HP Z220 SFF, Z220 CMT, Z420, Z620, and Z820 Workstations Maintenance and Service Guide

ManualsBrandsHP ManualsComputersB2B97UT

Heading Option Description

●

Rear USB Ports

●

Internal USB Ports

Slot Security Lets you disable any PCI or PCI Express slot.

Network Boot Lets you Enable/Disable the ability to boot from the network using the F12 key or

the boot order. (Enable is default.)

System IDs Provides these options (CTRL+A to view data):

●

Asset Tag—A user-editable, 16-byte string identifying the computer.

●

Ownership Tag—A user-editable, 80-byte string identifying ownership of the

computer. This tag appears on the screen during POST.

●

Universal Unique Identifier (UUID)—An ID number set in the factory that

uniquely identifies the computer.

●

Keyboard—Lets you set the keyboard locale for System ID entry.

Master Boot Record

(MBR) Security

When MBR Security is enabled, the BIOS prevents any changes being made to

the MBR of the current bootable disk while in MS-DOS or Windows Safe Mode—

(Enable or Disable).

NOTE: Most operating systems control access to the MBR of the current

bootable disk; the BIOS cannot prevent changes that may occur while the

operating system is running.

System Security With the exception of the first option, Data Execution Prevention, changing any of

these system security settings and choosing File > Save Changes and Exit will

result in the computer performing a global reset, automatically turning itself off and

then back on. Note also that these options are hardware dependent and may not

be available on some models:

●

Data Execution Prevention (Enabled/Disabled)—Helps prevent operating

system security breaches.

●

Virtualization Technology (VTx)

(Disabled/Enabled)—Controls the

virtualization features of the processor.

●

Virtualization Technology Directed I/O (VTd)

(Disabled/Enabled)—Controls

virtualization DMA remapping features of the chipset.

●

Intel TXT(LT) Support

(Enabled/Disabled)—Controls the underlying

processor and chipset features needed to support a virtual appliance. To

enable this feature you must enable:

◦

Virtualization Technology (VTx)

◦

Virtualization Technology Directed I/O (VTd)

◦

Embedded Security Device

●

Embedded Security Device

(Disabled/Enabled)—Permits activation and

deactivation of the Embedded Security Device.

NOTE: Embedded Security Device must be set to Device Available in the

Device Security menu, and you must create a Setup Password, in order to

configure the Embedded Security Device.

◦

Measure boot variables/devices to PCR1 (Disabled/Enabled)—Logs the

measurements of the boot variables/devices to PCR1 instead of PCR5

●

Reset to Factory Settings

(Do not reset/Reset)—Restores factory defaults

and erases all security keys.

46 Chapter 2 System management