Enabling The Intel Trusted Execution Technology (Txt) Feature For The Tpm - Cisco UCS C24 Installation And Service Manual
Hide thumbs
Also See for UCS C24:
- Installation and service manual (156 pages) ,
- Installation and service manual (128 pages)
Table of Contents
Advertisement
Installing or Replacing Server Components
Enabling the Intel Trusted Execution Technology (TXT) Feature For the TPM
Intel TXT provides greater protection for information that is used and stored on the business server. A
key aspect of that protection is the provision of an isolated execution environment and associated
sections of memory where operations can be conducted on sensitive data, invisibly to the rest of the
system. Likewise, Intel TXT provides for a sealed portion of storage where sensitive data such as
encryption keys can be kept, helping to shield them from being compromised during an attack by
malicious code.
To enable the TXT feature, follow these steps:
Step 1
Verify that a TPM is now installed and enabled in the server:
a.
b.
c.
d.
Note
e.
Step 2
Verify VT/VT-d and enable the Intel Trusted Execution Technology (TXT) feature in the server BIOS:
a.
b.
Note
c.
Verify that the Intel TXT, VT, and VT-d features are enabled:
Step 3
a.
b.
c.
Cisco UCS C24 Server Installation and Service Guide
3-42
Either attach a VGA monitor and USB keyboard to the server, or log in remotely to the CIMC
interface of the server and open a virtual KVM console window.
Reboot the server.
Watch during bootup for the F2 prompt, and then press F2 to enter BIOS setup.
Log in to the BIOS Setup utility with your BIOS Administrator password.
You must be logged in as the BIOS administrator to perform this procedure. If you have not done
so already, set a BIOS administrator password on the Security tab of the BIOS Setup utility.
Select the Security tab. Verify that TPM State now says Enabled & Activated.
Verify that the Intel Virtualization Technology (VT) and the Intel VT for Directed I/O (VT-d)
features are enabled (the factory default).
Select the Advanced tab of the utility, then select Processor Configuration. These features are
listed on the page that appears, along with their states.
On this same Advanced > Processor Configuration page, select Intel Trusted Execution
Technology and set it to Enabled.
The Intel Trusted Execution Technology feature is only listed when the server has a TPM
installed on the TPM header.
Press Escape to return to the BIOS Setup utility screen.
Reboot the server.
Watch during bootup for the F2 prompt, and then press F2 to enter BIOS setup.
Select the Advanced tab, then select Processor Configuration. Verify that the state of these three
features is Enabled.
Chapter 3
Maintaining the Server
OL-26647-01
Advertisement
Table of Contents
