Table 8-3Computer Setup—Security (continued)

System Security

OS management of Embedded Security Device (enable/disable) - This option allows the user to limit

(continued)

OS control of the Embedded Security Device. Default is enabled. This option is automatically

 

disabled if Trusted Execution Technology is enabled.

 

Reset of Embedded Security Device through OS (enable/disable) - This option allows the user

 

to limit the operating system ability to request a Reset to Factory Settings of the Embedded

 

Security Device. Default is disabled.

 

NOTE: To enable this option, a Setup password must be set.

 

No PPI provisioning (Windows 8 only) - This option lets you set Windows 8 to bypass the PPI

 

(Physical Presence Interface) requirement and directly enable and take ownership of the TPM

 

on first boot. You cannot change this setting after TPM is owned/initialized, unless the TPM is

 

reset. Default is disabled for non-Windows 8 systems, and enabled for Windows 8.

 

Allow PPI policy to be changed by OS. Enabling this option allows the operating system to

 

execute TPM operations without Physical Presence Interface. Default is disabled.

 

NOTE: To enable this option, a Setup password must be set.

 

 

DriveLock Security

Allows you to assign or modify a master or user password for hard drives. When this feature is

 

enabled, the user is prompted to provide one of the DriveLock passwords during POST. If neither is

 

successfully entered, the hard drive will remain inaccessible until one of the passwords is

 

successfully provided during a subsequent cold-boot sequence.

 

NOTE: This selection will only appear when at least one drive that supports the DriveLock feature

 

is attached to the system.

 

 

Secure Boot

This is a feature of Windows 8.

Configuration

Legacy Support—Enable/Disable. Allows you to turn off all legacy support on the computer,

 

 

including booting to DOS, running legacy graphics cards, booting to legacy devices, and so

 

on. If set to disable, legacy boot options in Storage > Boot Order are not displayed.

 

Default is enabled.

 

Secure Boot—Enable/Disable. Allows you to make sure an operating system is legitimate

 

before booting to it, making Windows resistant to malicious modification from preboot to full

 

OS booting, preventing firmware attacks. UEFI and Windows Secure Boot only allow code

 

signed by pre-approved digital certificates to run during the firmware and OS boot process.

 

Default is disabled, except for Windows 8 systems which have this setting enabled. Secure

 

Boot enabled also sets Legacy Support to disabled.

 

Key Management—This option lets you manage the custom key settings.

 

Clear Secure Boot Keys—Don't Clear/Clear. Allows you to delete any previously loaded

 

 

custom boot keys. Default is Don't Clear.

 

Key Ownership—HP Keys/Custom Keys. Selecting Custom Mode allows you to modify

 

 

the contents of the secure boot signature databases and the platform key (PK) that verifies

 

 

kernels during system start up, allowing you to use alternative operating systems.

 

 

 

Computer Setup (F10) Utilities 189

Page 201
Image 201
HP 800 G1 manual DriveLock Security, Secure Boot

800 G1 specifications

The HP ProDesk 800 G1 is a powerful and versatile desktop computer designed for business and professional use. Released as part of HP's ProDesk series, this model is known for its reliability, performance, and advanced features, making it an ideal choice for various office environments.

One of the standout characteristics of the HP ProDesk 800 G1 is its robust performance. Equipped with Intel's 4th generation Core processors, users can choose from a range of options including Core i3, i5, and i7, ensuring that there is a suitable option for tasks ranging from basic office applications to more demanding workloads such as graphic design and data analysis. The desktop supports up to 32GB of DDR3 RAM, enabling multitasking capabilities that allow users to run multiple applications simultaneously without performance degradation.

Storage options on the HP 800 G1 are flexible, including traditional hard disk drives (HDD) and solid-state drives (SSD). The inclusion of SSDs significantly enhances system responsiveness and boot times, making it a great option for users who require quick access to files and applications. Additionally, with varying storage capacities available, users can choose a configuration that best fits their data requirements.

Connectivity is another area where the HP ProDesk 800 G1 excels. It features multiple USB ports, including USB 3.0 for faster data transfer speeds, along with legacy ports such as USB 2.0. The desktop is also equipped with DisplayPort and VGA outputs for versatile display options, allowing users to connect multiple monitors for enhanced productivity. Furthermore, it includes Ethernet for reliable wired network connections and can support wireless connectivity options for added convenience.

In terms of security, the HP ProDesk 800 G1 has several built-in features, such as HP Client Security and TPM (Trusted Platform Module) for hardware-based encryption. This ensures that sensitive data remains protected, making it suitable for businesses that prioritize data security.

The design of the HP ProDesk 800 G1 is both functional and aesthetically pleasing. Its compact form factor allows for easy placement in limited spaces, while the tool-less design simplifies upgrades and maintenance. Additionally, HP’s commitment to energy efficiency is evident in this model, with ENERGY STAR certification ensuring that it operates in an environmentally friendly manner.

Overall, the HP ProDesk 800 G1 stands out as a reliable desktop computer that combines performance, security, and expandability, making it a smart investment for any business looking for a robust computing solution.