HP ProtectTools Troubleshooting Guide
Overview
HP ProtectTools Security is a new technology offered by HP on some Business PCs. This technology offers enhanced security support for file/folder encryption, user identity and protection, Single Sign On, multi-factor authentication, smart card, smart card preboot, token and biometric support and works natively with the operating system to enhance security aware applications, such as secure e-mail. The enhanced security is achieved through both hardware and software. Windows-based management of the BIOS is also incorporated through a BIOS Configuration module. All software is centrally managed through an HP Security Manager interface, which can be accessed from the task tray, start menu, or control panel. A properly enabled security system requires a TPM-enabled BIOS, versions 1.54 or greater, obtainable through www.hp.com support, and security software available via purchase.
Administrators are encouraged to perform “best practices” in restricting end-user privileges and restrictive access to users.
Hardware
The hardware consists of a Trusted Platform Module (TPM) which meets the Trusted Computing Group requirements of TPM 1.2 standards. The card is integrated with the system board and is part of the NIC. The NIC and TPM solution contains on-chip memory and off-chip memory, functions and firmware are located on an external flash integrated with the system board. All TPM functions are encrypted or protected to ensure secure flash or communications.
Software
The software, HP ProtectTools, has two parts: HP ProtectTools Security Manager and HP plug-in modules. Security Manager is the interface (shell) that centralizes all security applications (plug-ins). The computer offers security in both configure-to-order and aftermarket configurations. Both offerings provide a CD which can be used in Microsoft Windows to install the HP ProtectTools security products. Customers using a non-HP corporate image are encouraged to use the provided CD to install security software. Some HP Web-based downloads (SoftPaqs) will not install unless previous versions of security software are already installed on the target PC.
HP ProtectTools security applications for the computer are:
■HP ProtectTools Security Manager: The software is preinstalled on the hard drive and can be accessed from the Start Menu or Control Panel applet. The Security Manager shell interface provides a central point for administering all security plug-in modules. Security plug-ins like the TPM, Smart Card, and future security products cannot be installed unless the Security Manager interface is present.
■HP ProtectTools Embedded Security: This supports the TPM 1.2 hardware directly and is preinstalled on the imaged drive for desktop. In Windows 2000 and Windows XP environments, this software supports enhanced security for secure e-mail with Microsoft
