HP PC Commercial BIOS (UEFI) Setup Administration Guide For Business Notebook and Desktop 2015 Models - Technical whitepaper

ManualsBrandsHP ManualsDesktopsHP ProBook 640 G2 Notebook PC

May 2016

857394-002

HP PC Commercial BIOS (UEFI) Setup

4 Security Menu 23

4.3 BIOS Sure Start Menu

Settings menu for Enhanced hardware based assurance that only HP approved Embedded Controller firmware will run on

the HP Embedded Controller and that only HP approved BIOS will run on the host CPU.

Table 12 BIOS Sure Start Menu features

Feature

Type

Description

Default

Notes

 Verify Boot Block

on Every Boot

Setting

When not checked, HP Sure Start© will verify the integrity of HP

fimrware in the non-volatile (flash) memory before resume from

Sleep, Hibernate, or Off.

When checked, HP Sure Start© will verify the integrity of HP

firmware in the non-volatile (flash) memory across operating

system restart (warm reset) in addition to resume from Sleep,

Hibernate Off. This setting provides higher security assurance,

but could increase the time required to restart operating system

2014 Desktop: New

Unchecked

Reboot

Required

BIOS Data Recovery

Policy

Setting

The following settings are possible for HP Sure Start – Recovery

Policy:

 Automatic

 Manual

Automatic: HP SureStart will automatically repair any HP

firmware integrity issues in the non-volatile (flash) memory

Manual: HP Sure Start will not repair any HP firmware integrity

issues in the non-volatile (flash) memory until the Windows +Up

Arrow+ Down Arrow keys are pressed.

NOTE: Manual recovery is intended for use by the system

administrator in the event forensic investigation is desired

before HP Sure Start repairs the issue. It is not recommended

for the typical user 2014 Desktop: New

Automatic

Reboot

Required

Network Controller

Configuration

Restore

Action

HP Sure Start – Network Controller Configuration Restore

This action will restore the network controller parameters to the

factory state saved in the HP Sure Start Private non-volatile

(flash) memory.

NOTE: This process can take up to 30 seconds. You only need to

restore this when the Network Controller Configuration

mismatch warning is set

2014 Notebook: Security -> Sure Start -> Restore Network

Controller Configuration to factory defaults

2014 Desktop: New

Reboot

Required

 Prompt on

Network Controller

Configuration

Change

Setting

When enabled, HP Sure Start will monitor the network controller

configuration and prompt the local user if any changes are

detected compared to the factory configuration. The local user

has the option to ignore the prompt, or restore the network

controller to the factory configuration when prompted.

2014 Notebook and Desktop: New

Checked

Intel Only

Reboot

Physical

Presence

Required