HP Dc5700 HP ProtectTools Security Manager Guide - Page 19

HP Embedded Security for ProtectTools, Basic Concepts

Get HP Dc5700 - Compaq Business Desktop PDF manuals and user guides
UPC - 882780819535
View all HP Dc5700 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 19 highlights

3 HP Embedded Security for ProtectTools Basic Concepts If available, Embedded Security for ProtectTools protects against unauthorized access to user data or credentials. This module provides the following security features: ● Enhanced Microsoft Encrypting File System (EFS) file and folder encryption ● Creation of a Personal Secure Drive (PSD) for encrypting user data ● Data management functions, such as backing up and restoring the key hierarchy ● Support for third-party applications that use MSCAPI (such as Microsoft Outlook and Microsoft Internet Explorer) and applications that use PKCS#11 (such as Netscape) for protected digital certificate operations when using the Embedded Security software The Trusted Platform Module (TPM) embedded security chip enhances and enables other ProtectTools Security Manager security features. For example, Credential Manager for ProtectTools can use the TPM embedded chip as an authentication factor when the user logs on to Windows. On some models, the TPM embedded security chip also enables enhanced BIOS security features accessed through BIOS Configuration for ProtectTools. The hardware consists of a TPM that meets the Trusted Computing Group requirements of TPM 1.2 standards. The chip is integrated with the system board. Some TPM implementations (depending on model purchased) integrate the TPM as part of the NIC. In these NIC and TPM configurations, on-chip memory and off-chip memory, functions, and firmware are located on an external flash integrated with the system board. All TPM functions are encrypted or protected to ensure secure flash or communications. The software also provides a function called PSD. The PSD is a function in addition to the EFS-based file/folder encryption, and it uses the Advanced Encryption Standard (AES) encryption algorithm. It is important to note that HP ProtectTools Personal Secure Drive cannot function unless the TPM is unhidden, enabled with appropriate software installed with ownership, and the user configuration initialized. ENWW Basic Concepts 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
3
HP Embedded Security for
ProtectTools
Basic Concepts
If available, Embedded Security for ProtectTools protects against unauthorized access to user data or
credentials. This module provides the following security features:
Enhanced Microsoft Encrypting File System (EFS) file and folder encryption
Creation of a Personal Secure Drive (PSD) for encrypting user data
Data management functions, such as backing up and restoring the key hierarchy
Support for third-party applications that use MSCAPI (such as Microsoft Outlook and Microsoft
Internet Explorer) and applications that use PKCS#11 (such as Netscape) for protected digital
certificate operations when using the Embedded Security software
The Trusted Platform Module (TPM) embedded security chip enhances and enables other ProtectTools
Security Manager security features. For example, Credential Manager for ProtectTools can use the TPM
embedded chip as an authentication factor when the user logs on to Windows. On some models, the
TPM embedded security chip also enables enhanced BIOS security features accessed through BIOS
Configuration for ProtectTools.
The hardware consists of a TPM that meets the Trusted Computing Group requirements of TPM 1.2
standards. The chip is integrated with the system board. Some TPM implementations (depending on
model purchased) integrate the TPM as part of the NIC. In these NIC and TPM configurations, on-chip
memory and off-chip memory, functions, and firmware are located on an external flash integrated with
the system board. All TPM functions are encrypted or protected to ensure secure flash or
communications.
The software also provides a function called PSD. The PSD is a function in addition to the EFS-based
file/folder encryption, and it uses the Advanced Encryption Standard (AES) encryption algorithm. It is
important to note that HP ProtectTools Personal Secure Drive cannot function unless the TPM is
unhidden, enabled with appropriate software installed with ownership, and the user configuration
initialized.
ENWW
Basic Concepts
13