprise a second component that is configured to select a first tap point of the group of tap points, and inject the first custom signal into the first tap point.