Home » HP Manuals » Desktops » HP Z840 » Manual Viewer

HP Z840 Maintenance and Service Guide - Page 47

SATA hard drive security, DriveLock applications, WARNING

Add to My Manuals
Save this manual to your list of manuals

Page 47 highlights

Feature Removable Media Boot Control USB Interface Control Power-On Password Setup Password Purpose Prevents booting from removable media drives Prevents transfer of data through the integrated USB interface Prevents use of the computer until the password is entered (applies to initial system startup and restarts) Prevents reconfiguration of the computer (through Computer Setup (F10) Utility) until the password is entered SATA hard drive security HP computers include the HP DriveLock facility for SATA hard drives to prevent unauthorized access to data. WARNING! Enabling DriveLock can render a SATA hard drive permanently inaccessible if the master password is lost or forgotten. No method exists to recover the password or access the data. DriveLock has been implemented as an extension to Computer Setup (F10) Utility functions. It is only available when hard drives that support the ATA security command set are detected. On HP computers, it is not available when the SATA emulation mode is RAID. DriveLock is for HP customers for whom data security is the paramount concern. For such customers, the cost of a hard drive and the loss of the data stored on it is inconsequential when compared to the damage that could result from unauthorized access to its contents. To balance this level of security with the need to address the issue of a forgotten password, the HP implementation of DriveLock employs a two-password security scheme. One password is intended to be set and used by a system administrator, while the other is typically set and used by the user. No "back door" can be used to unlock the drive if both passwords are lost. Therefore, DriveLock is most safely used when the data contained on the hard drive is replicated on a corporate information system or is regularly backed up. If both DriveLock passwords are lost, the hard drive is inaccessible. For users who do not fit the previously defined customer profile, this outcome might not be acceptable. For users who fit this profile, the outcome might be a tolerable risk, given the nature of the data stored on the hard drive. DriveLock applications The most practical use of DriveLock is in a corporate environment. The system administrator would be responsible for configuring the hard drive, which involves setting the DriveLock master password and a temporary user password. If the system administrator forgets the user password or if the equipment is passed on to another employee, the master password can be used to reset the user password and restore access to the hard drive. HP recommends that corporate system administrators who enable DriveLock also establish a corporate policy for setting and maintaining master passwords. This precaution will prevent loss of information if an employee sets both DriveLock passwords before leaving the company. In such a scenario, the hard drive is inaccessible and must be replaced. Likewise, by not setting a master password, system administrators might find themselves locked out of a hard drive and unable to perform routine checks for unauthorized software, other asset control functions, and support. For users with less stringent security requirements, HP does not recommend enabling DriveLock. Users in this category include personal users, or users who do not maintain sensitive data on their hard drives as a common practice. For these users, the potential loss of a hard drive resulting from forgetting both passwords is much greater than the value of the data DriveLock protects. Desktop management 37

Section	Page
Hardware overview	11
HP Z440 Workstation components	11
HP Z440 Workstation front panel components	12
HP Z440 Workstation rear panel components	13
HP Z440 Workstation chassis components	14
HP Z440 Workstation system board components	15
HP Z440 Workstation system board architecture	16
HP Z440 Workstation specifications	16
HP Z640 Workstation components	18
HP Z640 Workstation front panel components	18
HP Z640 Workstation rear panel components	19
HP Z640 Workstation chassis components	20
HP Z640 Workstation system board components	21
HP Z640 Workstation system board architecture	22
HP Z640 Workstation system board riser architecture	23
HP Z640 Workstation specifications	23
HP Z840 Workstation components	25
HP Z840 Workstation front panel components	25
HP Z840 Workstation rear panel components	26
HP Z840 Workstation chassis components	27
HP Z840 Workstation system board components	28
HP Z840 Workstation system board architecture	29
HP Z840 Workstation specifications	30
Environmental specifications	31
Ensuring proper ventilation	32
System management	33
Power management features	33
ERP compliance mode	33
Hyper-Threading Technology (HTT)	34
SATA Power Management	34
Intel Turbo Boost Technology	34
BIOS ROM	34
Computer Setup (F10) Utility	35
Computer Setup (F10) Utility functions	35
Accessing Computer Setup (F10) Utility	36
Computer Setup (F10) Utility menu	37
Desktop management	42
Initial computer configuration and deployment	43
Installing a remote system	43
Copying a setup configuration to another computer	43
Updating and managing software	44
LANDesk Software	44
HP Driver Pack	44
HP SoftPaq Download Manager	44
HP System Software Manager	45
ROM Flash	45
Remote ROM Flash	45
HPQFlash	45
FailSafe Boot Block	45
Recovering the computer from Boot Block Recovery mode	46
Workstation security	46
Asset tracking	46
SATA hard drive security	47
DriveLock applications	47
Using DriveLock	48
Enabling DriveLock	48
Password security	49
Establishing a setup password using Computer Setup (F10) Utility	49
Establishing a power-on password using computer setup	49
Entering a power-on password	50
Entering a setup password	50
Changing a power-on or setup password	50
Deleting a power-on or setup password	51
National keyboard delimiter characters	52
Clearing passwords	52
Chassis security	52
Smart Cover Sensor	52
Setting the protection level	53
Cable lock (optional)	53
Fault notification and recovery	53
ECC fault prediction	53
Thermal sensors	53
Dual-state power button	53
Changing the power button configuration (Windows only)	54
Component replacement information and guidelines	55
Warnings and cautions	55
Service considerations	56
Tools and software requirements	56
Electrostatic discharge (ESD) information	56
Product recycling	58
Component replacement guidelines	58
Battery	58
Cable management	59
Processor and processor heatsink	60
Expansion slots	61
Card configuration restrictions for power supplies	61
Choosing an expansion card slot	61
HP Z440 Workstation slot identification and description	62
HP Z440 Workstation installation sequence recommendations	63
HP Z640 Workstation slot identification and description	64
HP Z640 Workstation installation sequence recommendations	64
HP Z840 Workstation slot identification and description	66
HP Z840 Workstation installation sequence recommendations	67
Hard drives and optical drives	69
Handling hard drives	69
Removal and replacement tips	69
Drive installation and cabling scenarios	69
HP Z440 Workstations — Intel AHCI SATA controller guidelines	70
HP Z440 Workstations — LSI 9217-4i4e RAID controller guidelines	71
HP Z640 Workstations — Intel AHCI SATA controller guidelines	72
HP Z640 Workstations — LSI 9217-4i4e RAID controller guidelines	73
HP Z840 Workstation cabling guidelines	74
Memory	75
Supported DIMM configurations	75
BIOS errors and warnings	75
DIMM installation guidelines	75
HP Z440 Workstation DIMM installation order	76
HP Z640 Workstation DIMM installation order	77
HP Z840 Workstation DIMM installation order	78
Power supply	79
Power supply specifications	79
HP Z440 power supply specifications	79
HP Z640 power supply specifications	80
HP Z840 power supply specifications	81
Power consumption and heat dissipation	82
Resetting the power supply	82
System board	82
System cabling	83
HP Z440 Workstation system cabling	83
HP Z640 Workstation system cabling	84
HP Z840 Workstation system cabling	85
Diagnostics and troubleshooting	86
Calling support	86
Locating ID labels	87
Locating warranty information	87
Diagnosis guidelines	88
Diagnosis at startup	88
Diagnosis during operation	88
Troubleshooting checklist	88
HP troubleshooting resources and tools	89
Online support	89
Troubleshooting a problem	89
Instant Support and Active Chat	89
Customer Advisories, Customer and Security Bulletins, and Customer Notices	90
Product Change Notifications	90
Helpful hints	90
At startup	90
During operation	91
Customer Self-Repair program	91
Troubleshooting scenarios and solutions	92
Solving minor problems	92
Solving hard drive problems	94
Solving display problems	95
Solving audio problems	97
Solving printer problems	98
Solving power supply problems	98
Testing power supply	98
Diagnostic codes and errors	100
Diagnostic LED and audible (beep) codes	100
LED color definitions	102
POST error messages	102
Using HP PC Hardware Diagnostics (UEFI)	107
Downloading HP PC Hardware Diagnostics (UEFI) to a USB device	107
Additional BIOS crisis recovery tool	108
Using Remote HP PC Hardware Diagnostics (UEFI) settings	108
Customizing Remote HP PC Hardware Diagnostics (UEFI) settings	108
Configuring password security and resetting CMOS	109
Preparing to configure passwords	109
Resetting the password jumper	110
Clearing and resetting the CMOS	111
Using the CMOS button to reset CMOS	111
Using Computer Setup (F10) Utility to reset CMOS	112
Linux technical notes	113
System RAM	113
Audio	113
Network cards	114
Hyper-Threading Technology	114
NVIDIA Graphics Workstations	114
AMD Graphics Workstations	115
Configuring RAID devices	116
RAID hard drive maximum and associated storage controller options	116
Supported RAID configurations	117
Configuring Intel SATA RAID	118
Configuring system BIOS	118
Configuring RAID with the Intel utility	119
Configuring RAID on an LSI 2308 or LSI 9217-4i4e controller	120
RAID 0 configuration	120
RAID 1 configuration	121
RAID 1E/10 configuration	122
Configuring RAID on an LSI 9270-8i MegaRAID controller	123
RAID 0	123
Software RAID solution	124
Software RAID considerations	124
Performance considerations	124
Configuring software RAID	125
System board designators	126
HP Z440 and Z640 Workstation system board designators	126
HP Z840 Workstations	128
Statement of Volatility	131
Z440 Workstation	131
Z640 Workstation	131
Z840 Workstation	132

Match case Limit results 1 per page

Feature

Purpose

Removable Media Boot Control

Prevents booting from removable media drives

USB Interface Control

Prevents transfer of data through the integrated USB interface

Power-On Password

Prevents use of the computer until the password is entered (applies to initial system

startup and restarts)

Setup Password

Prevents

reconﬁguration

of the computer (through Computer Setup (F10) Utility) until

the password is entered

SATA hard drive security

HP computers include the HP DriveLock facility for SATA hard drives to prevent unauthorized access to data.

WARNING!

Enabling DriveLock can render a SATA hard drive permanently inaccessible if the master

password is lost or forgotten. No method exists to recover the password or access the data.

DriveLock has been implemented as an extension to Computer Setup (F10) Utility functions. It is only

available when hard drives that support the ATA security command set are detected. On HP computers, it is

not available when the SATA emulation mode is RAID.

DriveLock is for HP customers for whom data security is the paramount concern. For such customers, the cost

of a hard drive and the loss of the data stored on it is inconsequential when compared to the damage that

could result from unauthorized access to its contents.

To balance this level of security with the need to address the issue of a forgotten password, the HP

implementation of DriveLock employs a two-password security scheme. One password is intended to be set

and used by a system administrator, while the other is typically set and used by the user.

No "back door" can be used to unlock the drive if both passwords are lost. Therefore, DriveLock is most safely

used when the data contained on the hard drive is replicated on a corporate information system or is regularly

backed up.

If both DriveLock passwords are lost, the hard drive is inaccessible. For users who do not

ﬁt

the previously

deﬁned

customer

proﬁle,

this outcome might not be acceptable. For users who

ﬁt

this

proﬁle,

the outcome

might be a tolerable risk, given the nature of the data stored on the hard drive.

DriveLock applications

The most practical use of DriveLock is in a corporate environment. The system administrator would be

responsible for

conﬁguring

the hard drive, which involves setting the DriveLock master password and a

temporary user password. If the system administrator forgets the user password or if the equipment is

passed on to another employee, the master password can be used to reset the user password and restore

access to the hard drive.

HP recommends that corporate system administrators who enable DriveLock also establish a corporate policy

for setting and maintaining master passwords. This precaution will prevent loss of information if an employee

sets both DriveLock passwords before leaving the company. In such a scenario, the hard drive is inaccessible

and must be replaced. Likewise, by not setting a master password, system administrators might

ﬁnd

themselves locked out of a hard drive and unable to perform routine checks for unauthorized software, other

asset control functions, and support.

For users with less stringent security requirements, HP does not recommend enabling DriveLock. Users in this

category include personal users, or users who do not maintain sensitive data on their hard drives as a

common practice. For these users, the potential loss of a hard drive resulting from forgetting both passwords

is much greater than the value of the data DriveLock protects.

Desktop management