User Manual
Anti-Theft
• Computrace Module Activation
Values: Disabled, Enabled, Permanently Disabled
Descriptions: Enable the UEFI BIOS interface to activate the computrace module. Computrace is an
optional monitoring service from Absolute Software. If you select Permanently Disabled, you cannot
enable this setting again.
Secure Boot
• Secure Boot
Values: Disabled, Enabled
Descriptions: Enable this option to prevent unauthorized operating systems from loading when you turn
on the computer.
Note: Enabling Secure Boot requires to set the startup setting to UEFI Only and CSM Support to No.
• Platform Mode
Values: Setup Mode, User Mode
Descriptions: Specify the system operating mode.
• Secure Boot Mode
Values: Standard Mode, Custom Mode
Descriptions: Specify the Secure Boot mode.
• Reset to Setup Mode
Descriptions: Use this option to clear the current platform key and reset Platform Mode to Setup Mode.
• Restore Factory Keys
Descriptions: Use this option to restore all keys and certificates in Secure Boot databases to the factory
defaults.
• Clear All Secure Boot Keys
Descriptions: Use this option to clear all keys and certificates in Secure Boot databases and install your
own keys and certificates.
Intel (R) SGX
• Intel (R) SGX Control
Values: Disabled, Enabled, Software Controlled
Descriptions: Enable or disable the Intel Software Guard Extensions (SGX) function. If you select Software
Controlled, SGX will be controlled by the SGX application for UEFI boot OS.
• Change Owner EPOCH
Value: Enter
Descriptions: Change Owner EPOCH to a random value. Use this option to clear SGX user data.
Device Guard
• Device Guard
Values: Disabled, Enabled
Descriptions: This option is used to support Microsoft Device Guard.
When this option is enabled, Intel Virtualization Technology, Intel VT-d Feature, Secure Boot, and OS
Optimized Defaults are automatically enabled. Boot order is restricted to customer image only. To
complete the configuration of Device Guard, you have to set a supervisor password.
72
T480 User Guide