Hello
The HPE Trusted Platform Module (TPM) works with programs such as Microsoft Windows® BitLocker™ to increase data security by storing the encryption startup key in hardware on the server, which provides a more secure environment by pairing the drive to the server. Pairing the drive to the server helps prevent the encrypted drive from being read if inserted in a different server. The HPE TPM can also store passwords, certificates, and encryption keys that can authenticate server hardware and software through remote attestation while the measured boot capability enhances the effectiveness of anti-malware solutions.
The HPE TPM options conform to the Trusted Computing Group specifications and provides hardware-based authentication and tamper detection preventing a TPM from being moved to another server or replaced.
Configuring Trusted Platform Module options
- From the System Utilities screen, select and press Enter.
- Select an option and press Enter, then select a setting for that option and press Enter again. On servers configured with an optional TPM, you can set the following:
- TPM 2.0 Operation—Sets the operational state of TPM 2.0. Options are:
- No Action—There is no TPM configured.
- Enabled—TPM and Secure Boot (when enabled) are fully functional.
- Disabled—TPM is visible but functionality is limited. This option also resets TPM to factory settings, clearing assigned passwords, keys, or ownership data.NOTE:
Disabling TPM can prevent the server from booting to the TPM-aware operating system if the OS uses TPM measurements.
- TPM 2.0 Visibility—Sets whether TPM is hidden form the operating system. Options are:
- Visible
- Hidden—Hides TPM from the operating system. Secure Boot is disabled and TPM does not respond to any commands. Use this setting to remove TPM options from the system without having to remove the actual hardware.
- TPM Binding—Sets whether data is encrypted using a TPM bind key, which is a unique RSA key. Options are:
- Enabled
- Disabled
- TPM UEFI Option ROM Measurement—Enables or disables (skips) measuring UEFI PCI operation ROMs. Options are:
- Enabled
- Disabled
- TPM 2.0 Operation—Sets the operational state of TPM 2.0. Options are:
- Verify that your new Current TPM Type and Current TPM State settings appear at the top of the screen.
- Press F10.
Thank you for Contacting HPE
I am an HPE Employee
