HP Pro A Maintenance and Service Guide - Page 60
Computer Setup F10 Utility, Computer Setup-Security continued
View all HP Pro A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 60 highlights
Table 5-3 Computer Setup-Security (continued) Option Description Network Boot Enables/disables the computer's ability to boot from an operating system installed on a network server. Default is enabled. System IDs Allows you to set: ● Product Name ● Serial Number ● Universal Unique Identifier (UUID) number. The UUID can only be updated if the current chassis serial number is invalid. (These ID numbers are normally set in the factory and are used to uniquely identify the system.) ● SKU Number ● Family Name ● Feature Byte. Default is enabled. ● Build ID ● Keyboard. System Security (these options are hardware dependent) NOTE: Available options are displayed depending on system configuration. Virtualization Technology (VTx/VTd) (enable/disable) - Controls the virtualization features of the processor. Changing this setting requires turning the computer off and then back on. Default is disabled. Intel Software Guard Extensions (SGX) (Software controlled/enable/disable) TPM Features - Lets you configure the following TPM settings: TPM Device Lets you set the Trusted Platform Module as available or hidden. TPM State Select to enable the TPM. Clear TPM Select to reset the TPM to an unowned state. After the TPM is cleared, it is also turned off. To temporarily suspend TPM operations, turn the TPM off instead of clearing it. CAUTION: Clearing the TPM resets it to factory defaults and turns it off. You will lose all created keys and data protected by those keys. Secure Boot Configuration CAUTION: Changing the default setting of any of the Setup options on this page for operating systems that do not support Secure Boot may prevent the system from booting successfully. ● Legacy Support-Enable/Disable. Allows you to turn off all legacy support on the computer, including booting to DOS, running legacy graphics cards, booting to legacy devices, and so on. If set to disable, legacy boot options in Storage > Boot Order are not displayed. Default is enabled. ● Secure Boot-Enable/Disable. Allows you to make sure an operating system is legitimate before booting to it, making Windows resistant to malicious modification from preboot to full OS booting, preventing firmware attacks. UEFI and Windows Secure Boot only allow code signed by pre-approved digital certificates to run during the firmware and OS boot process. Default is disabled, except for Windows systems which have this setting enabled. Secure Boot enabled also sets Legacy Support to disabled. ● Key Management-This option lets you manage the custom key settings. - Clear Secure Boot Keys-Don't Clear/Clear. Allows you to delete any previously loaded custom boot keys. Default is Don't Clear. - Key Ownership-HP Keys/Custom Keys. Selecting Custom Mode allows you to modify the contents of the secure boot signature databases and the platform key (PK) that verifies kernels 52 Chapter 5 Computer Setup (F10) Utility