Compaq nc6000 HP ProtectTools Security Manager - Page 10

Q. Which HP platforms support HP ProtectTools and the different add-on modules? A. Please refer to the "Platform Support" section of this white paper. Q. Can Smart Cards be used for pre-boot authentication? A. Yes, Smart Cards can be used for pre-boot authentication. Please refer to the user documentation that came with your computer for steps to configure the system for Smart Card pre-boot authentication. Q. Do HP clients support large scale deployment of the TPM embedded security chip? A. Embedded Security for HP ProtectTools includes a number of configuration settings that can be managed through a Windows security policy template. Refer to the technical White Paper on embedded security published online (ftp://ftp.compaq.com/pub/products/security/embedded_security__implementation.pdf). Additional information can also be found in the Embedded Security for HP ProtectTools online help files. There are also third party software solutions that can help with managing TPM embedded security chips on a large scale. Wave Systems has a solution that enables security chip key management and roaming. Infineon Technologies is another important HP partner in security. We have collaborated extensively on our Embedded Security and Credential Manager for HP ProtectTools modules. As part of Infineon's broader portfolio of security capabilities they are in the final stages of developing a back-end security management solution that works with HP ProtectTools. It addresses TPM embedded security chip key management and provides highly manageable enterprise single sign-on capability when used with Credential Manager for HP ProtectTools. HP business PCs and business notebooks will also support large scale deployment of TPM embedded security chips by allowing certain one time configuration processes to be scripted. This script support is available today on business desktops today. Business notebooks that feature a TPM embedded security chip require a BIOS update that is expected to be made available by the end of 4Q04. HP has documented this support through a white paper and sample script that can be made available to customers upon request (refer to Softpaq 27958). Q.What are HP's internal security policies? A. HP IT is in the process of rolling out a new USB Security Token to be used for strong multifactor authentication when accessing the corporate network over VPN. Credential Manager for HP ProtectTools has been designed to support this token enabling it to be used not only for VPN access, but when logging into Windows with Credential Manager or as additional protection for the Credential Manager single sign-on service. Q. What is the Credential Manager module for HP ProtectTools? A. Please refer to the "Credential Manager for HP ProtectTools" section of the white paper. Q. How does Credential Manager differ from other Single Sign On solutions? A. Most technologies and features provided by HP ProtectTools security manager are individually available. The value of HP ProtectTools is that it brings these technologies together into a single easy to use security solution. As an HP ProtectTools add-on, the features provided by Credential Manager are integrated into HP ProtectTools and work with the user authentication features of HP ProtectTools. 10