Dell Trusted Device Secured Component Verification (SCV) allows organizations to confidently deploy new devices knowing that critical components are matched exactly with the configuration that left the factory.
Key Benefits:
- Secured Component Verification provides digital proof and supply chain security by ensuring that the Dell computer hardware components ordered match the components that were manufactured and assembled in the factory.
- Enhance IT security: Align your security standards with Zero Trust principles and other emerging industry guidelines to meet the most demanding requirements for secure IT infrastructure.
- Improve IT security operations: Add SCV to your standard operating procedures for deployment for a low-touch, low risk enhancement that ultimately secures your overall IT security operations.
Note:
- The Secured Component Verification (on Cloud) service is good for 30 days from receipt, or until the hardware components change, or hardware settings are changed (whichever comes first).
- If you are using a Value-Added Reseller (VAR) to take receipt and set up your devices, the 30-day timeframe applies to the VAR, and Dell Technologies is not responsible for component verification once it leaves the VAR on its way to the end user.
- Secured Component Verification (on Cloud) is a licensed product.
Secured Component Verification Products
There are three Secured Component Verification products. Details regarding each product are provided below:
Secured Component Verification (on Cloud) Off-Host Solution
An inventory certificate is created and stored in Dell’s off-host secure cloud environment. This certificate can be used to confirm the hardware component authenticity.
Validation method
- Deploy SupportAssist for Business and the Dell Trusted Device (DTD) Notification agent on the endpoint
- View validation status using the online portal (TechDirect) for retrieval verification status
Secured Component Verification (on Device) On-Host Solution (for Federal customers only)
An inventory certificate is generated and stored on the Dell device that confirms the authenticity of the installed hardware components.
Note: Secured Component Verification (on Device) is not further discussed in this article.
Secured Component Verification (for Servers and Chassis)
Note: Secured Component Verification for Servers is not further discussed in this article.
How Secured Component Verification (on Cloud) Works
Once a customer places an order for a computer with SCV, the product is built, computer component data is collected and encrypted, and this information generates a platform certificate that is created and signed at the factory. The digital certificate is stored either on the local drive or in a secure Dell cloud for delivery to the customers. Upon receipt, the customer can validate the components delivered to the certificate. This process ensures that what the customer ordered is what they received and is free of tampering. Figure 1 below illustrates the general secure supply-chain workflow. The SCV alerting of unexpected hardware changes occurs in the Validate phase.
Figure 1: Secured Component Verification (on Cloud) workflow
Alerting for the status of the Secured Component Verification (on Cloud) inventory verification can be observed in different consoles. This depends on how the fleet of endpoints is managed.
The Windows Event viewer on the endpoint where Dell Trusted Device is installed. The location of the Secured Component Verification (on Cloud) logs is:
Event Viewer
- Applications and Services Logs
- Dell
Statuses of Windows events for Secured Component Verification (on Cloud)
Action |
Level |
Event ID |
Task Category |
Verification Success |
Informational |
41 |
9 |
Verification Failed |
Informational |
41 |
9 |
Server Internal Error Network Error |
Error |
43 |
9 |
Unsupported Platform |
Warning |
42 |
9 |
- If SupportAssist TechDirect is being used to manage the fleet of endpoints, Dell Trusted Device can be deployed with SupportAssist. This allows the SCV data to be shown in the SupportAssist TechDirect console as part of the fleet overview, with extra endpoint details available.
- If Microsoft Intune manages the fleet of endpoints, then there are Trusted Device Agent Powershell scripts that can be implemented as Intune Compliance Policy. For more information, reference the latest Dell Trusted Device and Microsoft Intune Quick Start Guide from Support for Trusted Device Documentation.