Server Updates With An Hp Trusted Platform Module And Bitlocker™ Enabled; Additional Tpm Features - HP ProLiant BL620c G7 User Manual

Hide thumbs Also See for ProLiant BL620c G7:

Application note (34 pages)

Troubleshooting manual (190 pages)

Specification (36 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

Table of Contents

CAUTION:

you fail to follow the proper procedures for updating the system or option firmware, replacing the

system board, replacing a hard drive, or modifying OS application TPM settings.

For more information on firmware updates and hardware procedures, see the HP Trusted Platform Module

Best Practices White Paper on the HP website (http://www.hp.com/support).

For more information on adjusting TPM usage in BitLocker™, see the Microsoft website

(http://technet.microsoft.com/en-us/library/cc732774.aspx).

Server updates with an HP Trusted Platform Module and

BitLocker™ enabled

When a TPM is installed and enabled in RBSU, and when the Microsoft® Windows® BitLocker™ Drive

Encryption feature is enabled, always disable BitLocker™ before performing any of the following

procedures:

•

Restarting the computer for maintenance without a PIN or startup key

•

Updating firmware

•

Upgrading critical early boot components

•

Upgrading the system board to replace or remove the TPM

•

Disabling or clearing the TPM

•

Moving a BitLocker™-protected drive to another server blade

•

Adding an optional PCI device, such as a storage controller or network adapter

Additional TPM features

The following features are supported by Intel® Xeon® E7 family processors and require a TPM to be present:

•

Intel AES-NI is a processor-assisted AES encryption, supported by Intel Xeon E7 family processors, that

makes enabled encryption software faster and stronger, and offers better data protection. With this

technology, the encryption and decryption times are greatly reduced. AES-NI is enabled by default and

requires a TPM to be present.

•

Intel TXT is a hardware solution, supported by Intel Xeon E7 family processors, that validates the

behavior of key software within a server at startup. The server blade will support this feature with a

future planned firmware upgrade. The server checks the hardware and software consistency behaviors

at launch time against a known good sequence. Using this verification process, the server can quickly

assess whether any attempts have been made to alter or tamper with the launch time environment. TXT

is enabled by default, and requires a TPM to be present.

When a TPM is installed and enabled on the server blade, data access is locked if

Hardware options installation 57

Table of Contents

Server Updates With An Hp Trusted Platform Module And Bitlocker™ Enabled; Additional Tpm Features - HP ProLiant BL620c G7 User Manual

Additional TPM features

Troubleshooting

Related Manuals for HP ProLiant BL620c G7

Related Content for HP ProLiant BL620c G7

Table of Contents