System Security

Data Execution Prevention (enable/disable) - Helps prevent operating system security breaches.

(these options are

Default is enabled.

hardware dependent)

Virtualization Technology (VTx) (enable/disable) - Controls the virtualization features of the

 

 

processor. Changing this setting requires turning the computer off and then back on. Default is

 

disabled.

 

Embedded Security Device (enable/disable) - This option becomes available if Embedded Device is

 

set to Available. Embedded Security Device turns the Trusted Platform Mechanism (TPM) on and off.

 

Reset to Factory Settings (reset/do not reset) - Enabling this option will clear any saved data in

 

 

the TPM and set the TPM back to factory default settings.

 

 

Resetting to factory defaults will erase all security keys and leave the device in a disabled

 

 

state. Changing this setting requires that you restart the computer. Default is Do not reset.

 

 

CAUTION: The embedded security device is a critical component of many security schemes.

 

 

Erasing the security keys will prevent access to data protected by the Embedded Security

 

 

Device. Choosing Reset to Factory Settings may result in significant data loss.

 

Measure boot variables/devices to PCR1 (enable/disable) - Enabling this option will allow the

 

 

operating system to log boot variables/devices to PCR1 instead of PCR5.

 

 

Typically, the computer measures the boot path and saves collected metrics to PCR5 (a register

 

 

in the Embedded Security Device). Bitlocker tracks changes to any of these metrics, and forces

 

 

the user to re-authenticate if it detects any changes. Enabling this feature lets you set Bitlocker

 

 

to ignore detected changes to boot path metrics, thereby avoiding re-authentication issues

 

 

associated with USB keys inserted in a port. Default is enabled.

 

To enable the Embedded Security Device and to access any security features associated with the

 

device, you must enter a setup password. Setting a device to ‘Available’ enables the operating

 

system to access the device. ‘Hidden’ makes the device unavailable, meaning it is disabled by the

 

BIOS and cannot be enabled by the operating system.

 

OS management of Embedded Security Device - Enables or disables the ability of the operating

 

system to control the TPM device, including turning it on and off, initializing it, and resetting it.

 

Reset of Embedded Security Device through OS¯ (enable/disable) - This option allows the user

 

 

to limit the operating system ability to request a Reset to Factory Settings of the Embedded

 

 

Security Device. Default is disabled.

 

No PPI provisioning (enable/disable) - This option lets to set Windows 8 to bypass the PPI

 

 

(Physical Presence Interface) requirement and directly enable and take ownership of the TPM

 

 

on first boot. End-user cannot change this setting after TPM is owned/initialized, unless the

 

 

TPM is reset. Default is disabled for non-Windows 8 systems, and enabled for Windows 8.

 

Allow PPI policy to be changed by OS (enable/disable) - Enabling this option allows the

 

 

operating system to execute TPM operations without Physical Presence Interface. Default is

 

 

disabled.

 

 

 

Computer Setup (F10) Utilities

71

Page 79
Image 79
HP 800 G1 manual System Security

800 G1 specifications

The HP ProDesk 800 G1 is a powerful and versatile desktop computer designed for business and professional use. Released as part of HP's ProDesk series, this model is known for its reliability, performance, and advanced features, making it an ideal choice for various office environments.

One of the standout characteristics of the HP ProDesk 800 G1 is its robust performance. Equipped with Intel's 4th generation Core processors, users can choose from a range of options including Core i3, i5, and i7, ensuring that there is a suitable option for tasks ranging from basic office applications to more demanding workloads such as graphic design and data analysis. The desktop supports up to 32GB of DDR3 RAM, enabling multitasking capabilities that allow users to run multiple applications simultaneously without performance degradation.

Storage options on the HP 800 G1 are flexible, including traditional hard disk drives (HDD) and solid-state drives (SSD). The inclusion of SSDs significantly enhances system responsiveness and boot times, making it a great option for users who require quick access to files and applications. Additionally, with varying storage capacities available, users can choose a configuration that best fits their data requirements.

Connectivity is another area where the HP ProDesk 800 G1 excels. It features multiple USB ports, including USB 3.0 for faster data transfer speeds, along with legacy ports such as USB 2.0. The desktop is also equipped with DisplayPort and VGA outputs for versatile display options, allowing users to connect multiple monitors for enhanced productivity. Furthermore, it includes Ethernet for reliable wired network connections and can support wireless connectivity options for added convenience.

In terms of security, the HP ProDesk 800 G1 has several built-in features, such as HP Client Security and TPM (Trusted Platform Module) for hardware-based encryption. This ensures that sensitive data remains protected, making it suitable for businesses that prioritize data security.

The design of the HP ProDesk 800 G1 is both functional and aesthetically pleasing. Its compact form factor allows for easy placement in limited spaces, while the tool-less design simplifies upgrades and maintenance. Additionally, HP’s commitment to energy efficiency is evident in this model, with ENERGY STAR certification ensuring that it operates in an environmentally friendly manner.

Overall, the HP ProDesk 800 G1 stands out as a reliable desktop computer that combines performance, security, and expandability, making it a smart investment for any business looking for a robust computing solution.