Viewing And Modifying Boot Properties; Trusted Execution Technology And Uefi Secure Boot - Oracle X7 series Administration Manual

Viewing and Modifying Boot Properties

This section provides instructions for modifying how the server boots. Using the system
administration tools, you can change the boot order list, and you can enable features such as
Persistent Boot Support and Trusted Platform Module.
Task
Provide additional security for your system.
Make persistent or temporary changes to the boot order
list.
Enable the Persistent Boot Support feature.
Enable Trusted Platform Module (TPM) features.

Trusted Execution Technology and UEFI Secure Boot

Your server supports the following security features:
Trusted Execution Technology (TXT) provides authenticity of a platform and its operating
■
system.
When enabled, TXT ensures that the operating system (OS) starts in a trusted environment,
and provides the OS with additional security capabilities not available to an untrusted OS.
Using cryptographic techniques, TXT provides measurements of software and platform
components so that system software as well as local and remote management applications
may use those measurements to make trust decisions. Trusted Execution Technology
defends against software-based attacks aimed at stealing sensitive information by corrupting
system or BIOS code, or modifying a platform's configuration.
UEFI Secure Boot defines how platform firmware can authenticate a digitally signed UEFI
■
image, such as an operating system loader or a UEFI driver.
When enabled, UEFI Secure Boot provides a policy-based invocation of various UEFI
executable images, using cryptographic signatures to identify the software publishers. UEFI
Link
"Trusted Execution Technology and UEFI Secure
Boot" on page 47
"Modifying the Boot Order" on page 48
"Enable Persistent Boot Support (BIOS)" on page 50
"Configure BIOS Support for TPM
(BIOS)" on page 50
Viewing and Modifying Boot Properties 47