Manualshelf

HP Sure Start

ManualsBrandsHP ManualsComputersEliteDesk 705 G4 Mini Desktop Computer
10111213141516171819
11
Technical white paper | HP Sure Start
OS is running. There are three possible congurations for this policy:
Log event only: When this setting is selected, the HP ESC logs detection events, which can be viewed in the Applications
and Services Logs/HP Sure Start path of the Microsoft Windows Event Viewer.
3
Log event and notify user: This is the default setting. When this setting is selected, the HP ESC logs detection events,
which can be viewed in the Applications and Services Logs/HP Sure Start path of the Microsoft Windows Event Viewer.
Additionally, the user is notied within Windows that the event occurred.
4
Log event and power o system: When this setting is selected, the HP ESC logs detection events, which can be viewed
in the Applications and Services Logs/HP Sure Start path of the Microsoft Windows Event Viewer. Additionally, the user is
notied within Windows that the event occurred, and that system shutdown is imminent.
HP Sure Start Security Event Boot Notication
This BIOS policy setting controls whether HP Sure Start warnings and error messages that are displayed when the
system is booted require the local user to acknowledge the error before the boot continues. With the default Require
Acknowledgement setting, the system halts with the error message displayed. The local user must press a key to
continue the boot. If changed to Time out after 15 seconds, the message is displayed, but the boot process continues
automatically after the message is displayed for 15 seconds.
Lock BIOS Version
In the (F10) BIOS setup, this feature is located in Main/Update System BIOS.
When set to disable, you can update the BIOS using any supported process. When the HP ESC detects a valid boot block
update in the system ash, it updates the backup copy of the boot block.
When set to enable, all HP BIOS update tools refuse to update the BIOS. In addition, HP Sure Start protects the BIOS from
attempts to change the BIOS version by removing the system ash via an unauthorized method. The HP ESC records the
locked-down version of BIOS. When the HP ESC detects that the BIOS in the system ash changed, the HP ESC overwrites
the BIOS boot block with the HP ESC copy of the boot block. The HP ESC copy of the boot block executes and recovers the
remainder of the correct version of the BIOS. The default setting of this feature is disable.
Save/Restore MBR of System Hard Drive and Save/Restore GPT of System Hard Drive
In the (F10) BIOS setup, this feature is located in Security/Hard Drive Utilities. Only one of these capabilities is available,
depending on the partition type of the primary drive (GPT or MBR), as detected by HP Sure Start.
When set to enable, HP Sure Start maintains a protected backup copy of the MBR/GPT partition table from the primary
drive and compares the backup copy to the primary on each boot. If a dierence is detected, the user is prompted and
can choose to recover from the backup to the original state, or to update the protected backup copy with the changes.
The Boot Sector (MBR/GPT) Recovery Policy can optionally be used to remove the user decision for the action taken in
the event of a discrepancy found by HP Sure Start.
When set to disable (default), no MBR/GPT protection is provided by HP Sure Start.
Boot Sector (MBR/GPT) Recovery Policy
When set to Local User Control (default) the user is prompted for the action to take when HP Sure Start detects a change
in the MBR/GPT partition table. When set to Recover in the event of corruption, HP Sure Start automatically restores the
MBR/GPT to the saved state any time dierences are encountered.
3
HP Notication Software must be installed to view HP Sure Start events in the Windows Event Viewer.
4
HP Notication Software must be installed to receive notications.