DMTF has just released version 2.0 of the Conformance Test Suite (CTS) for its Desktop and mobile Architecture for System Hardware (DASH) standard. DASH provides secure out-of-band and remote management of desktop and mobile systems. The DASH CTS serves to improve interoperability by validating conforming implementations. The new DASH CTS 2.0 includes the necessary updates, policies and procedures to test the latest DASH specifications, which address current requirements for managing modern hardware in a networked environment. With DASH CTS 2.0, companies can continue to self-test their implementations and submit digitally signed results to the DASH Conformance Program Administrator (an independent third party) for validation. Once validated, participants can have their submission information included in the DMTF Certification Registry.[…]
DMTF SMASH and DASH are pre-os technologies, somewhat like IPMI and Redfish. SMASH is for servers, DASH is for desktops. AMI and Realtek have DASH working over WiFi now. The new risk brought with this feature is that, if attacker can find exploit in WiFi DASH implementation, they can attack system remotely. Before, they needed an Ethernet connection, now they can use WiFi. IPMI and Redfish have similar risks. I wonder if servers are also available via WiFi with SMASH? Excerpt from press release:
American Megatrends Inc. (AMI), in collaboration with Realtek Semiconductor, an AMI Technology Partner, is pleased to introduce RealManage™ 2.0, a WiFi DASH solution integrated with the RTL8111FP-CG NIC controller chip from Realtek.
DASH (Desktop and mobile Architecture for System Hardware) is a client management standard released by the DMTF (Distributed Management Task Force) and is a web services-based standard for secure out-of-band and remote management of desktops and mobile systems. Realtek has long been an Ethernet NIC market leader and with the RTL8111FP-based next-generation DASH remote management solution called RealManage 2.0, Realtek aims to keep its market position and remain a force for technology innovation.
“With the rising popularity of the GUI BIOS, enterprise customers required out-of-band KVM (Keyboard, Video, and Mouse) functions beyond the standard ‘Text Console Redirection’ feature. Realtek’s RealManage 2.0 is our answer; a powerful DASH solution that supports Wi-Fi and Ethernet DASH, and is compliant with a GUI BIOS,” said Realtek’s Vice President and Spokesman, Yee-Wei Huang. “It brings a whole new application methodology and experience to commercial customers, providing a wealth of data and tools for remote out-of-band client management tasks.”
Full press release:
AMI (American Megatrends, Inc.), one of the original PC BIOS vendors, just joined the OpenPOWER Foundation. AMI’s “MegaRAC SP-X for POWER8” product was launched in support of TYAN’s first non-IBM branded OpenPOWER commercial server, which they’re demoing at COMPUTEX TAIPEI this week. MegaRAC SP-X for POWER8 includes server firmware technology. Excerpts from their PR:
“AMI joins a growing roster of technology organizations working collaboratively to build advanced server, networking, storage and acceleration technology as well as industry-leading open source software aimed at delivering more choice, control and flexibility to developers of next-generation, hyperscale and cloud data centers. The group makes POWER hardware and software available to open development for the first time, as well as making POWER intellectual property licensable to others, greatly expanding the ecosystem of innovators on the platform. AMI has been working with IBM and other OpenPOWER Foundation members like Tyan to develop enterprise server and networking solutions for next-generation data centers that integrate IBM POWER CPUs and AMI MegaRAC(R) Remote Management Firmware / Software Solutions. “
“MegaRAC(R) SP-X for POWER8 is a powerful development framework for server management solutions composed of firmware and software components, based on industry standards like IPMI 2.0, SMASH, Serial over LAN (SOL) and key serviceability features like remote presence, CIM profiles and advanced automation. MegaRAC SP-X features a high level of modularity, with the ability to easily configure and build the firmware image by selecting features using an intuitive graphical development tool chain. These features are available in independently maintained packages, for superior manageability of the firmware stack.”