HP ML350 Technology and architecture of HP ProLiant Intel-based 300-series G6 - Page 19

Security, Trusted Platform Module, BitLocker Drive Encryption, Systems management and monitoring - proliant dl380

Get HP ML350 - ProLiant - G6 PDF manuals and user guides View all HP ML350 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 19 highlights

Visit the SPEC website for ProLiant DL380 G6 test results: http://www.spec.org/power_ssj2008/results/res2009q2/power_ssj2008-20090325-00136.html Security The Trusted Platform Module™ (TPM) and Microsoft® BitLocker® technology are supported in all ProLiant 300-series G6 servers by means of the available Trusted Platform Module option kit. Trusted Platform Module The Trusted Platform Module v1.2 supported on ProLiant G6 servers is a microcontroller chip that can create, securely store, and manage artifacts such as passwords, certificates, and encryption keys that are used to authenticate the server platform. The TPM 1.2 chip provides a unique Endorsement Key (EK) and a unique Storage Root Key (SRK). It provides data encryption and uses RSA, SHA-1, RNG cryptographic functions to provide access protection, OS level protection, and stolen disk protection. The TPM 1.2 chip can also store platform measurements (hashes) to help ensure that the platform remains trustworthy. TPM enables Microsoft BitLocker, part of Windows® Server 2008. TPM is an option on all ProLiant 300-series G6 servers. For more information about TPM, go to http://www.hp.com/go/TPM BitLocker Drive Encryption Microsoft BitLocker Drive Encryption (BitLocker) is a data protection feature available in Windows Server 2008. BitLocker uses the enhanced security capabilities of TPM version 1.2 to protect data and to ensure that a server running Windows Server 2008 has not been compromised while the system was offline. Implementing BitLocker requires the following: • The Master Boot Record (MBR), a small, encrypted system partition of approximately 50 MB to contain boot utilities • TPM version 1.2 • Trusted Computing Group (TCG) compliant firmware including support of "Static Root of Trust" • Two NTFS partitions on the boot drive During the boot process, the TPM will not release the encryption key until completing a comparison of operating system configuration information (or hash) with an earlier snapshot of the same data. If any part of the hash is compromised (for example by introduction of malicious code), the TPM ensures that the volume encryption key is never released. Systems management and monitoring HP offers management tools to program and control all aspects of the dynamic server environment. The HP Insight Control (ICE) suite provides a foundation for deploying, managing, optimizing, and controlling the entire server environment from any location. HP Insight Dynamics - VSE suite for ProLiant delivers comprehensive functions for optimizing and balancing resources and workloads in real time. HP ProLiant Onboard Administrator powered by the iLO 2 management processor, provides remote management with other core embedded management functions to simplify setup, health monitoring, power and thermal control, and remote administration. 19

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
Visit the SPEC website for ProLiant DL380 G6 test results:
Security
The Trusted Platform Module™ (TPM) and Microsoft® BitLocker® technology are supported in all
ProLiant 300-series G6 servers by means of the available Trusted Platform Module option kit.
Trusted Platform Module
The Trusted Platform Module v1.2 supported on ProLiant G6 servers is a microcontroller chip that can
create, securely store, and manage artifacts such as passwords, certificates, and encryption keys that
are used to authenticate the server platform. The TPM 1.2 chip provides a unique Endorsement Key
(EK) and a unique Storage Root Key (SRK). It provides data encryption and uses RSA, SHA-1, RNG
cryptographic functions to provide access protection, OS level protection, and stolen disk protection.
The TPM 1.2 chip can also store platform measurements (hashes) to help ensure that the platform
remains trustworthy. TPM enables Microsoft BitLocker, part of Windows® Server 2008.
TPM is an option on all ProLiant 300-series G6 servers. For more information about TPM, go to
BitLocker Drive Encryption
Microsoft BitLocker Drive Encryption (BitLocker) is a data protection feature available in Windows
Server 2008. BitLocker uses the enhanced security capabilities of TPM version 1.2 to protect data and
to ensure that a server running Windows Server 2008 has not been compromised while the system
was offline.
Implementing BitLocker requires the following:
The Master Boot Record (MBR), a small, encrypted system partition of approximately 50 MB to
contain boot utilities
TPM version 1.2
Trusted Computing Group (TCG) compliant firmware including support of “Static Root of Trust”
Two NTFS partitions on the boot drive
During the boot process, the TPM will not release the encryption key until completing a comparison of
operating system configuration information (or hash) with an earlier snapshot of the same data. If any
part of the hash is compromised (for example by introduction of malicious code), the TPM ensures that
the volume encryption key is never released.
Systems management and monitoring
HP offers management tools to program and control all aspects of the dynamic server environment.
The HP Insight Control (ICE) suite provides a foundation for deploying, managing, optimizing, and
controlling the entire server environment from any location. HP Insight Dynamics – VSE suite for
ProLiant delivers comprehensive functions for optimizing and balancing resources and workloads in
real time. HP ProLiant Onboard Administrator powered by the iLO 2 management processor, provides
remote management with other core embedded management functions to simplify setup, health
monitoring, power and thermal control, and remote administration.
19