HPE ProLiant DL380 Gen11 User Manual page 148

CAUTION: CAUTION:
Always observe the TPM guidelines in this section. Failure to follow these guidelines can cause hardware damage or
halt data access.
If you do not follow procedures for modifying the server and suspending or disabling the TPM in the OS, an OS that is
using TPM might lock all data access. This includes updating system or option firmware, replacing hardware such as the
system board and drives, and modifying TPM OS settings.
Changing the TPM mode after installing an OS might cause problems, including loss of data.
Hewlett Packard Enterprise SPECIAL REMINDER: Hewlett Packard Enterprise SPECIAL REMINDER: Before enabling TPM functionality on this system, you must ensure that your intended use
of TPM complies with relevant local laws, regulations and policies, and approvals or licenses must be obtained if applicable.
When the embedded TPM is enabled, the Trusted Platform Module operates in TPM 2.0 mode.
Use the UEFI System Utilities to configure the TPM. From the System Utilities screen, select System Configuration > BIOS/Platform
Configuration (RBSU) > Server Security > Trusted Platform Module options. For more information, see the UEFI user guide:
https://www.hpe.com/support/UEFIGen11-UG-en https://www.hpe.com/support/UEFIGen11-UG-en
When using the Microsoft Windows BitLocker Drive Encryption feature, always retain the recovery key or password. The recovery key or
password is required to enter Recovery Mode after BitLocker detects a possible compromise of system integrity.
HPE is not liable for blocked data access caused by improper TPM use. For operating instructions, see the documentation for the
encryption technology feature provided by the operating system.
Subtopics Subtopics
BitLocker recovery key/password retention guidelines BitLocker recovery key/password retention guidelines
BitLocker recovery key/password retention guidelines BitLocker recovery key/password retention guidelines
The recovery key/password is generated during BitLocker setup, and can be saved and printed after BitLocker is enabled. When using
BitLocker, always retain the recovery key/password. The recovery key/password is required to enter Recovery Mode after BitLocker detects
a possible compromise of system integrity.
To help ensure maximum security, observe the following guidelines when retaining the recovery key/password:
Always store the recovery key/password in multiple locations.
Always store copies of the recovery key/password away from the server.
Do not save the recovery key/password on an encrypted drive.
Cabling Cabling
Subtopics Subtopics
Cabling guidelines Cabling guidelines
Cabling diagrams Cabling diagrams
HPE ProLiant DL380 Gen11 Server User Guide 148