HP Dc5800 HP Protect Tools Guide

HP Dc5800 - Compaq Business Desktop Manual

Get HP Dc5800 - Compaq Business Desktop PDF manuals and user guides
UPC - 883585860944
View all HP Dc5800 manuals
Add to My Manuals
Save this manual to your list of manuals

HP Dc5800 manual content summary:

  • HP Dc5800 | HP Protect Tools Guide - Page 1
    HP ProtectTools User Guide
  • HP Dc5800 | HP Protect Tools Guide - Page 2
    Windows are trademarks of Advanced Micro Devices, Inc. Bluetooth is a services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Second Edition: October 2007 Document Part Number
  • HP Dc5800 | HP Protect Tools Guide - Page 3
    tasks ...14 Creating a virtual token ...14 Changing the Windows logon password 14 Changing a token PIN ...14 Managing identity ...15 Clearing an identity from the system 15 Locking the computer ...15 Using Windows Logon ...15 Logging on to Windows with Credential Manager 15 Adding an account 16
  • HP Dc5800 | HP Protect Tools Guide - Page 4
    Resetting a user password 28 Enabling and disabling Embedded Security 28 Permanently disabling Embedded Security 29 Enabling Embedded Security after permanent disable 29 Migrating keys with the Migration Wizard 29 4 Java Card Security for HP power-on authentication 32 Enabling Java Card power-
  • HP Dc5800 | HP Protect Tools Guide - Page 5
    Disabling Java Card power-on authentication 34 5 BIOS Configuration for HP ProtectTools File ...36 Storage ...37 Security ...38 Power ...39 Advanced ...40 6 Device Access Manager for HP ProtectTools Starting background service ...42 Simple configuration ...43 Device class configuration (advanced
  • HP Dc5800 | HP Protect Tools Guide - Page 6
    vi
  • HP Dc5800 | HP Protect Tools Guide - Page 7
    may be preinstalled, preloaded, or available for download from the HP Web site. For select HP Compaq Desktops, HP ProtectTools is available as an after market option. Visit http://www.hp.com for more information. NOTE: The instructions in this guide are written with the assumption that you have
  • HP Dc5800 | HP Protect Tools Guide - Page 8
    to access Credential Manager, Drive Encryption, HP BIOS, or any number of third party access points. ● BIOS Configuration provides access to power-on user and administrator password management. ● BIOS Configuration provides an alternative to the pre-boot BIOS configuration utility known as F10 Setup
  • HP Dc5800 | HP Protect Tools Guide - Page 9
    Module Drive Encryption for HP ProtectTools Device Access Manager for HP ProtectTools Key features ● Drive Encryption provides LPT ports, personal music players, CD drives, network interface cards, etc.) ● Device Access Manager can also manage users and user groups to provide read, write, allow
  • HP Dc5800 | HP Protect Tools Guide - Page 10
    by logging on to Credential Manager directly from the Windows logon screen. For more information, refer to "Logging on to Windows with Credential Manager on page 15." For Windows Vista, the administrator must use the "HP ProtectTools Security Manager for Administrators" when accessing Drive
  • HP Dc5800 | HP Protect Tools Guide - Page 11
    review sensitive financial data; you do not want the contractor to be able to print the files or save them to a writeable device such as a CD. The following feature helps restrict access to data: ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices
  • HP Dc5800 | HP Protect Tools Guide - Page 12
    gain entry to corporate network resources or data from financial services, an executive, or R&D team. The following features passwords or access to password-protected applications: ◦ Credential Manager "Setup procedures on page 12" ◦ "Using Single Sign On on page 16" ● Device Access Manager for HP
  • HP Dc5800 | HP Protect Tools Guide - Page 13
    Recovery Token Key password Protects access to the Credential Manager recovery file. Used to access Embedded Security features, such as secure e-mail, file, and folder encryption. When used for power-on authentication, also protects access to the computer contents when the computer is turned on
  • HP Dc5800 | HP Protect Tools Guide - Page 14
    HP ProtectTools password Owner password Java™ Card PIN Computer Setup password NOTE: Also known as BIOS administrator, F10 Setup, or Security Setup password Power-on password Windows Logon password Set in this HP characters or numbers for letters in a key word. For example, you can use the number 1
  • HP Dc5800 | HP Protect Tools Guide - Page 15
    and Restore. 3. In the right pane, click Backup Options. The HP ProtectTools Backup Wizard opens. 4. Follow the on-screen instructions. 5. After you set and confirm the Storage File Password, select Remember all passwords and authentication values for future automated backups. 6. Click Save Settings
  • HP Dc5800 | HP Protect Tools Guide - Page 16
    password in the Set Password Scheduled Task Completed, Idle Time, and Power Management. 10. Click Apply, and HP ProtectTools Restore Wizard opens. Follow the on-screen instructions. Configuring settings 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click HP
  • HP Dc5800 | HP Protect Tools Guide - Page 17
    for HP ProtectTools protects against unauthorized access to your computer using the following security features: ● Alternatives to passwords when logging on to Windows, resources. ● Support for optional security devices, such as Smart Cards and biometric readers. ● Support for additional security
  • HP Dc5800 | HP Protect Tools Guide - Page 18
    the notification area, by double-clicking the HP ProtectTools Security Manager icon ● From the "Credential Manager" page of ProtectTools Security Manager, by clicking the Log On link in the upper-right corner of the window 2. Follow the on-screen instructions to log on to Credential Manager. Logging
  • HP Dc5800 | HP Protect Tools Guide - Page 19
    Registration Wizard opens. 4. Follow the on-screen instructions. Registering a USB eToken 1. Be sure that the USB eToken drivers are installed. NOTE: Refer to the USB eToken user guide for more information. 2. Select Start > All Programs > HP ProtectTools Security Manager. 3. In the left pane
  • HP Dc5800 | HP Protect Tools Guide - Page 20
    Java Card or USB eToken. The token is saved either on the computer hard drive or in the Windows registry. When you log on with a virtual token, you are 4. Follow the on-screen instructions. Changing the Windows logon password 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In
  • HP Dc5800 | HP Protect Tools Guide - Page 21
    on page 22." To lock the computer: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Credential Manager. 3. In the right pane, click Lock Workstation. The Windows logon screen is displayed. You must use a Windows password or the Credential Manager Logon
  • HP Dc5800 | HP Protect Tools Guide - Page 22
    the computer, instructions. Removing an account 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Credential Manager, and then click Services and Applications. 3. In the right pane, click Windows passwords for multiple Internet and Windows numbers manually
  • HP Dc5800 | HP Protect Tools Guide - Page 23
    instructions. Managing applications and credentials Modifying application properties 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Credential Manager, and then click Services Change the settings by selecting or clearing the check boxes next to the
  • HP Dc5800 | HP Protect Tools Guide - Page 24
    instructions to complete the export. 6. Click OK. Importing an application 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Credential Manager, and then click Services Create New ● View Password NOTE: You must authenticate your identity before viewing the
  • HP Dc5800 | HP Protect Tools Guide - Page 25
    opens. 6. Follow the on-screen instructions. Removing protection from an application To remove restrictions from an application: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Credential Manager, and then click Services and Applications. 3. In the right
  • HP Dc5800 | HP Protect Tools Guide - Page 26
    the Advanced tab and select the period of inactivity. 8. Click OK to close the application Properties dialog box. 9. Click OK. 20 Chapter 2 Credential Manager for HP ProtectTools
  • HP Dc5800 | HP Protect Tools Guide - Page 27
    of credentials are required of either users or administrators. To specify how users or administrators log on: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Credential Manager, and then click Authentication and Credentials. 3. In the right pane, click
  • HP Dc5800 | HP Protect Tools Guide - Page 28
    the on-screen instructions. ● To delete the credential, click Clear, and then click password display. ● Services and Applications-Allows you to view the available services and modify the settings for those services : 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left
  • HP Dc5800 | HP Protect Tools Guide - Page 29
    click the General tab. 4. Under Select the way users log on to Windows (requires restart), select the Use Credential Manager with classic logon prompt check box. 5. Click Apply, and then click OK. 6. Restart the computer. NOTE: Selecting the Use Credential Manager with classic logon prompt check box
  • HP Dc5800 | HP Protect Tools Guide - Page 30
    the key hierarchy ● Support for third-party applications HP ProtectTools can use the embedded chip as an authentication factor when the user logs on to Windows. On select models, the TPM embedded security chip also enables enhanced BIOS security features accessed through BIOS Configuration for HP
  • HP Dc5800 | HP Protect Tools Guide - Page 31
    preferences and exit Computer Setup, use the arrow keys to select File > Save Changes and Exit. Then follow the on-screen instructions. Initializing the embedded security chip In the initialization process for Embedded Security, you will perform the following tasks: ● Set an owner password for the
  • HP Dc5800 | HP Protect Tools Guide - Page 32
    password. To set up a basic user account and enable the user security features: 1. If the Embedded Security User Initialization Wizard is not open, select Start > All Programs > HP must obtain one from a certification authority. For instructions on configuring your e-mail and obtaining a digital
  • HP Dc5800 | HP Protect Tools Guide - Page 33
    Key password at the next logon. If the Basic User Key password is entered correctly, you can access the PSD directly from Windows Explorer. mail. Changing the Basic User Key password To change the Basic User Key password: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the
  • HP Dc5800 | HP Protect Tools Guide - Page 34
    Follow the on-screen instructions. Changing the owner password To change the owner password: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. on Windows restart. This option is available to all users by default. ● Permanent disabling-With this option, the owner password is
  • HP Dc5800 | HP Protect Tools Guide - Page 35
    under Embedded Security, click Disable. 4. Type your owner password at the prompt, and then click OK. Enabling Embedded Security after permanent disable To enable Embedded Security after permanently disabling it: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane
  • HP Dc5800 | HP Protect Tools Guide - Page 36
    Manager, Drive Encryption, HP BIOS, or any number of third party access points. With Java Card Security, you can accomplish the following tasks: ● Access Java Card Security features ● Work with the Computer Setup utility to enable Java Card authentication in a power-on environment ● Configure
  • HP Dc5800 | HP Protect Tools Guide - Page 37
    cards. This feature is available if you have more than one card reader on the computer. Changing a Java Card PIN To change a Java Card PIN: NOTE: The Java Card drivers must be correctly installed, as shown in Windows Device Manager. To select the card reader: 1. Select Start > All Programs > HP
  • HP Dc5800 | HP Protect Tools Guide - Page 38
    power-on authentication ● Back up and restore Java Cards NOTE: You must have Windows > HP ProtectTools power-on authentication. To assign a name to a Java Card: 1. Select Start > All Programs > HP power-on authentication When enabled, power-on authentication requires you to use a Java Card to start the
  • HP Dc5800 | HP Protect Tools Guide - Page 39
    The process of enabling Java Card power-on authentication involves the following steps: 1. Enable Java Card power-on authentication support in BIOS Configuration or Computer Setup. 2. Enable Java Card power-on authentication in Java Card Security. 3. Create and enable the administrator Java Card.
  • HP Dc5800 | HP Protect Tools Guide - Page 40
    no longer needed to access the computer. 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Java Card Security, and then click Advanced. 3. Insert the administrator Java Card. 4. In the right pane, under Power-on authentication, clear the Enable check box
  • HP Dc5800 | HP Protect Tools Guide - Page 41
    and configuration settings giving users Windows access to system security features that are managed by Computer Setup. The options within BIOS Configuration for HP ProtectTools are: ● File ● Storage ● Security ● Power ● Advanced NOTE: Support for specific Computer Setup options may vary depending
  • HP Dc5800 | HP Protect Tools Guide - Page 42
    option within BIOS Configuration for HP ProtectTools provides system information such as processor type, system BIOS name and version, chassis, serial number, etc. The only File data that can be edited is the asset tracking number. All other data is read only. 36 Chapter 5 BIOS Configuration for
  • HP Dc5800 | HP Protect Tools Guide - Page 43
    Storage The Storage option within BIOS Configuration for HP ProtectTools provides information about all bootable devices configured in the computer system and allows you to specify settings for these devices. The settings accessible in Storage include: ● Device Configuration ● Storage Options ● DPS
  • HP Dc5800 | HP Protect Tools Guide - Page 44
    Security option within BIOS Configuration for HP ProtectTools is the central location for all settings related to security and passwords. The settings included are: ● Setup Password ● Power-On Password ● Password Options ● Smart Cover (some models) ● Device Security ● Network Service Boot ● System
  • HP Dc5800 | HP Protect Tools Guide - Page 45
    Power The Power option within BIOS Configuration for HP ProtectTools provides settings that control power management at a hardware level. Settings included are: ● OS Power Management ● Hardware Power Management ● Thermal Power 39
  • HP Dc5800 | HP Protect Tools Guide - Page 46
    within the Advanced option of BIOS Configuration for HP ProtectTools are intended for advanced users. These settings include: ● Power-On Options ● Execute Memory Test (some models) ● BIOS Power-On ● Onboard Devices ● PCI Devices ● PCI VGA Configuration ● Bus Options ● Device Options ● AMT Options 40
  • HP Dc5800 | HP Protect Tools Guide - Page 47
    Access Manager for HP ProtectTools This security tool is available to administrators only. Device Access Manager provides customizable control of data storage and transmission hardware (USB, COM & LPT ports, CD drives, network interface cards, personal music players, etc.) Device Access Manager can
  • HP Dc5800 | HP Protect Tools Guide - Page 48
    profiles to be applied, the HP ProtectTools Device Locking/Auditing background service must be running. When you first attempt to apply device profiles, HP ProtectTools Security Manager opens a dialog box to ask if you would like to start the background service. Click Yes to start the background
  • HP Dc5800 | HP Protect Tools Guide - Page 49
    1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Device Access Manager, and then click Simple Configuration. 3. In the right pane, select the check box of a device to deny access. 4. Click Apply. NOTE: If background service is not running, it attempts to
  • HP Dc5800 | HP Protect Tools Guide - Page 50
    or Write access. Adding a user or a group 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Device Access Manager, and then click Device Class Configuration. 3. In the device list, click the device class that you want to configure. 4. Click Add. The Select
  • HP Dc5800 | HP Protect Tools Guide - Page 51
    for one user but not the group: 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Device Access Manager, and then click Device Class Configuration. 3. In the device list, click the device class that you want to configure, and then navigate to the folder
  • HP Dc5800 | HP Protect Tools Guide - Page 52
    7 Drive Encryption for HP ProtectTools Drive encryption for HP ProtectTools can encode every bit of to access the data on encrypted drives unless you have registered with the Drive Encryption recovery service (see "Recovery on page 49"). Reinstalling the Drive Encryption module will not enable you
  • HP Dc5800 | HP Protect Tools Guide - Page 53
    Management. 3. In the right pane, click Activate. The Drive Encryption for HP ProtectTools Wizard opens. 4. Follow the on-screen instructions to activate encryption. NOTE: You will need to specify a diskette, flash storage device, or some other USB-connected storage media on which the recovery
  • HP Dc5800 | HP Protect Tools Guide - Page 54
    name in the Username box. Click Next. 4. Type the Windows password for the selected user, and then click Next. 5. Select an authentication method for the new user, and then click Finish. Remove a user 1. Select Start > All Programs > HP ProtectTools Security Manager. 2. In the left pane, click Drive
  • HP Dc5800 | HP Protect Tools Guide - Page 55
    to access your computer if you forget your password. ● You may back up your Drive Encryption keys on a diskette, flash storage device, or some other USB-connected storage media. Registering with the Drive Encryption recovery service 1. Select Start > All Programs > HP ProtectTools Security Manager
  • HP Dc5800 | HP Protect Tools Guide - Page 56
    Windows XP Service Pack 1; update Windows version to Service Pack 2 via Windows Update to correct. To work around if retaining Service Pack 1, re-log back into Windows using another credential (Windows password call HP Service and Support and request 3rd level support through your HP Service contact
  • HP Dc5800 | HP Protect Tools Guide - Page 57
    cannot detect or recognize, either manually or automatically, the password gina. HP is researching a workaround for future product enhancements. Credential Manager does not recognize the Connect button on screen. If the Single Sign On credentials for Remote Desktop Connection (RDP) are set to
  • HP Dc5800 | HP Protect Tools Guide - Page 58
    mode to hibernation on Windows XP Service Pack 1 only. After allowing system to transition into hibernation and sleep mode, Administrator or user is unable to log into Credential Manager and the Windows logon screen remains displayed no matter which logon credential (password, finger print or Java
  • HP Dc5800 | HP Protect Tools Guide - Page 59
    the TPM if the ROM was reset to factory settings Credential Manager to fail. factory settings. after the Credential Manager installation. The TPM embedded security chip can be enabled in the BIOS Computer Setup utility, BIOS Configuration for ProtectTools, or HP Client Manager. To enable the TPM
  • HP Dc5800 | HP Protect Tools Guide - Page 60
    Windows 2000. EFS in Windows XP, by default, will not let the user open files/folders without a password Windows 2000 only. HP recommends always having the built-in Administrator account password instruct users never to encrypt or delete the recovery archive files. HP not supported. the Windows 2000
  • HP Dc5800 | HP Protect Tools Guide - Page 61
    power Embedded Security Device option to Enable reset the TPM module and cause possible loss of data. This is as designed. The Computer Setup (F10) Utility password can only be removed by a user who knows the password. However, HP strongly recommends having the Computer Setup (F10) Utility password
  • HP Dc5800 | HP Protect Tools Guide - Page 62
    will require the user password to be supplied. Secure e-mail is supported, even if Embedded security software and the wizard do not control settings of an e- This behavior is as designed. Configuration of TPM email settings does not prohibit editing encryption 56 Chapter 8 Troubleshooting
  • HP Dc5800 | HP Protect Tools Guide - Page 63
    e-mail is set and controlled by 3rd party applications. The HP wizard allows linkage to the three reference applications for immediate customization. the restore process proceeds. ● Resets the chip to factory settings in the BIOS. ● Reboots the computer. ● Begins to restore Embedded Security
  • HP Dc5800 | HP Protect Tools Guide - Page 64
    The current 4.0 software was designed for HP Notebook 1.1B implementations, as well as supporting HP Desktop 1.2 implementations. HP will address this issue in future releases. This option to disable is still supported in the software interface for TPM 1.1 platforms. 58 Chapter 8 Troubleshooting
  • HP Dc5800 | HP Protect Tools Guide - Page 65
    Spec. Version = 1.2 ● Vendor = Broadcom Corporation ● FW Version = 2.18 (or greater) ● TPM Device driver library version 2.0.0.9 (or greater) 5. If the FW version does not match 2.18, download and update the TPM firmware. The TPM Firmware SoftPaq is a support download available at http://www.hp
  • HP Dc5800 | HP Protect Tools Guide - Page 66
    BIOS authentication work. This is as designed, the factory reset clears the Basic User Key. The user must change his user PIN or create a new user to re-initialize the Basic User Key. Power-on authentication support not set to default using Embedded Security Reset to Factory Settings In Computer
  • HP Dc5800 | HP Protect Tools Guide - Page 67
    BIOS security mode Setting in Java Card Security that, when enabled, requires the use of a Java Card and a valid PIN for user authentication. Certification authority Service DriveLock password when the computer starts In the HP ProtectTools Credential Manager user. Java Card Small piece of hardware,
  • HP Dc5800 | HP Protect Tools Guide - Page 68
    is standard with Windows Vista and Windows XP. Personal secure drive (PSD) Provides a protected storage area for sensitive information. Power-on authentication Security feature that requires some form of authentication, such as a Java Card, security chip, or password, when the computer is turned on
  • HP Dc5800 | HP Protect Tools Guide - Page 69
    biometric readers 13 BIOS administrator password 8 BIOS configuration for HP ProtectTools advanced 40 file 36 power 39 security 38 storage 37 C Computer Setup administrator password 8 controlling device access 41 Credential Manager troubleshooting 50 Credential Manager for HP ProtectTools account
  • HP Dc5800 | HP Protect Tools Guide - Page 70
    service 49 encrypting a drive 47 removing a user 48 setting a password 48 E Embedded Security for HP HP ProtectTools 7 managing 7 owner 25 resetting user 28 secure, creating 8 Windows logon 14 personal secure drive (PSD) 27 power BIOS configuration for HP ProtectTools 39 power-on password
  • HP Dc5800 | HP Protect Tools Guide - Page 71
    25 troubleshooting Credential Manager for HP ProtectTools 50 Embedded Security for HP ProtectTools 53 Miscellaneous 59 U unauthorized access, preventing 6 USB eToken, Credential Manager 13 V virtual token 14 virtual token, Credential Manager 13, 14 W Windows Logon Credential Manager 15 password
  • HP Dc5800 | HP Protect Tools Guide - Page 72
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
HP ProtectTools
User Guide