Dell Client Management Newsletter – 2023 December

Dell Command Update vs WufB

Secure Component Verification

While phishing and ransomware attacks are more visible, supply chain attacks do happen and can be extremely damaging.

62% of network breaches in 2021 – will grow in frequency and scope.

Secure Component Verification  is Supply Chain Security  assurance that your Dell commercial device is manufactured and delivered to your door exactly as ordered, per spec and with authentic components .

Key capabilities include:

• • Provides additional assurance that Dell devices are manufactured and delivered exactly as ordered.
  • Generates and stores an inventory certificate of device components in a secure cloud environment that are reviewed upon receipt to confirm authenticity.
  • Platform component certificate includes baseboard, processor, OEM, memory, hard drive, network card and TPM.
  • Verify your as-built Dell hardware configurations for more secure deployments.
  • Includes product return if components cannot be verified (uses standard Dell return policies).

• TechDirect:
• The Dell portal for viewing the health and security results of your PC fleet.
• Trusted Device agent:
• For the actual verification of components and BIOS security.
• SupportAssist for Business:
• The tool for deploying the software across your fleet of devices.

Supporting Collaterals on Secure Component Verification

• • SCV Datasheet
  • Supply Chain Security Whitepaper
  • SafeSupply Chain Datasheet
  • Dell/Intel Whitepaper
  • Dell Trusted Device Whitepaper

Dell Command |PowerShell Provider is a tool for IT-professionals, and administrators that are familiar with Windows PowerShell environment. It will help you with BIOS settings in your PowerShell scripts. You can set, read, and change parameter. But you need to know what you are doing, You can change settings that could prevent your system from working.

To get started, look here: Dell Command | PowerShell Provider | Dell US

Find all documentation here: Support for Dell Command | Powershell Provider | Documentation | Dell US

The user guide above will tell you how to get started. But the basic steps you could try on a test system, would look like this:

Open PowerShell ISE as administrator.

Run Set-ExecutionPolicy RemoteSigned -force

Install Dell PowerShell Provider from the Microsoft Gallery:

Find module by running Find-Module DellBIOSProvider The output should look like this:

Version    Name                               Repository     Description                                                                                                                                                      ——-        —-                                    ———-                 ———–                                                                                                                                                    

2.7.0        DellBIOSProvider            PSGallery           The ’Dell Command | PowerShell Provider’ pr…..

To install the module run Install-Module DellBIOSProvider and the run Import-Module DellBIOSProvider –Verbose

To check the installation run Get-PSDrive Look for DellSmbios in the output.

To test the settings run cd DellSmbios:\

dir will list all Categories

cd SystemInformation will change to the System information part of the BIOS. Dir will list the BIOS information.

Get-Item BIOSVersion will only show the BIOS version.

You are also able to set a parameter. If yo want to set Numlock to on, after boot. You should use:

Set-Item –Path DellSMBIOS:\POSTBehavior\Numlock ”Enabled” If a BIOS password is set, you will also have to add the BIOS parameter.

The rest is in the manuals, together with examples.

Dell Power Adapter – Smaler & more green

• GaN Power adapters = Smaler & Lighter
• Use of Recycled Copper in selected adapters.

Dell has announced GaN (Gallium Nitride) power adapters that provides higher processing speeds and power efficiency in a smaler formfactor. This means less heat produced.

GaN1 based adapter designs are produced using less water and have 40-50% lower chassis volume. Combined with the recycled materials, they have a lower carbon footprint

Power adapter with Recycled Copper are now used in more than 1 million power cables with goal to impact more than 20 million over the next few years.

Notebook power adapter cables made with recycled copper

• 100W Type-C Adapter (Latitude and Precision)
• 165W Type-C Adapter (Precision)
• 100W USFF TYPE-C  (XPS)
• 130W SFF TYPE-C (XPS)

Copper is becoming a critical mineral. Often used in electronics, copper is difficult and expensive to extract. Our goal is to establish demand and encourage recycling of copper in order to keep it in the circular economy.

How to add drivers to a Windows install Boot.Wim

We often get question on how to add drivers to a Windows USB stick for Intel Rapid Storage driver.

Her is a short introduction on how to do this.

1. Download all driver and unpack to a local disk.
2. Creat the following folders on your local disk.
   1. C:\WinWork
      1. C:\WinWork\Drivers
         Unpack driver files for your computer. Download and unzip the Current WinPE driver pack from Dell, and copy the unzipped files into this folder
      2. C:\WinWork\ISO
         Extract Windows 10/11 ISO Boot image. You only need the boot.wim file from the Sources directory.
      3. C:\WinWork\Mount
         Empty the directory (if used before) into which the Windows install WIM image will be mounted

1. List all Windows images contained in the boot.wim file using the Get-WindowsImage PowerShell cmdlet. This will allow you to get an index of the images in which you plan to integrate additional drivers

1. 1. Get-WindowsImage -ImagePath C:\WinWork\ISO\boot.wim
   2. Image Index 2 is what we are looking for, the “Microsoft Windows Setup” image

1. Next, you need to mount the image of the selected Windows edition to the Mount directory. As an argument to the Index parameter, specify the index of the Windows image you want to mount.

1. 1. Mount-WindowsImage -Path C:\WinWork\Mount\ -ImagePath C:\WinWork\ISO\boot.wim -Index 2

1. After the image is mounted, you can add drivers to it from the Drivers directory using the command

1. 1. Add-WindowsDriver -Path C:\WinWork\Mount\ -Driver C:\WinWork\Drivers -Recurse

1. After the driver’s files have been copied, commit your changes, and unmount the WIM image.

1. 1. Dismount-WindowsImage -Path C:\WinWork\Mount\ –Save

1. Copy the Boot.wim back the USB install disk in the sources folder, replacing the default Windows one.
2. Boot the device from the USB disk and the Windows installer should work fine

Dell Technologies strives to provide customers with timely information, guidance, and mitigation options to minimize risks associated with security vulnerabilities. We recommend that customers run the most recent version of the software available and apply any security updates at the earliest opportunity.

Read more: Security Advisories & Notices | Dell US