Compaq 6000 - ProLiant - 128 MB RAM Management Manual page 31

Table 11-1 Security Features Overview (continued)
Network Service Boot
System IDs
DriveLock Security
Setup Security Level
System Security (some
models: these options
are hardware
dependent)
ENWW
Enables/disables the computer's ability to boot from an operating system installed on a network
server. (Feature available on NIC models only; the network controller must be either a PCI expansion
card or embedded on the system board.)
Allows you to set:
●
Asset tag (18-byte identifier), a property identification number assigned by the company to the
computer.
●
Ownership tag (80-byte identifier) displayed during POST.
● Chassis serial number or Universal Unique Identifier (UUID) number. The UUID can only be
updated if the current chassis serial number is invalid. (These ID numbers are normally set in
the factory and are used to uniquely identify the system.)
●
Keyboard locale setting (for example, English or German) for System ID entry.
Allows you to assign or modify a master or user password for hard drives. When this feature is
enabled, the user is prompted to provide one of the DriveLock passwords during POST. If neither
is successfully entered, the hard drive will remain inaccessible until one of the passwords is
successfully provided during a subsequent cold-boot sequence.
NOTE: This selection will only appear when at least one drive that supports the DriveLock feature
is attached to the system.
Provides a method to allow end-users limited access to change specified setup options, without
having to know the Setup Password.
This feature allows the administrator the flexibility to protect changes to essential setup options,
while allowing the user to view system settings and configure nonessential options. The administrator
specifies access rights to individual setup options on a case-by-case basis via the Setup Security
Level menu. By default, all setup options are assigned Setup Password, indicating the user must
enter the correct Setup Password during POST to make changes to any of the options. The
administrator may set individual items to None, indicating the user can make changes to the specified
options when setup has been accessed with invalid passwords. The choice, None, is replaced by
Power-On Password if a Power-On Password is enabled.
NOTE: Setup Browse Mode must be set to Enable in order for the user to enter Setup without
knowing the setup password.
Data Execution Prevention (some models) (enable/disable) - Helps prevent operating system
security breaches.
Virtualization Technology (some models) (enable/disable) - Controls the virtualization features of the
processor. Changing this setting requires turning the computer off and then back on.
Virtualization Technology Directed I/O (some models) (enable/disable) - Controls virtualization DMA
remapping features of the chipset. Changing this setting requires turning the computer off and then
back on.
Trusted Execution Technology (some models) (enable/disable) - Controls the underlying processor
and chipset features needed to support a virtual appliance. Changing this setting requires turning
the computer off and then back on. To enable this feature you must enable the following features:
● Embedded Security Device Support
●
Virtualization Technology
●
Virtualization Technology Directed I/O
Embedded Security Device Support (some models) (enable/disable) - Permits activation and
deactivation of the Embedded Security Device. Changing this setting requires turning the computer
off and then back on.
25