HP Dc7900 HP ProtectTools User Guide

HP Dc7900 - Compaq Business Desktop Manual

Get HP Dc7900 - Compaq Business Desktop PDF manuals and user guides
UPC - 884962028483
View all HP Dc7900 manuals
Add to My Manuals
Save this manual to your list of manuals

HP Dc7900 manual content summary:

  • HP Dc7900 | HP ProtectTools User Guide - Page 1
    HP ProtectTools User Guide
  • HP Dc7900 | HP ProtectTools User Guide - Page 2
    HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP . HP ProtectTools User Guide HP Compaq Business PC First Edition: July 2008 Document Part Number: 491163-001
  • HP Dc7900 | HP ProtectTools User Guide - Page 3
    About This Book This guide provides basic information for upgrading this computer model. WARNING! Text set off in this manner indicates that failure to follow directions could result in bodily
  • HP Dc7900 | HP ProtectTools User Guide - Page 4
    iv About This Book ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 5
    ProtectTools credentials 9 Backing up credentials and settings 9 2 HP ProtectTools Security Manager for Administrators About HP ProtectTools Security Manager for Administrators 10 Getting Started - Configuring HP ProtectTools Security Manager for Administrators 11 Getting Started - Configuring
  • HP Dc7900 | HP ProtectTools User Guide - Page 6
    On ...25 Registering a new application 25 Using automatic registration 25 Using manual (drag and drop) registration 26 Managing applications and credentials 26 Modifying before Single Sign On 31 4 Drive Encryption for HP ProtectTools Setup procedures ...32 Opening Drive Encryption 32 vi ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 7
    Registering for online recovery 34 Managing an existing online recovery account 35 Performing a recovery 35 5 Privacy Manager for HP ProtectTools Opening Privacy Manager ...37 Setup procedures ...38 Managing Privacy Manager Certificates 38 Requesting and installing a Privacy Manager Certificate
  • HP Dc7900 | HP ProtectTools User Guide - Page 8
    the File Sanitizer icon 59 Manually shredding one asset 60 Manually shredding all selected items 60 Manually activating free space bleaching 60 Card power-on authentication 66 8 BIOS Configuration for HP ProtectTools General tasks ...68 Accessing BIOS Configuration 68 Viewing or changing
  • HP Dc7900 | HP ProtectTools User Guide - Page 9
    Access Manager for HP ProtectTools Starting background service ...78 Simple configuration ...78 Device class configuration (advanced 79 Adding a user or a group 79 Removing a user or a group 79 Denying access to a user or group 79 11 Troubleshooting Credential Manager for HP ProtectTools 80
  • HP Dc7900 | HP ProtectTools User Guide - Page 10
    x ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 11
    using the Security Manager setup wizard. HP ProtectTools software modules may be preinstalled, preloaded, or available as a configurable option or as an after market option. Visit http://www.hp.com for more information. NOTE: The instructions in this guide are written with the assumption that you
  • HP Dc7900 | HP ProtectTools User Guide - Page 12
    to grant access. The Java Card can be used to access Credential Manager, Drive Encryption, HP BIOS, or any number of third party access points. ● Java Card Security configures the HP ProtectTools Java Card for user authentication before the hard drive boots. Java Card Security can be accessed
  • HP Dc7900 | HP ProtectTools User Guide - Page 13
    HP ProtectTools Key features ● BIOS Configuration provides access to power-on user and administrator password management. ● BIOS Configuration provides an alternative to the pre-boot BIOS configuration utility known as Computer Setup. ● BIOS Configuration enablement of automatic DriveLock support
  • HP Dc7900 | HP ProtectTools User Guide - Page 14
    you have configured the Credential Manager module, you can also open HP ProtectTools by logging on to Credential Manager directly from the Windows logon Credential Manager on page 24. Achieving key security objectives The HP ProtectTools modules can work together to provide solutions for a variety
  • HP Dc7900 | HP ProtectTools User Guide - Page 15
    is working onsite and has been given computer access to review sensitive financial data; you do not want the auditor to access to data: ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable information from financial services, an executive, or R&D
  • HP Dc7900 | HP ProtectTools User Guide - Page 16
    to password-protected applications: ◦ Credential Manager "Setup procedures on page 20" ◦ "Using Single Sign On on page 25" ● Device Access Manager for HP ProtectTools allows IT managers to restrict access to writeable devices so sensitive information cannot be copied from the hard drive. See Simple
  • HP Dc7900 | HP ProtectTools User Guide - Page 17
    users. NOTE: In a small organization or for individual use, these roles may all be held by the same person. For HP ProtectTools, the security duties has decided to deploy Java Cards, the IT administrator can enable Java Card BIOS security mode. ● User-Uses the security features. For example, if the
  • HP Dc7900 | HP ProtectTools User Guide - Page 18
    in this HP ProtectTools Function known as BIOS administrator, F10 Setup, or Security Setup password Power-on password Windows Logon password BIOS Configuration, selected. Protects access to the Computer Setup utility. BIOS Configuration Windows Control Panel Protects access to the computer
  • HP Dc7900 | HP ProtectTools User Guide - Page 19
    must first follow any specifications that are set by Substitute special characters or numbers for letters in a key word. For example, you can use the number 1 for letters I up and restoring HP ProtectTools credentials To back up and restore credentials from all supported HP ProtectTools modules,
  • HP Dc7900 | HP ProtectTools User Guide - Page 20
    has the following features: ● Getting Started - Setup wizard that guides Windows operating system administrators through the configuration of levels of security and can select and configure any number of the available modules. 10 Chapter 2 HP ProtectTools Security Manager for Administrators ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 21
    he or she wants to change the levels of security or security login methods. The setup wizard guides the Windows administrator through configuring Security Manager: 1. In HP ProtectTools Security Manager for Administrators, click Getting Started, and then click the Security Manager Setup button
  • HP Dc7900 | HP ProtectTools User Guide - Page 22
    BIOS administrator password is entered, you will become a BIOS administrator. Enter and confirm a BIOS (Windows password, fingerprint authentication, and/or the HP ProtectTools Java™ Card), that user will not be allowing you to review your selections. 7. Click Enable on the "Review and Enable Security
  • HP Dc7900 | HP ProtectTools User Guide - Page 23
    the on-screen instructions, and then click HP ProtectTools Java Card" - Insert the HP ProtectTools Java Card, enter the Java Card PIN, then click Finish. 9. On the "Congratulations" page, review BIOS administrator password is entered, you will become a BIOS administrator. Enter and confirm a BIOS
  • HP Dc7900 | HP ProtectTools User Guide - Page 24
    Review and Enable Security Settings" page, click Enable. 9. Depending on the security login methods set by the administrator, one or both of the following pages will be displayed. Follow the on-screen instructions user in to Windows. ● If the HP Credential Manager level of security option has been
  • HP Dc7900 | HP ProtectTools User Guide - Page 25
    users list: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators. 2. Click Administrator Tools. 3. Click the NOTE: If the user will be logging in with the fingerprint and/or HP ProtectTools Java Card security login method, he or she must now log in
  • HP Dc7900 | HP ProtectTools User Guide - Page 26
    For details, refer to Using the Restore wizard on page 18. CAUTION: Backup files created outside of HP ProtectTools Backup and Restore (for example, files created previously by a specific security module) are not compatible with HP ProtectTools Backup and Restore, and therefore cannot be restored by
  • HP Dc7900 | HP ProtectTools User Guide - Page 27
    offline location (USB flash drive, disc, or other media) provides a two-factor level of security, because to access the backedup data in the storage file, you must have the security token file and know the password. Therefore, HP recommends that you store the storage file and the token file on two
  • HP Dc7900 | HP ProtectTools User Guide - Page 28
    " page opens. Security Modules This page displays all installed modules that have backup data in the file selected in the "File Location" page. 18 Chapter 2 HP ProtectTools Security Manager for Administrators ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 29
    errors. ● Click Finish to exit the wizard. Settings IN HP ProtectTools Security Manager for Administrators, click Settings to change the the host and activate a specific page and/or launch a specific application. ● Select the Show Security Desktop Notifications check box to display notifications
  • HP Dc7900 | HP ProtectTools User Guide - Page 30
    Support for additional security settings, such as requiring authentication using an optional security device to unlock the computer. Setup procedures Logging on to Credential Manager Depending on the configuration, you can log on to Credential Manager in any of the following ways: ● HP ProtectTools
  • HP Dc7900 | HP ProtectTools User Guide - Page 31
    Manager for Administrators icon ● From the "Credential Manager" page of HP ProtectTools Security Manager for Administrators, by clicking the Log On link in the upper-right corner of the window 2. Follow the on-screen instructions to log on to Credential Manager. Registering credentials You can use
  • HP Dc7900 | HP ProtectTools User Guide - Page 32
    smart card in a different form factor. Rather than deploying the smart plugs directly into any USB port. There is no difference in token on page 23. 1. In HP ProtectTools Security Manager for Administrators, click token is connected to a USB port. NOTE: If the smart card 1. In HP ProtectTools Security
  • HP Dc7900 | HP ProtectTools User Guide - Page 33
    . When you log on with a virtual token, you are asked for a user PIN to complete the authentication. To create a new virtual token: 1. In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. 2. Click My Identity, and then click Register Smart Card or Token
  • HP Dc7900 | HP ProtectTools User Guide - Page 34
    , and then click Next. 5. Follow the on-screen instructions to complete the PIN change. NOTE: If you enter settings on page 30. 1. In HP ProtectTools Security Manager for Administrators, click account as the account for the Windows Logon service. Logging on to Windows with Credential Manager You
  • HP Dc7900 | HP ProtectTools User Guide - Page 35
    next logon check box. 6. Follow the on-screen instructions. If your authentication information is correct, you will be information, such as bank account numbers. For more information, refer to Manager. You can also register an application manually. Using automatic registration 1. Open an application
  • HP Dc7900 | HP ProtectTools User Guide - Page 36
    desired record in the list. 4. Follow the on-screen instructions. Managing applications and credentials Modifying application properties 1. In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then click Services and Applications from the left pane. 2. Click Manage
  • HP Dc7900 | HP ProtectTools User Guide - Page 37
    export, and then click More. 4. Follow the on-screen instructions to complete the export. 5. Click OK. Importing an application 1. In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then click Services and Applications in the left pane. 2. Click Manage Applications
  • HP Dc7900 | HP ProtectTools User Guide - Page 38
    opens. 5. Follow the on-screen instructions. Removing protection from an application To remove restrictions from an application: 1. In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. 2. Click Services and Applications. 3. Click Application Protection
  • HP Dc7900 | HP ProtectTools User Guide - Page 39
    " page, you can view the list of available authentication methods, and modify the settings. To configure the credentials: 1. In HP ProtectTools Security Manager for Administrators, click Credential Manager in the left pane. 2. Click Multifactor Authentication. 3. Click the Credentials tab
  • HP Dc7900 | HP ProtectTools User Guide - Page 40
    display. ● Services and Applications-Allows you to view the available services and modify the settings for those services. ● instructions to modify the settings. 5. Click Apply, and then click OK. Example 1-Using the "Advanced Settings" page to allow Windows logon from Credential Manager 1. In HP
  • HP Dc7900 | HP ProtectTools User Guide - Page 41
    above may be slightly different for Windows XP. Example 2-Using the "Advanced Settings" page to require user verification before Single Sign On 1. In HP ProtectTools Security Manager for Administrators, click Credential Manager, and then click Settings. 2. Click the Single Sign On tab. 3. Under When
  • HP Dc7900 | HP ProtectTools User Guide - Page 42
    encrypted drives unless you have registered with the Drive Encryption recovery service. Reinstalling the Drive Encryption module will not enable you to If the Windows administrator has enabled Pre-boot Security in the HP ProtectTools Security Manager for Administrators, you will log in to the
  • HP Dc7900 | HP ProtectTools User Guide - Page 43
    on the computer. Activating a TPM-protected password Use Embedded Security for HP ProtectTools to activate the TPM. After activation, logging in at the TPM settings are migrated to that computer. 1. Use Embedded Security for HP ProtectTools to activate the TPM. 2. Open Drive Encryption, and click
  • HP Dc7900 | HP ProtectTools User Guide - Page 44
    Service this service. serial number, click Start, and then click Help and Support. 7. If you do not have a subscription coupon, click the Click here to purchase coupons link. Clicking the link directs you to the SafeBoot Recovery Service Web site. Do not exit the wizard. 8. Click Purchase Coupon Codes
  • HP Dc7900 | HP ProtectTools User Guide - Page 45
    Service" Web page opens, click Recovery Service Account or Recovery Process. 4. On the recovery service logon page, enter your e-mail address, password, and the numbers that stores your backup key. 3. When the Drive Encryption for HP ProtectTools logon dialog box opens, click Cancel. 4. Click Options
  • HP Dc7900 | HP ProtectTools User Guide - Page 46
    Web site at http://www.safeboot-hp.com. 7. Click Recovery Process. 8. On the recovery service logon page, enter your e-mail address, password, and the numbers and letters you see in the box. 9. Click Logon. 10. Click Recovery Process. 11. Enter the client code you recorded from the computer you
  • HP Dc7900 | HP ProtectTools User Guide - Page 47
    Privacy Manager. Opening Privacy Manager To open Privacy Manager: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. 2. Click Privacy Manager: Sign and Chat. - or - Right-click the
  • HP Dc7900 | HP ProtectTools User Guide - Page 48
    case you need to restore your Privacy Manager Certificate and associated keys. 5. Enter and confirm a password, and then click Next. 38 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 49
    6. Authenticate using your chosen security logon method. 7. If you choose to begin the Trusted Contact invitation process, follow the on-screen instructions. - or - If you click Cancel, refer to Managing Trusted Contacts for information on adding a Trusted Contact at a later time. Viewing Privacy
  • HP Dc7900 | HP ProtectTools User Guide - Page 50
    When the confirmation dialog box opens, click Yes. 5. Authenticate using your chosen security logon method. 6. Follow the on-screen instructions. Managing Trusted Contacts Trusted Contacts are users with whom you have exchanged Privacy Manager Certificates, enabling you to securely communicate with
  • HP Dc7900 | HP ProtectTools User Guide - Page 51
    Adding Trusted Contacts 1. You send an e-mail invitation to a Trusted Contact recipient. 2. The Trusted Contact recipient responds to the e-mail. 3. You receive the e-mail response from the Trusted Contact recipient, and click Accept. You can send Trusted Contact e-mail invitations to individual
  • HP Dc7900 | HP ProtectTools User Guide - Page 52
    Manager. 2. Click the Trusted Contact you want to delete. 3. Click Delete contact. 4. When the confirmation dialog box opens, click Yes. 42 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 53
    toolbar of all Microsoft Word, Microsoft Excel, and Microsoft PowerPoint documents. Configuring Privacy Manager in a Microsoft Office document 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click File Sanitizer, and then click Shred Now. 2. When
  • HP Dc7900 | HP ProtectTools User Guide - Page 54
    signature lines for those users at the bottom of the final page of the document with instructions to sign by a specific date. To add a suggested signer to a Microsoft Word or Microsoft Excel document: 1. that their signature is required. 44 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 55
    To sign the document: 1. Double-click the appropriate signature line. 2. Authenticate using your chosen security logon method. The signature line will be shown according to the settings specified by the owner of the document. Encrypting a Microsoft Office document You can encrypt a Microsoft Office
  • HP Dc7900 | HP ProtectTools User Guide - Page 56
    Attach the Microsoft Office document. 4. Refer to Sealing and sending an e-mail message for further instructions. Viewing a signed Microsoft Office document NOTE: You do not need to have a Privacy Manager Certificate e-mail, and then click OK. 46 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 57
    to Windows Live Messenger, follow these steps: 1. Log in to Windows Live Home. 2. Click the Windows Live icon, and then click Windows Live Services. 3. Click Gallery, and then click Messenger. 4. Click Activities, and then click Safety and Security. 5. Click Privacy Manager Chat, and then follow the
  • HP Dc7900 | HP ProtectTools User Guide - Page 58
    . 2. To specify the amount of time Privacy Manager Chat waits before locking your session, select a number from the Lock session after _ minutes of inactivity box. 3. To specify a history folder for your messages by clicking the message header. 48 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 59
    Display history for menu to select only specific accounts to view. Starting the Chat History viewer 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. 2.
  • HP Dc7900 | HP ProtectTools User Guide - Page 60
    , authenticate using your chosen security logon method. The session content is decrypted. Search sessions for specific text You can only search for text in revealed (decrypted) sessions that are displayed in the to move it to the right panel. 50 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 61
    left panel. Filter displayed sessions A list of sessions for all of your accounts is displayed in the Chat History Viewer. Displaying sessions for a specific account ▲ In the Chat History Viewer, select an account from the Display history for menu. Displaying sessions for a range of dates 1. In the
  • HP Dc7900 | HP ProtectTools User Guide - Page 62
    name or click Browse to search for a location, and then click Next. 5. On the "Migration File Import" page, click Finish. 52 Chapter 5 Privacy Manager for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 63
    can also customize a shred profile, which allows you to specify the number of shred cycles, which assets to include for shredding, which assets an automatic free space bleaching schedule or you can manually activate free space bleaching using the HP ProtectTools icon in the notification area, at the
  • HP Dc7900 | HP ProtectTools User Guide - Page 64
    ● Double-click the File Sanitizer icon. - or - ● Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, click assets that you delete using the Windows Recycle Bin or for manually deleted assets. Free space bleaching provides no additional security to shredded
  • HP Dc7900 | HP ProtectTools User Guide - Page 65
    shredding may take a significant length of time; however, the higher the number of shred cycles you specify, the more secure the computer is. 3. Remove. 5. Under Do not shred the following, click Add to select the specific assets that you want to exclude from shredding. NOTE: Only file extensions can
  • HP Dc7900 | HP ProtectTools User Guide - Page 66
    the asset, and then click Remove 4. Under Do not shred the following, click Add to select the specific assets that you want to exclude from shredding. NOTE: Only file extensions can be excluded from deleting. For Click Apply, and then click OK. 56 Chapter 6 File Sanitizer for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 67
    those assets that you delete using the Windows Recycle Bin or for manually deleted assets. Free space bleaching provides no additional security to shredded a shred profile When you create a shred profile, you specify the number of shred cycles, which assets to include for shredding, which assets to
  • HP Dc7900 | HP ProtectTools User Guide - Page 68
    then click Remove. 5. Under Do not shred the following, click Add to select the specific assets that you want to exclude from shredding. NOTE: Only file extensions can be excluded from , click Add to select the specific assets that you want to exclude from shredding. 58 Chapter 6 File Sanitizer for
  • HP Dc7900 | HP ProtectTools User Guide - Page 69
    : Shredded assets cannot be recovered. Carefully consider which items you select for manual shredding. 1. Navigate to the document or folder you want to shred. 2. Drag the asset to the File Sanitizer icon on the desktop. 3. When the confirmation dialog box opens, click Yes. 4. Click Yes to confirm
  • HP Dc7900 | HP ProtectTools User Guide - Page 70
    opens, click Yes. - or - 1. Right-click the File Sanitizer icon on the desktop, and then click Shred Now. 2. When the confirmation dialog box opens, click Yes. Manually activating free space bleaching 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar
  • HP Dc7900 | HP ProtectTools User Guide - Page 71
    Aborting a shred or free space bleaching operation When a shred or free space bleaching operation is in progress, a message above the HP ProtectTools Security Manager for Administrators icon in the notification area is displayed. The message provides details on the shred or free space bleaching
  • HP Dc7900 | HP ProtectTools User Guide - Page 72
    to grant access - like using an ATM card with a PIN. The Java Card can be used to access Credential Manager, Drive Encryption, HP BIOS, or any number of third party access points. With Java Card Security, you can accomplish the following tasks: ● Access Java Card Security features ● Work with the
  • HP Dc7900 | HP ProtectTools User Guide - Page 73
    or incorrectly displayed. In addition, the card reader drivers must be correctly installed, as shown in Windows Device Manager. characters. 1. Select Start > All Programs > HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. 2.
  • HP Dc7900 | HP ProtectTools User Guide - Page 74
    Card: 1. Select Start > All Programs > HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. 2. In steps: 1. Enable Java Card power-on authentication support in BIOS Configuration or Computer Setup. 2. Enable Java Card power
  • HP Dc7900 | HP ProtectTools User Guide - Page 75
    . 7. When you are prompted to create a recovery file, click Cancel to create a recovery file at a later time or click OK and follow the on-screen instructions in the HP ProtectTools Backup Wizard to create a recovery file now. NOTE: For more information, see Backing up and restoring
  • HP Dc7900 | HP ProtectTools User Guide - Page 76
    be set up in order to create a user Java Card. To create a user Java Card: 1. Select Start > All Programs > HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. 2. In the left pane, click Java Card Security, and then click Advanced
  • HP Dc7900 | HP ProtectTools User Guide - Page 77
    hardware ports. ● Configure boot options, which includes enabling MultiBoot and changing the boot order. NOTE: All of the features in BIOS Configuration for HP ProtectTools are also available in F10 Setup. For detailed instructions on using F10 Setup, refer to the Computer Setup (F10) Utility Guide
  • HP Dc7900 | HP ProtectTools User Guide - Page 78
    the Show Hidden Icons icon (< or
  • HP Dc7900 | HP ProtectTools User Guide - Page 79
    chassis, serial number, etc. The only File data that can be edited is the asset tracking number. All other data is read only. NOTE: For more information on File options, refer to the Computer Setup (F10) Utility Guide. Storage The Storage option within BIOS Configuration for HP ProtectTools provides
  • HP Dc7900 | HP ProtectTools User Guide - Page 80
    (F10) Utility Guide. Advanced The settings within the Advanced option of BIOS Configuration for HP ProtectTools are intended for advanced users. These settings include: ● Power-On Options ● Execute Memory Test (some models) ● BIOS Power-On ● Onboard Devices ● PCI Devices ● PCI VGA Configuration
  • HP Dc7900 | HP ProtectTools User Guide - Page 81
    the key hierarchy ● Support for third-party applications HP ProtectTools can use the embedded chip as an authentication factor when the user logs on to Windows. On select models, the TPM embedded security chip also enables enhanced BIOS security features accessed through BIOS Configuration for HP
  • HP Dc7900 | HP ProtectTools User Guide - Page 82
    the Computer Setup utility as described below. This procedure cannot be performed in BIOS Configuration for HP ProtectTools. To enable the embedded security chip in Computer Setup: 1. Open and Exit. Then follow the on-screen instructions. 72 Chapter 9 Embedded Security for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 83
    area, at the far right of the taskbar, and then select Embedded Security Initialization. The HP ProtectTools Embedded Security Initialization Wizard opens. 2. Follow the on-screen instructions. Setting up the basic user account Setting up a basic user account in Embedded Security accomplishes
  • HP Dc7900 | HP ProtectTools User Guide - Page 84
    your e-mail. For more information, refer to the Embedded Security software Help, and the software Help for your e-mail program. 74 Chapter 9 Embedded Security for HP ProtectTools ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 85
    left pane, click Embedded Security, and then click Backup. 3. In the right pane, click Backup. The HP Embedded Security for ProtectTools Backup Wizard opens. 4. Follow the on-screen instructions. Restoring certification data from the backup file To restore data from the backup file: 1. Click Start
  • HP Dc7900 | HP ProtectTools User Guide - Page 86
    Changing the owner password To change the owner password: 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or HP ProtectTools Security Manager in Windows XP. 2. In the left pane, click Embedded Security, and then click Advanced.
  • HP Dc7900 | HP ProtectTools User Guide - Page 87
    Migrating keys with the Migration Wizard Migration is an advanced administrator task that allows the management, restoration, and transfer of keys and certificates. For details on migration, refer to the Embedded Security software Help. ENWW Advanced tasks 77
  • HP Dc7900 | HP ProtectTools User Guide - Page 88
    membership Starting background service For device profiles to be applied, the HP ProtectTools Device Locking/Auditing background service must be running. ● All DVD/CD-ROM drives for all non-administrators ● All serial and parallel ports for all non-administrators To deny access to a class of device
  • HP Dc7900 | HP ProtectTools User Guide - Page 89
    configuration (advanced) More selections are available to allow specific users or groups of users to be granted or denied access to types of devices. Adding a user or a group 1. Click Start, click All Programs, and then click HP ProtectTools Security Manager for Administrators in Windows Vista or
  • HP Dc7900 | HP ProtectTools User Guide - Page 90
    Troubleshooting Credential Manager for HP or USB tokens in Credential Manager, the supporting software (drivers, PKCS#11 providers, etc.) must be specific Single Sign On cannot be disabled for a given application, call HP technical support and request 3rd-level support through your HP Service
  • HP Dc7900 | HP ProtectTools User Guide - Page 91
    Desktop Connection (RDP) are set to Connect, when Single Sign On is relaunched, it always enters Save As instead of Connect. HP to hibernation on Windows XP Service Pack 1 only. After , then the user must manually log on to Credential Manager Setup utility, BIOS Configuration, or HP Client Manager
  • HP Dc7900 | HP ProtectTools User Guide - Page 92
    Identity process loses association with virtual token. Details Solution HP is investigating resolution options for future customer software releases. When token is restored through identity restore. HP is investigating long-term options for resolution. 82 Chapter 11 Troubleshooting ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 93
    EFS and is not related to HP ProtectTools software. The user is able backup copy. Users should be instructed never to encrypt or delete the or Secure Digital (SD) Memory Card when creating the emergency the recovery archive on removable media is not supported. The recovery archive can be stored on
  • HP Dc7900 | HP ProtectTools User Guide - Page 94
    Setup (F10) Utility password can only be removed by a user who knows the password. However, HP strongly recommends having the Computer Setup (F10) Utility password protected at all times. The PSD password box by online Certification Authorities and are trusted. 84 Chapter 11 Troubleshooting ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 95
    RAM. The root cause is suspected to be a timing issue in low memory configurations. Integrated graphics uses UMA architecture taking 8 MB of memory . The workaround is to reboot the system and increase memory configuration (HP does not ship 128-MB configurations with security modules).
  • HP Dc7900 | HP ProtectTools User Guide - Page 96
    mail is supported, even when is set and controlled by 3rd-party applications. The HP wizard allows linkage to the three reference applications for process proceeds. ● Resets the chip to factory settings in the BIOS. ● Reboots the computer. ● Begins to restore Embedded Security Troubleshooting ENWW
  • HP Dc7900 | HP ProtectTools User Guide - Page 97
    message is not clear and should state a more appropriate message. HP is working to enhance this in future products. The security system to operate properly and makes TPM-encrypted data inaccessible. Unhide the TPM in BIOS: Open the Computer Setup (F10) Utility, navigate to Security > Device
  • HP Dc7900 | HP ProtectTools User Guide - Page 98
    Task is created manually. HP is working to HP Notebook 1.1B implementations, as well as supporting HP Desktop 1.2 implementations. HP will address this issue in future releases. This option to disable is still supported in the software interface for TPM 1.1 platforms. 88 Chapter 11 Troubleshooting
  • HP Dc7900 | HP ProtectTools User Guide - Page 99
    Services. In the Services window, search for the HP ProtectTools Device Locking/Auditing service. Be sure that the service . Expand the levels in the Device Class tree and review the settings applicable to the User. Check for any to have specific Windows groups, one for allowing access to DVD/CD and
  • HP Dc7900 | HP ProtectTools User Guide - Page 100
    effect. 4. If the BIOS TPM is factory-reset, driver library version 2.0.0.9 (or greater) 5. If the FW version does not match 2.18, download and update the TPM firmware. The TPM Firmware SoftPaq is a support download available on the HP Web site at http://www.hp.com. 90 Chapter 11 Troubleshooting
  • HP Dc7900 | HP ProtectTools User Guide - Page 101
    to a timing dependency on plug-in services load time when closing and restarting Security TPM preboot authentication is enabled in BIOS. The TPM BIOS PIN is associated with the first support). However, after reenabling Embedded Security Device, Power-on authentication support remains enabled. HP
  • HP Dc7900 | HP ProtectTools User Guide - Page 102
    BIOS Password during boot sequence. Power-On Authentication prompts the user to log on to the system using the TPM password, but, if the user presses F10 to access the BIOS , the user is granted Read rights access only. To be able to write to BIOS, the user must type the BIOS BIOS BIOS to communicate
  • HP Dc7900 | HP ProtectTools User Guide - Page 103
    for HP ProtectTools. Automatic Technology Manager (ATM). Allows network administrators to manage systems remotely at the BIOS level. eligibility for a particular task in the authentication process. cryptographic service provider (CSP). Provider or library of cryptographic algorithms that can
  • HP Dc7900 | HP ProtectTools User Guide - Page 104
    backup key. You must create an account with the service to set up online access to your backup key the data more difficult. identity. In the HP ProtectTools Credential Manager, a group of credentials and specific keys that, when pressed, initiates an automatic shred-for example, Ctrl+Alt+S. manual
  • HP Dc7900 | HP ProtectTools User Guide - Page 105
    cycle. The number of times the shred algorithm is executed on each asset. The higher the number of shred cycles password authentication. smart card. Small piece of hardware, similar in BIOS Configuration that provides enhanced protection for the power-on and administrator passwords and other forms
  • HP Dc7900 | HP ProtectTools User Guide - Page 106
    Contact. Trusted Platform Module (TPM) embedded security chip. The generic term for the HP ProtectTools Embedded Security Chip. A TPM authenticates a computer, rather than a user, by storing information specific to the host system, such as encryption keys, digital certificates, and passwords. A TPM
  • HP Dc7900 | HP ProtectTools User Guide - Page 107
    , modifying 27 SSO manual registration 26 SSO new application 25 token PIN, changing 23 troubleshooting 80 user verification 31 drive 32 Device Access Manager for HP ProtectTools background service 78 device class configuration 79 simple configuration 78 troubleshooting 89 user or group, adding 79
  • HP Dc7900 | HP ProtectTools User Guide - Page 108
    resetting user password 76 setup procedures 72 troubleshooting 83 emergency recovery 73 emergency recovery token HP ProtectTools aborting a shred or free space bleaching operation 61 free space bleaching 53 manually activating free space bleaching 60 manually shredding all selected items 60 manually
  • HP Dc7900 | HP ProtectTools User Guide - Page 109
    secure drive (PSD) 74 power BIOS Configuration for HP ProtectTools 70 power-on password definition 8 Privacy Manager for HP ProtectTools add or remove columns 50 sessions for a range of dates 51 displaying sessions for a specific account 51 displaying sessions that are saved in a folder other
  • HP Dc7900 | HP ProtectTools User Guide - Page 110
    exporting applications 26 manual registration 26 modifying application properties 26 removing applications 26 storage BIOS Configuration for HP ProtectTools 69 T targeted theft, protecting against 5 token, Credential Manager 22 TPM chip enabling 72 initializing 73 troubleshooting Credential Manager
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
HP ProtectTools
User Guide