Abstract: A method may include storing a first set of secrets associated with an information handling system in a credential vault of a management controller configured to be coupled to a processor of a host system of the information handling system in order to provide management of the information handling system via management traffic communicated between the management controller and an external management network such that the first set of secrets are accessible responsive to a verified boot of the management controller and storing a second set of secrets associated with the information handling system in a storage of a cryptoprocessor owned by the management controller such that access to the second set of secrets may be granted in response to an administrator's provision of authorization to the cryptoprocessor, and such that access to the second set of secrets is prevented during runtime of the host system in absence of authorization.

Abstract: A method may include storing a first set of secrets associated with an information handling system in a credential vault of a management controller configured to be coupled to a processor of a host system of the information handling system in order to provide management of the information handling system via management traffic communicated between the management controller and an external management network such that the first set of secrets are accessible responsive to a verified boot of the management controller and storing a second set of secrets associated with the information handling system in a storage of a cryptoprocessor owned by the management controller such that access to the second set of secrets may be granted in response to an administrator's provision of authorization to the cryptoprocessor, and such that access to the second set of secrets is prevented during runtime of the host system in absence of authorization.

Abstract: A method includes a service processor of an information handling system downloading code, including device drivers, and transferring the code to an operating system of the information handling system without rebooting the operating system. In some embodiments, a daemon of the operating system may request device drivers for newly-inserted devices and the service processor may make the device drivers available to the operating system in response to the requests. In some embodiments, the service processor may download updated device drivers and may inform the daemon. The updated device drivers may be automatically provided to the operating system or made available upon a request of a user. The service processor may make code available to the operating system by exposing a portion of its non-volatile memory to the operating system as a virtual device.

Abstract: A method comprises signing boot code with a public/private cryptographic key pair, and writing to storage the boot code, the public cryptographic key, and the signed boot code.

Abstract: A network interface device includes a memory and a processor operable to receive a malicious packet marker, store the malicious packet marker to the memory, monitor network data packets flowing in the network interface device, determine that a packet matches the malicious packet marker, and store log information from the packet to the memory.

Abstract: A network interface device includes a memory and a processor operable to receive a malicious packet marker, store the malicious packet marker to the memory, monitor network data packets flowing in the network interface device, determine that a packet matches the malicious packet marker, and store log information from the packet to the memory.

Abstract: A method comprises signing boot code with a public/private cryptographic key pair, and writing to storage the boot code, the public cryptographic key, and the signed boot code.

Abstract: A method comprises signing boot code with a public/private cryptographic key pair, and writing to storage the boot code, the public cryptographic key, and the signed boot code.

Abstract: A method includes a service processor of an information handling system downloading code, including device drivers, and transferring the code to an operating system of the information handling system without rebooting the operating system. In some embodiments, a daemon of the operating system may request device drivers for newly-inserted devices and the service processor may make the device drivers available to the operating system in response to the requests. In some embodiments, the service processor may download updated device drivers and may inform the daemon. The updated device drivers may be automatically provided to the operating system or made available upon a request of a user. The service processor may make code available to the operating system by exposing a portion of its non-volatile memory to the operating system as a virtual device.

Abstract: An information handling system includes a processor and a management controller separate from the processor. The management controller is operable to store an anti-virus program and a malicious marker detection program in a memory of the management controller, and to execute the malicious marker detection program. The malicious marker detection program operates to detect a state of a device of the information handling system, determine that the information handling system is under attack from a malicious program in response to detecting the state of the device, and send an alert to a management system coupled to the information handling system, the alert indicating that the information handling system is under attack from the malicious program.

Abstract: A method includes a service processor of an information handling system downloading code, including device drivers, and transferring the code to an operating system of the information handling system without rebooting the operating system. In some embodiments, a daemon of the operating system may request device drivers for newly-inserted devices and the service processor may make the device drivers available to the operating system in response to the requests. In some embodiments, the service processor may download updated device drivers and may inform the daemon. The updated device drivers may be automatically provided to the operating system or made available upon a request of a user. The service processor may make code available to the operating system by exposing a portion of its non-volatile memory to the operating system as a virtual device.

Abstract: A network interface device includes a memory and a processor operable to receive a malicious packet marker, store the malicious packet marker to the memory, monitor network data packets flowing in the network interface device, determine that a packet matches the malicious packet marker, and store log information from the packet to the memory.

Abstract: An information handling system includes a processor and a management controller separate from the processor. The management controller is operable to store an anti-virus program and a malicious marker detection program in a memory of the management controller, and to execute the malicious marker detection program. The malicious marker detection program operates to detect a state of a device of the information handling system, determine that the information handling system is under attack from a malicious program in response to detecting the state of the device, and send an alert to a management system coupled to the information handling system, the alert indicating that the information handling system is under attack from the malicious program.

Abstract: A method includes a service processor of an information handling system downloading code, including device drivers, and transferring the code to an operating system of the information handling system without rebooting the operating system. In some embodiments, a daemon of the operating system may request device drivers for newly-inserted devices and the service processor may make the device drivers available to the operating system in response to the requests. In some embodiments, the service processor may download updated device drivers and may inform the daemon. The updated device drivers may be automatically provided to the operating system or made available upon a request of a user. The service processor may make code available to the operating system by exposing a portion of its non-volatile memory to the operating system as a virtual device.

Abstract: A method comprises signing boot code with a public/private cryptographic key pair, and writing to storage the boot code, the public cryptographic key, and the signed boot code.

Abstract: A system to manage a key license includes an information handling system having non-volatile memory accessible to a processor. The non-volatile memory stores feature enablement information related to a feature that the information handling system is adapted to provide. The non-volatile memory stores instructions that are accessible to the processor and executable by the processor to send the feature enablement information to an external system after the information handling system is deployed, and to request the feature enablement information, or other feature enablement information, from the external system in response to receiving a request for the information handling system to provide the feature.

Abstract: A system to manage a key license includes an information handling system having non-volatile memory accessible to a processor. The non-volatile memory stores feature enablement information related to a feature that the information handling system is adapted to provide. The non-volatile memory stores instructions that are accessible to the processor and executable by the processor to send the feature enablement information to an external system after the information handling system is deployed, and to request the feature enablement information, or other feature enablement information, from the external system in response to receiving a request for the information handling system to provide the feature.

Abstract: A system to manage a key license includes an information handling system having non-volatile memory accessible to a processor. The non-volatile memory stores feature enablement information related to a feature that the information handling system is adapted to provide. The non-volatile memory stores instructions that are accessible to the processor and executable by the processor to send the feature enablement information related to the feature to an external system after the information handling system is deployed, and to request the feature enablement information, or other feature enablement information related to the feature, from the external system in response to receiving a request for the information handling system to provide the feature.

Abstract: A system to manage a key license includes an information handling system having non-volatile memory accessible to a processor. The non-volatile memory stores feature enablement information related to a feature that the information handling system is adapted to provide. The non-volatile memory stores instructions that are accessible to the processor and executable by the processor to send the feature enablement information related to the feature to an external system after the information handling system is deployed, and to request the feature enablement information, or other feature enablement information related to the feature, from the external system in response to receiving a request for the information handling system to provide the feature.

Abstract: Memory managements systems and methods that may be employed, for example, to provide efficient management of memory for network systems. The disclosed systems and methods may consider cost-benefit trade-off between the cache value of a particular memory unit versus the cost of caching the memory unit and may utilize a multi-layer queue management structure to manage buffer/cache memory in an integrated fashion. The disclosed systems and methods may be implemented as part of an information management system, such as a network proceessing system that is operable to process over-size data objects communicated via a network environment, and that may include a network processor operable to process network-communicated information and a memory management-system operable to manage disposition of individual memory units of over-size data objects based upon one or more parameters, such as one or more parameters reflecting the cost and value associated with maintaining the information in integrated buffer/cache memory.