- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
BIOS update SE5C610.86B.01.01.0028 don't support AES-NI?"
I have Xeon E5-2630 and BIOS version SE5C610.86B.01.01.0024.021320181901 where AES is enabled but the other machine where
SE5C610.86B.01.01.0028.121720182203 AES is not enabled ,
Is the latest verison not supporting AES , I checked processor E5-2630 supports it
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
Thanks very much for your patience regarding this issue. We already received an answer from our engineering team letting us the following:
BIOS release R0024 which has BMC Firmware: 01.51.11142 has been tested and found that only "None" and "Stunnel" are the options listed for encryption.
AES and RC4 have been removed in an earlier FW package (R0021)
All currently available FW packaged available online have this implemented.
There is a chance that you are still seeing the option because of a browser cookie issue that could be holding those options. For this matter please proceed to clear the browser cookies, even trying with a new browser never used before could be a good test here.
The following is the section of the release notes which talks about this fix/change: AES removed_Release notes
Regards
Jose A.
Intel Customer Support
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
Thank you for joining the community
AES-NI is part of the security features for the Xeon processors. Could you tell what exact server board are you using? This same BIOS version you specify applies for 4 different server boards families: S2600WT Family, S2600KP Family, S2600TP Family, S2600CW Family. Also please attach a screenshot of any of your systems running BIOS v0024, so we can see the AES option.
We will look forward for your updates
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Actually cpuid command show aes flag for local Linux Os
Once I open IPMI ,I am not able to see AES-128/256 under Remote session> KVM encryption
Product Name : S2600WTTR
Version :Intel(R) Xeon(R) CPU E5-2630 v4 @ 2.20GHz
Actually cpuid command show aes flag for local Linux Os
Once I open IPMI ,I am not able to see AES-128/256 under Remote session> KVM encryption
IPMI system Information:
Remote Management Module key : Installed Device (BMC) Available : Yes
BMC FW Build Time : 2019-03-26 17:58:32
BIOS ID : SE5C610.86B.01.01.0028.121720182203
BMC FW Rev : 1.56.11315
Boot FW Rev : 1.07
SDR Package Version : SDR Package 1.18
Mgmt Engine (ME) FW Rev : 03.01.03.051
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
Thanks for the updates. Could you tell if you are using the older java runtime environment console that downloads the JNLP file or the iKVM that runs over HTML5?
In the RMM4 user guide table 20, states the 3 KVM encryption modes Stunnel, RC4 or AES are available for the S1200V3RP product family mainly.
Will wait for your feedback
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To monitor and control the server remotely , we use JNLP to launch console from Console Redirection.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
Thanks for the updates, we will research a bit on this. Will let you know as soon as we have any info
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
After our research and consulting with our engineering team we found out that the options you are seeing are normal. AES and RC4 algorithms have been removed from KVM encryption as well as SSL, in the latest BMC update releases.
In regards to AES-NI is an instruction set supported in Processors to accelerate encryptions. This is different from the KVM encryption situation.
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your support. Can you please provide link/document where these new changes are mentioned for our reference .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
I will double check if such document is available. Take into consideration that sometime this kind of information requires a Non-Disclosure Agreement with Intel. Will let you know as soon as I have any updates.
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
We found that AES and RC4 options were removed from KVM encryption options in a prior BIOS version but we see that you have mentioned AES is present in BIOS version R0024 (SE5C610.86B.01.01.0024.021320181901). We would like to clarify if you are referring to
1) KVM encryption options in BMC webconsole page here
2) or is it the AES-NI instruction set support for processors.
Please clarify. Could you also send us a screenshot of the "System information" page after logging into BMC webconsole of the system where you see all 4 options in KVM encryption section. This is to confirm the BIOS and BMC version.
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
Thanks for the update. Let me pass this on to our engineering team. I will keep you posted.
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello User15850518301456433508,
Thanks very much for your patience regarding this issue. We already received an answer from our engineering team letting us the following:
BIOS release R0024 which has BMC Firmware: 01.51.11142 has been tested and found that only "None" and "Stunnel" are the options listed for encryption.
AES and RC4 have been removed in an earlier FW package (R0021)
All currently available FW packaged available online have this implemented.
There is a chance that you are still seeing the option because of a browser cookie issue that could be holding those options. For this matter please proceed to clear the browser cookies, even trying with a new browser never used before could be a good test here.
The following is the section of the release notes which talks about this fix/change: AES removed_Release notes
Regards
Jose A.
Intel Customer Support
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks very much for update and excellent support to resolve query
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page