White Papers
Table Of Contents
- Dell Trusted Device Installation and Administrator Guide v3.6
- Contents
- Introduction
- Requirements
- Download the software
- Verify the installation package
- Installation
- Uninstall Trusted Device
- BIOS Verification
- Image Capture
- BIOS Events & Indicators of Attack
- Security Risk Protection Score
- Intel ME Verification
- Integration
- Run the BIOS Verification Agent
- Results, troubleshooting, and remediation
Integration
The Dell Trusted Device agent can be integrated with other products and services to ensure computers are secure at the BIOS
level.
SIEM
Security Information Event Management (SIEM) solutions aggregate data from multiple sources in your enterprise. SIEM
enables administrators to identify trends and unusual behavior or to perform real-time analysis of alerts that are generated by
applications and hardware.
Data aggregated through SIEM can be transformed into charts and graphs on a dashboard to facilitate use. This helps
administrators ensure that the enterprise maintains security compliance and protection against bad actors.
Trusted Device can be integrated with SIEM solutions and supports the following features:
● BIOS Verification
● BIOS Events & Indicators of Attack
● Image Capture
● Security Risk Protection Score
The Dell Event Repository must be installed to deliver Trusted Device results to a SIEM solution. See Download the Event
Repository to download the Docker image.
Requirements
The following are required for Trusted Device integration with SIEM solutions:
● Docker
● The Trusted Device Event Repository image
● Trusted Device v3.6 or later
● Universal SIEM forwarder
Prerequisites
The following details the Trusted Device Event Repository installation prerequisites.
Architecture
The following diagram describes deployment steps and data flow from the Trusted Device agent to a SIEM solution.
12
Integration 25