Abstract: Systems and methods are provided for vulnerability proofing an IHS (Information Handling System) while being administered using a bootable image. Launching of a bootable image by the one or more CPUs is detected and one or more IHS configurations to be made using the bootable image are identified. One or more catalogs specifying known vulnerabilities of hardware components are accessed and used to determine whether any of the IHS configurations to be made using the bootable image are identified as vulnerable in one or more of the catalogs. Configuration of the IHS using the bootable image is blocked until the configurations to be made using the bootable image are modified to include no configurations with vulnerabilities identified in the plurality of catalogs.

Abstract: Systems and methods provide vulnerability proofing procedures for booting of an IHS (Information Handling System). A request to boot the IHS is detected. One or more boot configurations are determined that include configurations for operation of one or more of the hardware components of the IHS. One or more catalogs are accessed that specify known vulnerabilities of hardware components. The boot configurations are used to identify any hardware component configurations that have known vulnerabilities that are listed in the catalogs. If known vulnerabilities are identified in the boot configuration, further booting of the IHS may be disabled until the boot configuration is modified to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing updates to an IHS (Information Handling System). An update system receives a notification of an update including updated configurations for hardware components of the IHS. The update system queries the IHS for vulnerability proofing requirements for updates that modify configurations of hardware components of the IHS. In response to the query, vulnerability proofing requirements are retrieved from a persistent data storage of the IHS and transmitted to the update system, where the vulnerability proofing requirements specify catalogs of known vulnerabilities of hardware components. The update system determines whether the updated configurations are identified as vulnerable in the one or more of catalogs. If the updated configurations are not identified in the catalogs, the update is transmitted to the IHS. If configurations from the update are identified in the catalogs, the update is terminated and the IHS is notified.

Abstract: Systems and methods are provided for vulnerability proofing updates to an IHS. An update package is detected that includes configurations for one or more of the hardware components of the IHS. One or more catalogs are accessed that specify known vulnerabilities of hardware components. The updated configurations of the hardware component that are included in the update package are used to identify any hardware component configurations that have known vulnerabilities that are listed in the catalogs. If known vulnerabilities are identified in the updated configurations, further booting of the IHS may be disabled until the update package is modified to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the use of risk scores in the administration of hardware components of an IHS (Information Handling System). Proposed configurations for a first of the hardware components of the IHS are detected, where the proposed configurations are associated with a risk score. Catalogs specifying known vulnerabilities of hardware components are accessed and used to determine whether any of the proposed configurations of the first hardware component are identified as vulnerable in one or more of the catalogs. When a vulnerability for the proposed configuration is identified in the catalogs, the risk score of the configuration is increased based on the vulnerabilities identified in the plurality of catalogs. When the risk score is increased to an elevated level, the hardware component is disabled until the proposed configurations are changed to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the installation of new hardware components in an IHS (Information Handling System). The coupling of a new hardware component to the IHS is detected. A profile is identified that is to be used in provisioning the new hardware component that has been coupled to the IHS. The profile may include various configurations for the coupled hardware component. One or more catalogs are accessed that specify known vulnerabilities of hardware components. Configurations from the profile for the coupled hardware component are used to identify any configuration that have known vulnerabilities that are listed in the catalogs. If known vulnerabilities are identified in the configuration for the new hardware component, further use of the new hardware component by the IHS is disabled until the profile is modified to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing subsystems of hardware components of an IHS (Information Handling System). A request to modify configurations of a hardware component of the IHS is detected. Catalogs specifying known vulnerabilities of hardware components are accessed to determine whether any of the modified hardware configurations are identified as vulnerable in one or more of the catalogs. When vulnerabilities are identified in the modified configurations for the hardware component, other hardware components of the IHS are identified that are interdependent on the hardware component as part of an IHS subsystem. Hardware configurations for any of the hardware components of the subsystem are evaluated for vulnerabilities based on the catalogs.

Abstract: Systems and methods provided for vulnerability proofing updates to an IHS (Information Handling System). Upon receipt of an update to hardware component configurations of the IHS, vulnerability proofing requirements for modifications to the hardware component configurations are retrieved, including requirements for modifications that are validated for operation of a computational workload by the IHS. Based on the vulnerability proofing requirements, catalogs specifying known vulnerabilities of hardware components are consulted to determine whether the modifications are identified as vulnerable in the catalogs and whether remediations to the identified vulnerabilities are validated for operation of the workload. If the modifications are not identified as vulnerable in the catalogs, the update is transmitted to the IHS. If the modifications are identified as vulnerable in the catalogs and remediations to the identified vulnerabilities are not validated for operation of the workload, the update is terminated.

Abstract: Systems and methods are provided for vulnerability proofing the launching of application instances by an IHS (Information Handling System). The launching of an application instance on the IHS is detected, where the application instance is launched using an application template that includes configurations for one or more hardware components of the IHS. One or more catalogs are accessed that specify known vulnerabilities of hardware components. Hardware component configurations included in the application template are identified as vulnerable in one or more of the catalogs. If the application template includes configurations that are identified as vulnerable in the catalogs, launching of the application is prevented until the hardware component configurations within the application template are modified to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods provided vulnerability proofing of an IHS (Information Handling System) while it is being provisioned for deployment, such as upon receipt at a datacenter. An initial provisioning of the IHS is detected, where no provisioning of the IHS has been conducted other than the factory provisioning of the IHS. A profile is identified that is to be used in provisioning the IHS, where the profile includes configurations for one or more hardware components of the IHS. One or more catalogs are accessed that specify known vulnerabilities of hardware components. For each of the hardware configurations in the profile, configurations that are vulnerable are identified based on the catalogs of known vulnerabilities. If vulnerabilities are identified, further provisioning of the IHS is blocked until the profile is modified to include no hardware configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the administration of hardware components of an IHS. A proposed configuration for a hardware component of the IHS is detected. Multiple catalogs specifying known vulnerabilities of hardware components are accessed, such as a catalog of known vulnerabilities provided by a manufacturer of the hardware component and such as a catalog of known vulnerabilities provided by a manufacturer of the IHS. The proposed configuration of the hardware component is evaluated as being vulnerable in the first catalog and also in the second catalog. If the proposed configuration is identified as vulnerable in either the first catalog or in the second catalog, the hardware component is disabled until the proposed configurations for the hardware component are changed to include no configurations with vulnerabilities identified in either the first or second catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the use of machine learning recommendations by an IHS. A machine learning recommendation is detected that provides configurations for one or more of the hardware components of the IHS. Catalogs specifying known vulnerabilities of hardware components are accessed to determine whether any of the hardware configurations from the machine learning recommendations are identified as vulnerable in one or more of the catalogs. If a machine learning recommendation is identified as vulnerable, use of the machine learning recommendation by the IHS is blocked until the recommendation is modified to include no recommended hardware configurations with vulnerabilities identified in the catalogs.

Abstract: Systems and methods are provided for vulnerability proofing the use of an IHS (Information Handling System) in a computing cluster. Notification is received by the IHS of modifications to configurations of a computing cluster that includes the IHS. Vulnerability proofing requirements for computing cluster configurations including the IHS are retrieved from a persistent data storage of the IHS. Based on the vulnerability proofing requirements, catalogs comprising known vulnerabilities of IHS hardware components are accessed. Modifications to the computing cluster configurations are identified as vulnerable in one or more of the catalogs. When modifications to the computing cluster configurations are identified as vulnerable, participation by the IHS in the computing cluster is suspended until the modifications to the computing cluster configurations are changed to include no configurations with vulnerabilities identified in the catalogs.

Abstract: Managing computing workloads within a computing environment including identifying computing parameters of datacenter elements of each computing cluster of a computing environment; for each computing cluster of the computing environment: determining a health of the power device of the computing cluster; for each computing node of the computing cluster: determining a processing load of the computing node; determining a computing cost associated with a geo-location of the computing node; calculating, for each computing cluster, an availability of computing resources of the computing cluster based on the computing parameters of the data center elements of the computing cluster, the health of the power device of the computing cluster, the processing load of each computing node of the computing cluster, and the computing cost of each computing node of the computing cluster; generating a ranking of each computing cluster based on the availability of the computing resources of the computing cluster.

Abstract: Managing power consumption for computing cluster, including for each IHS of the computing cluster: executing I/O computing workloads at the IHS associated with movement of block storage data, stored at a disk array in communication with the IHS, between the disk array and the IHS; during execution of the I/O computing workloads, determining an I/O power usage of the IHS; calculating an accumulated I/O power consumption of the plurality of IHS based on a summation of the I/O power usage of each of the IHS; during movement of the block storage data, calculating a power consumption of the disk array; calculating, for each IHS, a power storage consumption of the IHS based on the I/O power usage of the IHS, the accumulated I/O power consumption, and the power consumption of the disk array; allocating additional workloads among the plurality of IHS based on the power storage consumption of each IHS.

Abstract: A datacenter includes a datacenter efficiency management system coupled to node devices. For each of the node devices and based on a power consumption associated with that node device and a performance associated with that node device, the datacenter efficiency management system generates a node group ranking that it uses to group subsets of the node devices into respective homogenous node groups, and then deploys a respective workload on at least one node device in each of the homogenous node groups. Based on at least one of a node workload bandwidth, a node power consumption, and a node health of each node device on which a workload was deployed, the datacenter efficiency management system then generates a workload performance efficiency ranking of the node devices that it then uses to migrate at least one workload between the node devices.

Abstract: An information handling system includes a shared device, first and second compute nodes, and a chassis management controller. The first compute node includes a first management controller, which initiates a firmware update for firmware in the shared device. The first management controller detects that that the firmware update is complete. In response to the firmware update being completed, the management controller sends rollback information for the firmware to the chassis controller. The chassis controller stores the rollback information as a rollback image within a storage location of a memory. The chassis controller further sends the rollback information to the second compute node. The second compute node includes a second management controller, which in turn receives the rollback information from the chassis controller, and updates the rollback information within the second compute node.

Abstract: An information handling system may include at least one processor and a memory. The information handling system may be configured to: receive an update package for applying an update to at least one information handling resource of the information handling system, wherein the update package includes metadata regarding at least one dependency of the update package; subsequent to receiving the update package, retrieve a revised version of the metadata, wherein the revised version of the metadata indicates a revised at least one dependency; based on the revised at least one dependency, carry out a configuration change; and apply the update.

Abstract: A system and method are disclosed for performing, by a processor of an information handling system, an inventory of updateable components of the information handling system. The system and method also includes retrieving an update path catalog for the updateable component and determining published updates between a current version and a target version of the updateable component according to the update path catalog. In addition, the system and method includes determining update recommendations based on the published updates between the current version and the target version. Finally, the system and method includes consolidating the update recommendations into the consolidated update recommendation according to a criterion.

Abstract: A networked system includes a computing device having a central processing system and accelerator system(s). A central processor/accelerator power management system coupled to the computing device via a network operates to deploy workload(s) on the computing device and receive workload performance information from the computing device that identifies a central processing system utilization of the central processing system in performing the workload(s) and an accelerator system utilization of each accelerator system in performing the workload(s). Based on the workload performance information, the computing device determines a first power consumption ratio of the central processing system and the accelerator system(s) in performing the workload(s), and modifies operation of at least one of the central processing system and the accelerator system(s) to change the first power consumption ratio to a second power consumption ratio that is more power efficient than the first power consumption ratio.