Additional tpm features – HP ProLiant BL620c G7 Server-Blade User Manual

Page 57

Advertising
background image

Hardware options installation 57

CAUTION:

When a TPM is installed and enabled on the server blade, data access is locked if

you fail to follow the proper procedures for updating the system or option firmware, replacing the

system board, replacing a hard drive, or modifying OS application TPM settings.

For more information on firmware updates and hardware procedures, see the HP Trusted Platform Module

Best Practices White Paper on the HP website (

http://www.hp.com/support

).

For more information on adjusting TPM usage in BitLocker™, see the Microsoft website
(

http://technet.microsoft.com/en-us/library/cc732774.aspx

).

Server updates with an HP Trusted Platform Module and

BitLocker™ enabled

When a TPM is installed and enabled in RBSU, and when the Microsoft® Windows® BitLocker™ Drive

Encryption feature is enabled, always disable BitLocker™ before performing any of the following
procedures:

Restarting the computer for maintenance without a PIN or startup key

Updating firmware

Upgrading critical early boot components

Upgrading the system board to replace or remove the TPM

Disabling or clearing the TPM

Moving a BitLocker™-protected drive to another server blade

Adding an optional PCI device, such as a storage controller or network adapter

Additional TPM features

The following features are supported by Intel® Xeon® E7 family processors and require a TPM to be present:

Intel AES-NI is a processor-assisted AES encryption, supported by Intel Xeon E7 family processors, that
makes enabled encryption software faster and stronger, and offers better data protection. With this

technology, the encryption and decryption times are greatly reduced. AES-NI is enabled by default and
requires a TPM to be present.

Intel TXT is a hardware solution, supported by Intel Xeon E7 family processors, that validates the
behavior of key software within a server at startup. The server blade will support this feature with a

future planned firmware upgrade. The server checks the hardware and software consistency behaviors
at launch time against a known good sequence. Using this verification process, the server can quickly
assess whether any attempts have been made to alter or tamper with the launch time environment. TXT

is enabled by default, and requires a TPM to be present.

Advertising
Popular Brands
Popular manuals