HP dc5700 - Microtower PC Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Software
  5. dc5700 - Microtower PC
  6. Manual
HP dc5700 - Microtower PC Manual

HP dc5700 - Microtower PC Manual

Hp protecttools security manager guide compaq business desktops
Hide thumbs Also See for dc5700 - Microtower PC:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Troubleshooting Manual, Administrator's Manual
HP ProtectTools Security Manager Guide
HP Compaq Business Desktops

Advertisement

Table of Contents
loading

Related Manuals for HP dc5700 - Microtower PC

Summary of Contents for HP dc5700 - Microtower PC

  • Page 1 HP ProtectTools Security Manager Guide HP Compaq Business Desktops...
  • Page 2 No part of this document may be photocopied, reproduced, or translated to another language without the prior written consent of Hewlett-Packard Company. HP ProtectTools Security Manager Guide HP Compaq Business Desktops First Edition (August 2006) Document Part Number: 431330-001...

  • Page 3: About This Book

    About This Book This guide provides instructions for configuring and using HP ProtectTools Security Manager. WARNING! Text set off in this manner indicates that failure to follow directions could result in bodily harm or loss of life. CAUTION Text set off in this manner indicates that failure to follow directions could result in damage to equipment or loss of information.
  • Page 4 About This Book ENWW...

  • Page 5: Table Of Contents

    Table of contents 1 Introduction HP ProtectTools Security Manager ...................... 1 Accessing the ProtectTools Security Manager ..............1 Understanding Security Roles ......................2 Managing ProtectTools Passwords ...................... 2 Multifactor Authentication Credential Manager Logon ............5 Creating a Secure Password ....................5 Advanced Tasks ...........................
  • Page 6 6 Third-Party Solutions 7 HP Client Manager for Remote Deployment Background ............................21 Initialization ............................21 Maintenance ............................21 8 Troubleshooting Credential Manager for ProtectTools ....................23 Embedded Security for ProtectTools ....................27 Miscellaneous ............................. 33 Glossary ................................37 Index ................................... 41 ENWW...

  • Page 7: Introduction

    Introduction HP ProtectTools Security Manager ProtectTools Security Manager software provides security features that help protect against unauthorized access to the computer, networks, and critical data. Enhanced security functionality is provided by the following modules: ● HP BIOS Configuration for ProtectTools ●...

  • Page 8: Understanding Security Roles

    Understanding Security Roles In managing computer security (particularly for large organizations), one important practice is to divide responsibilities and rights among various types of administrators and users. NOTE In a small organization or for individual use, these roles may all be held by the same person.
  • Page 9 Table 1-1 Password Management (continued) next Embedded Security Basic User Key is initialized. The Embedded Security TPM chip protects the password for Power-On Authentication. Java Card administrator password Java Card Security, by IT administrator Links the Java Card to the computer for identification purposes.

  • Page 10: Chapter 1 Introduction

    Table 1-1 Password Management (continued) Windows logon password Windows Control Panel Can be used in manual logon or saved on the Java Card. Backup scheduler password Embedded Security, by IT administrator Sets backup scheduler for embedded Security NOTE A Windows user password is used to configure the backup scheduler for embedded security.

  • Page 11: Multifactor Authentication Credential Manager Logon

    Multifactor Authentication Credential Manager Logon Credential Manager Logon enables multifactor authentication technology to log on to the Windows operating system. This raises the security of the standard Windows password logon by requiring strong multifactor authentication. This also enhances the convenience of the everyday logon experience by eliminating the need to remember user passwords.

  • Page 12: Advanced Tasks

    Advanced Tasks Managing ProtectTools Settings Some of the features of ProtectTools Security Manager can be managed in BIOS Configuration. Enabling and Disabling Java Card Power-On Authentication Support If this option is available, enabling it allows you to use the Java Card for user authentication when you turn on the computer.

  • Page 13: Managing Computer Setup Passwords

    Managing Computer Setup Passwords You can use BIOS Configuration to set and change the power-on and setup passwords in Computer Setup, and also to manage various password settings. CAUTION The passwords you set through the Passwords page in BIOS Configuration are saved immediately upon clicking the Apply or OK button in the ProtectTools window.

  • Page 14: System Setup

    Click OK in the Passwords dialog box. Click Apply, and then click OK in the ProtectTools window to save your changes. System Setup Initialize HP ProtectTools Embedded Security. Initialize Basic User Key. HP Power-On Authentication Support starts as soon as the Basic User Key is set and the Basic User password is set for Power-On.

  • Page 15: Setting The Computer Setup Administrator Password

    Create/logon to a targeted change Microsoft Windows user. Open Embedded Security and initialize a Basic User Key for the new Windows user account. If a Basic User Key already exists, change the Basic User password to take ownership of Power-On Authentication.

  • Page 16: Dictionary Attack Behavior With Power-On Authentication

    Dictionary Attack Behavior with Power-On Authentication A dictionary attack is a method used to break into security systems by systematically testing all possible passwords to break a security system. A dictionary attack against Embedded Security could try to detect the Owner password, the Basic User password, or password-protected keys. Embedded Security offers an enhanced Dictionary Attack Defense.

  • Page 17: Hp Bios Configuration For Protecttools

    HP BIOS Configuration for ProtectTools Basic Concepts BIOS Configuration for ProtectTools provides access to the Computer Setup Utility security and configuration settings. This gives users Windows access to system security features that are managed by Computer Setup. With BIOS Configuration, you can ●...
  • Page 18 Chapter 2 HP BIOS Configuration for ProtectTools ENWW...

  • Page 19: Hp Embedded Security For Protecttools

    HP Embedded Security for ProtectTools Basic Concepts If available, Embedded Security for ProtectTools protects against unauthorized access to user data or credentials. This module provides the following security features: ● Enhanced Microsoft Encrypting File System (EFS) file and folder encryption ●...

  • Page 20: Setup Procedures

    Setup Procedures CAUTION To reduce security risk, it is highly recommended that the IT administrator immediately initialize the TPM embedded security chip. If the TPM embedded security chip is not initialized, an unauthorized user or a computer worm could gain access to the computer or a virus could initialize the TPM embedded security chip and restrict access to the PC.

  • Page 21: Hp Credential Manager For Protecttools

    HP Credential Manager for ProtectTools Basic Concepts Credential Manager for ProtectTools has security features that provide a secure and convenient computing environment. These features include the following: ● Alternatives to passwords when logging on to Microsoft Windows, such as using a Java Card or biometric reader ●...

  • Page 22: Logging On For The First Time

    Logging On for the First Time The first time you open Credential Manager, log on with your regular Windows Logon password. A Credential Manager account is then automatically created with your Windows logon credentials. After logging on to Credential Manager, you can register additional credentials, such as a fingerprint or a Java Card.

  • Page 23: Hp Java Card Security For Protecttools

    HP Java Card Security for ProtectTools Basic Concepts Java Card Security for ProtectTools manages the Java Card setup and configuration for computers equipped with an optional Java Card reader. With Java Card Security for ProtectTools, you can ● Access Java Card Security features ●...
  • Page 24 Chapter 5 HP Java Card Security for ProtectTools ENWW...

  • Page 25: Third-Party Solutions

    Third-Party Solutions Platforms containing a TPM require both a TCG Software Stack (TSS) and embedded security software. All models provide the TSS; embedded security software must be purchased separately for some models. For those models, an NTRU TSS is provided to support customer third-party purchase of embedded security software.
  • Page 26 Chapter 6 Third-Party Solutions ENWW...

  • Page 27: Hp Client Manager For Remote Deployment

    HP Client Manager for Remote Deployment Background HP Trustworthy platforms equipped with a Trusted Platform Module (TPM) ship with the TPM deactivated (default state). Enabling the TPM is an administrative option protected by HP BIOS-enforced policies. The administrator must be present to enter BIOS configuration options (F10 options) to enable the TPM.
  • Page 28 Chapter 7 HP Client Manager for Remote Deployment ENWW...

  • Page 29: Troubleshooting

    Troubleshooting Credential Manager for ProtectTools Short description Details Solution Using Credential Manager Using TPM authentication, the user is Using Credential Manager Single Sign On tools allows Network Accounts option, only logged into the local computer. user to authenticate other accounts. a user can select which domain account to log into.

  • Page 30: Chapter 8 Troubleshooting

    Short description Details Solution Domain administrators This happens after a domain Credential Manager cannot change a domain user's cannot change Windows administrator logs on to a domain and account password through Change Windows password even with registers the domain identity with password.
  • Page 31 Short description Details Solution Click when Java Card/token is inserted. Select the Advise to log-on checkbox. Users lose all Credential If the TPM module is removed or This is as designed. Manager credentials damaged, users lose all credentials The TPM Module is designed to protect the Credential protected by the TPM, if protected by the TPM.
  • Page 32 Short description Details Solution ProtectTools, or HP Client Manager. To enable the TPM embedded security chip: Open Computer Setup by turning on or restarting the computer, and then pressing while the F10 = ROM Based Setup message is displayed in the lower-left corner of the screen. Use the arrow keys to select Security >...

  • Page 33: Embedded Security For Protecttools

    Embedded Security for ProtectTools Short description Details Solution Encrypting folders, sub If the user copies files and folders to the This is as designed. folders, and files on PSD PSD and tries to encrypt folders/files or Moving files/folders to the PSD automatically encrypts causes error message.
  • Page 34 Short description Details Solution encryption/decryption and user does not enter a password, the To reduce the time required to encrypt/decrypt data scan times. Basic User password prompt times out, using HP ProtectTools Embedded Security EFS, the allowing NAV2005 to continue with the user should disable Auto-Protect on Symantec scan.
  • Page 35 Short description Details Solution the system becomes Basic User password. If the user does The user has to log off and back on to view the PSD active after Standby status not enter the password and the system password box again. goes into Standby, the password dialog box is no longer available when the user resumes.
  • Page 36 Short description Details Solution until the Admin tool is closed. If user clicks No in that dialog box, then the Admin tool does not open at all and uninstall proceeds. Intermittent system lockup System may lock up with a black screen Root Cause suspicion is a timing issue in low memory occurs after creating PSD and non-responding keyboard and...
  • Page 37 Short description Details Solution user if the system can automate the logon to Infineon TPM User Authentication. If user selects Yes, then the location of SPEmRecToken automatically appears in the text box. Even though this location is correct, the following error message is displayed: No Emergency Recovery Token is provided.
  • Page 38 Short description Details Solution Resetting System ROM to Resetting the system ROM to default Unhide the TPM in BIOS: default hides TPM. hides the TPM to Windows. This does Open the Computer Setup (F10) Utility, navigate to not allow the security software to operate Security >...

  • Page 39: Miscellaneous

    Miscellaneous Software Impacted— Details Solution Short description HP ProtectTools Security All security applications such as HP ProtectTools Security Manager software must be Manager—Warning Embedded Security, Java Card, and installed before installing any security plug-in. received: The security biometrics are extendable plug-ins for application can not be the HP Security Manager interface.
  • Page 40 Software Impacted— Details Solution Short description an error is returned when upper right of the screen to close Manager. Since PTHOST.exe is the shell housing the closing the Security Security Manager before all plug-in other applications (plug-ins), it depends on the ability of Manager interface.
  • Page 41 Software Impacted— Details Solution Short description changing the Owner password in Embedded Security Windows software. ENWW Miscellaneous...
  • Page 42 Chapter 8 Troubleshooting ENWW...

  • Page 43: Glossary

    Glossary Advanced Encryption Standard (AES) A symmetric 128-bit block data encryption technique Application Programming Interface (API) A series of internal operating system functions that applications can use to perform various tasks Authentication Process of verifying whether a user is authorized to perform a task, for example, accessing a computer, modifying settings for a particular program, or viewing secured data.
  • Page 44 Identity In the ProtectTools Credential Manager, a group of credentials and settings that is handled like an account or profile for a particular user. Java Card Small piece of hardware, similar in size and shape to a credit card, which stores identifying information about the owner.
  • Page 45 Trusted Platform Module (TPM) embedded security chip (some models only) Integrated security chip that can protect highly sensitive user information from malicious attackers. It is the root-of-trust in a given platform. The TPM provides cryptographic algorithms and operations that meet the Trusted Computing Group (TCG) specifications.
  • Page 46 Glossary ENWW...

  • Page 47: Index

    Index Backup scheduler 4 advanced tasks 6 Embedded Security for Basic User 3 ProtectTools Computer Setup password 3 administrator 2 Backup Identity wizard Power-On Authentication 6 Computer Setup administrator, password 4 changing 9 setup 14 Backup scheduler password 4 troubleshooting 27 Computer Setup administrator, Basic User password, definition 3 emergency recovery token...
  • Page 48 password definition 2 Virtual Token User PIN 4 setting password 7 Power-On Authentication Windows embedded security 6 logon password 4 Java Card 6 ProtectTools Credential Manager 15 embedded security for 13 Java Card Security 17 managing settings 6 password management 2 Security Manager access 1 Security Manager modules 1 remote deployment, Client...

This manual is also suitable for:

Protecttools security manager

Table of Contents