Highlighted
jjrbg
1 Copper

BIOS/Firmware/Drivers Updates for End-of-Life Servers?

I have 30+ old PowerEdge 2950's, 1950's, and R200's - which as they are now 7-years+ old are no longer covered under warranty support with Dell.

But, my question is... is the BIOS, EMC firmware, devices drivers, etc. still updated/patched/developed by Dell?

I ask this from a PCI DSS security perspective. We are required to patch vulnerabilities within 30-days. If a security vulnerability was discovered (unlikely, I admit) in the BIOS running on our 2950's - would Dell release a new patched BIOS version to download?

I need to answer our QSA's to let them know that even though the servers are no longer under hardware support with the vendor, this does not make them "less secure" as the software/firmware would still be patched.

Hopefully someone can answer this.

James

0 Kudos
1 Reply
theflash1932
5 Iridium

RE: BIOS/Firmware/Drivers Updates for End-of-Life Servers?

No, not typically. Most of the urgent performance/reliability bugs will have been fixed by the time they are out of support. As for security bugs, for example, no Dell servers were affected by the Heartbleed bug a couple of years ago, but had there been, they would probably have taken action to fix it. The only active development on drivers and firmware for older machines would be to add/test drivers for newer operating systems.

0 Kudos