HP ProDesk 600 G4 Micro PC Commercial BIOS UEFI Setup - Page 68

HP Sure Admin Enhanced BIOS Authentication Mode EBAM

Get HP ProDesk 600 G4 Micro PDF manuals and user guides View all HP ProDesk 600 G4 Micro manuals
Add to My Manuals
Save this manual to your list of manuals

Page 68 highlights

HP PC Commercial BIOS (UEFI) Setup July 2020 919946-004 You cannot provision SPM and activate HP Sure Run directly from the BIOS Setup interface. You can provision SPM using HP Client Security Manager Software or the HP Manageability Integration Kit. When provisioned, the controls in this menu can be used to deprovision the system or deactivate HP Sure Run. Table 42 Secure Platform Management Menu features Feature HP Sure Run Current State Deactivate HP Sure Run SPM Current State Unprovision SPM Type Setting (Display Only) Action Setting (Display Only) Action Description • Inactive • Active This action deactivates HP Sure Run without deprovisioning SPM. • Provisioned • Unprovisioned This action deprovisions SPM, which causes HP Sure Run to revert to the Inactive state and return HP Sure Recover to default settings. Default Inactive Notes Unprovisioned 7.7 HP Sure Admin Enhanced BIOS Authentication Mode (EBAM) This submenu allows the administrator to disable and unprovision the EBAM alternative authentication method and keys when this feature is fully enabled by associated software. Initialization and provisioning of the feature may be supported by future HP Manageability Integration Kit releases. Table 43 Enhanced BIOS Authentication Mode (EBAM) Menu features Feature EBAM Current State: Disabled Disable EBAM Local Access Key: Not Present Type Setting (Display Only) Action Setting (Display Only) Description Default This action deactivates HP Enhanced BIOS Authentication Mode. Local Access Key is the public key that is used by BIOS (as part of Sure Admin mode) to generate the encrypted "Challenge QR-code" that is used to control access to F10 setup ( response PIN is obtained using the HP Sure Admin Local Access Authenticator to read the QR-code and decrypt [if it has access to the private Local Access Key] it to obtain the response PIN) Notes Clear EBAM Local Access Key(s) and Reboot Action This action deletes all currently established EBAM Local Access Keys. © Copyright 2016-2019 HP Development Company, L.P. 7 Security Menu (2019 and older) 68

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
HP PC Commercial BIOS (UEFI) Setup
July 2020
919946-004
© Copyright 2016-2019 HP Development Company, L.P.
7
Security Menu
(2019 and older)
68
You cannot provision SPM and activate HP Sure Run directly from the BIOS Setup interface. You can provision SPM using HP
Client Security Manager Software or the HP Manageability Integration Kit. When provisioned, the controls in this menu can
be used to deprovision the system or deactivate HP Sure Run.
Table 42
Secure Platform Management Menu features
Feature
Type
Description
Default
Notes
HP Sure
Run
Current
State
Setting
(Display
Only)
Inactive
Active
Inactive
Deactivate
HP Sure
Run
Action
This action deactivates HP Sure Run without deprovisioning SPM.
SPM
Current
State
Setting
(Display
Only)
Provisioned
Unprovisioned
Unprovisioned
Unprovision
SPM
Action
This action deprovisions SPM, which causes HP Sure Run to revert to
the Inactive state and return HP Sure Recover to default settings.
7.7
HP Sure Admin Enhanced BIOS Authentication Mode (EBAM)
This submenu allows the administrator to disable and unprovision the EBAM alternative authentication method and keys
when this feature is fully enabled by associated software. Initialization and provisioning of the feature may be supported by
future HP Manageability Integration Kit releases.
Table 43
Enhanced BIOS Authentication Mode (EBAM) Menu features
Feature
Type
Description
Default
Notes
EBAM Current State:
Disabled
Setting
(Display
Only)
Disable EBAM
Action
This action deactivates HP Enhanced
BIOS Authentication Mode.
Local Access Key:
Not Present
Setting
(Display
Only)
Local Access Key is the public key
that is used by BIOS (as part of Sure
Admin mode) to generate the
encrypted “Challenge QR
-
code” that
is used to control access to F10
setup ( response PIN is obtained
using the HP Sure Admin Local
Access Authenticator to read the
QR-code and decrypt [if it has
access to the private Local Access
Key] it to obtain the response PIN)
Clear EBAM Local Access Key(s) and
Reboot
Action
This action deletes all currently
established EBAM Local Access
Keys.