Welcome to Scribd!

UEFI System Utilities Security Setting Recommendations

Uploaded by

0% found this document useful (0 votes)

11 views2 pages

Hewlett Packard Enterprise recommends enabling secure boot and various security settings in the UEFI System Utilities for servers, including setting power-on and admin passwords, enabling AES-NI support, setting TPM options to TPM 2.0 visible mode, enabling SATA secure erase, enabling Intel TXT support if available, disabling the one-time boot menu, enabling intelligent provisioning and backup image authentication, and enabling and configuring various iLO 5 settings including requiring user login.

Original Description:

Original Title

hpe.com-UEFI System Utilities security setting recommendations

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

11 views2 pages

UEFI System Utilities Security Setting Recommendations

Uploaded by

Hector Balseiro Ramirez

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 2

Search inside document

UEFI System Utilities security setting recommendations

hpe.com/psnow/resources/ebooks/a00018320en_us_v10/GUID-E80ABAD1-C361-4782-A2BF-D4AE26630FB3.html

Hewlett Packard Enterprise recommends the following UEFI System Utilities settings. For details about these
settings, see the UEFI System Utilities online help or the UEFI System Utilities User Guide for HPE ProLiant
Gen10, ProLiant Gen10 Plus Servers, and HPE Synergy. If a setting is not listed with a recommendation,
determine the appropriate value based on your environment and security priorities.

Set Power On Password

Set a password that is compliant with strong security standards.

Set Admin Password

Set a password that is compliant with strong security standards.

Secure Boot settings

Attempt Secure Boot—Enabled

Secure Boot requires UEFI boot mode.

TLS (HTTPS) Advanced Security Settings

Cipher suites allowed for TLS connections—Select the allowed ciphers for TLS connections

Certificate validation for every TLS connection—Peer

Strict Hostname checking—Enable

TLS Protocol Version Support—Auto

Processor AES-NI Support

Enabled

Trusted Platform Module Options

TPM 2.0 Operation—No Action

TPM Mode Switch Operation—TPM 2.0

TPM 2.0 Visibility—Visible

TPM UEFI Option ROM Measurement—Enabled

SATA Controller Options

Embedded SATA Configuration—To support SATA secure erase, this option must be set to SATA AHCI
Support and the installed SATA drives must support the secure erase command.

1/2
SATA Secure Erase—Enable this option to allow SATA secure erase functions to work. This control
does not start the secure erase function.

Intel Security Options

Intel TXT Support—Enabled, if available.

Advanced Security Options

One-Time Boot Menu (F11 Prompt)—Disabled

Intelligent Provisioning (F10 Prompt)—Enabled

Backup ROM Image Authentication—Enabled

iLO 5 Configuration Utility

iLO 5 Functionality—Enabled

iLO 5 Configuration Utility—Enabled

Require user login and configuration privilege for iLO 5 Configuration—Enabled

Show iLO 5 IP Address during POST—Enabled

Local Users—Enabled

Serial CLI Status—Enabled

Serial CLI Speed (bits/second)—As appropriate for your environment

iLO Web Interface—Enabled

2/2

HPE Standard ProLiant and Blade Server Service and Solution Qualification
Document13 pages
HPE Standard ProLiant and Blade Server Service and Solution Qualification
sumitsaini19
50% (6)
PRD Referralframeworkshreeda
Document8 pages
PRD Referralframeworkshreeda
api-344311502
100% (1)
Automotive Mechanics by William H Crouse 0070145350
Document4 pages
Automotive Mechanics by William H Crouse 0070145350
anmol thakur
67% (3)
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
From Everand
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
Ramon Nastase
No ratings yet
CCNA Security Commands
Document61 pages
CCNA Security Commands
Mohammed Mostafa
100% (5)
Drive ReplacementNL400Node
Document15 pages
Drive ReplacementNL400Node
vijayen123
No ratings yet
AI and Journalism (Ethics and Law Essay)
Document5 pages
AI and Journalism (Ethics and Law Essay)
Anonymous 2mEMBhE4
No ratings yet
Osprey MCA User S Manual-1
Document127 pages
Osprey MCA User S Manual-1
amit281276
No ratings yet
Packet Tracer - Configure Initial Router Settings: Objectives
Document8 pages
Packet Tracer - Configure Initial Router Settings: Objectives
MENDOZA GASPAR PAOLA Ingeniería en Sistemas Computacionales
No ratings yet
Overview of Cisco 800 Series ISR Deployment: Last Updated 08/11/14
Document7 pages
Overview of Cisco 800 Series ISR Deployment: Last Updated 08/11/14
Ngọc Duy Võ
No ratings yet
Cisco Router Configuration Files, Startup-Config, Running-Config, Start-Up Configuration File, Running Configuration File
Document2 pages
Cisco Router Configuration Files, Startup-Config, Running-Config, Start-Up Configuration File, Running Configuration File
Muhammad Imran
No ratings yet
Docsity Hpe Proliant Questions and Answers
Document4 pages
Docsity Hpe Proliant Questions and Answers
Esperant Kayembelukusa
No ratings yet
Module 2-B-Series SAN Tools and Utilities
Document36 pages
Module 2-B-Series SAN Tools and Utilities
Iulian Ignea
No ratings yet
CA - Ex - S1M11 - Configuring and Testing Your Network
Document67 pages
CA - Ex - S1M11 - Configuring and Testing Your Network
api-3700114
100% (1)
DEll XE
Document42 pages
DEll XE
fatbanumarfadi
No ratings yet
Laboratorio 13
Document17 pages
Laboratorio 13
manuteoihu
No ratings yet
Capture Text With Putty
Document3 pages
Capture Text With Putty
Florin Nagy
No ratings yet
Intel Optane Memory User Installation
Document57 pages
Intel Optane Memory User Installation
Alonso LG
No ratings yet
Brkapp 3006
Document116 pages
Brkapp 3006
ktn666
No ratings yet
Intel System Information Retrieval Utility
Document4 pages
Intel System Information Retrieval Utility
jinish.K.G
No ratings yet
10.1.4-Packet-Tracer - Configure-Initial-Router-Settings
Document5 pages
10.1.4-Packet-Tracer - Configure-Initial-Router-Settings
Petru Spînu
No ratings yet
Control and Forwarding Plane
Document149 pages
Control and Forwarding Plane
Mohsin Hafeez
No ratings yet
README Merlin
Document13 pages
README Merlin
smiliescribed
No ratings yet
Linux - Iscd - V4.0 - Fiat Group
Document17 pages
Linux - Iscd - V4.0 - Fiat Group
Swane Carol
No ratings yet
OPTEVA 522-562 - SETUP PC SIERRA REV Draft Version - STMI
Document3 pages
OPTEVA 522-562 - SETUP PC SIERRA REV Draft Version - STMI
Jone Andre
No ratings yet
README Merlin
Document13 pages
README Merlin
ClaudiuAlin
No ratings yet
LAB 5 - Logging and Monitoring
Document20 pages
LAB 5 - Logging and Monitoring
Nils Garcia
No ratings yet
Redundanta Cisco ASA-PIX
Document51 pages
Redundanta Cisco ASA-PIX
sisf
No ratings yet
Hi-Fi Z97Z7 UEFI BIOS Manual
Document39 pages
Hi-Fi Z97Z7 UEFI BIOS Manual
Tiago Pinheiro
No ratings yet
X300M STX 9
Document6 pages
X300M STX 9
daniel maa
No ratings yet
Nsa - Gov Macosx - 10 - 6 - Hardeningtips PDF
Document2 pages
Nsa - Gov Macosx - 10 - 6 - Hardeningtips PDF
Paul Müller
No ratings yet
Basic Config Using Cisco IOS Command Line Interface
Document22 pages
Basic Config Using Cisco IOS Command Line Interface
Marco Aurelio Martinez Jimenez
No ratings yet
Alcatel Thompson Speedtouch 585 Router Configuration Manual: Device Specifications - Direct Link
Document2 pages
Alcatel Thompson Speedtouch 585 Router Configuration Manual: Device Specifications - Direct Link
masterat0r
No ratings yet
Installing Numara Track-It! 10.5 (Full Installation)
Document13 pages
Installing Numara Track-It! 10.5 (Full Installation)
Richard Alvarez
No ratings yet
Aa85b-A2t & Aa75b-A2t - Bios - 120919 PDF
Document33 pages
Aa85b-A2t & Aa75b-A2t - Bios - 120919 PDF
Antut Ebonk
No ratings yet
Lenovo Bios Setup Linux Wmi Sysfs 1.2
Document11 pages
Lenovo Bios Setup Linux Wmi Sysfs 1.2
Felipe Duarte
No ratings yet
Computer Setup Guide: 215867-001cv.p65 7/25/00, 10:14 AM 1
Document18 pages
Computer Setup Guide: 215867-001cv.p65 7/25/00, 10:14 AM 1
Shobhit Saxena
No ratings yet
U. Microsoft Windows NT Servers Technical Specification
Document8 pages
U. Microsoft Windows NT Servers Technical Specification
Swane Carol
No ratings yet
Ih61h-Mhs & Ih61k-Mhs & Ih61m-Mhs - Bios - 110406
Document32 pages
Ih61h-Mhs & Ih61k-Mhs & Ih61m-Mhs - Bios - 110406
WanAbbood
No ratings yet
Cisco
Document71 pages
Cisco
Ganesh Gupta
No ratings yet
Intel Optane™ Memory: Quick Start Guide
Document5 pages
Intel Optane™ Memory: Quick Start Guide
IT JPTOK
No ratings yet
Uefi Firmware Enabling Guide For The Intel Atom Processor E3900 Series 820238
Document42 pages
Uefi Firmware Enabling Guide For The Intel Atom Processor E3900 Series 820238
賴翊翊
No ratings yet
6.4.1.3 Packet Tracer - Configure Initial Router Settings
Document4 pages
6.4.1.3 Packet Tracer - Configure Initial Router Settings
Michelle Ancajas
100% (9)
Managing Cisco IOS
Document56 pages
Managing Cisco IOS
Meseret Abiy
No ratings yet
Latitude-E6410 Administrator Guide4 En-Us
Document101 pages
Latitude-E6410 Administrator Guide4 En-Us
Jonathan Tabac II
No ratings yet
Dccu Infobrief
Document11 pages
Dccu Infobrief
HarRy L N
No ratings yet
Howto Iptables For Dummies
Document16 pages
Howto Iptables For Dummies
shitfacemcgeee
No ratings yet
Autosecure: Release Modification
Document22 pages
Autosecure: Release Modification
Nitrus
No ratings yet
5 - Basic Config
Document40 pages
5 - Basic Config
emanaboura0
No ratings yet
11 - Introduction To IOS CLI
Document42 pages
11 - Introduction To IOS CLI
AungMon
No ratings yet
Module 2-2 Basic ASA Firewall Configurations
Document37 pages
Module 2-2 Basic ASA Firewall Configurations
vitalsign75
No ratings yet
G450 Secrets
Document13 pages
G450 Secrets
oclaudiox
No ratings yet
Dell™ Optiplex™ 980 Service Manual - Mini-Tower: Notes, Cautions, and Warnings
Document38 pages
Dell™ Optiplex™ 980 Service Manual - Mini-Tower: Notes, Cautions, and Warnings
Doonoo
No ratings yet
Videosurveillance Software Manual
Document87 pages
Videosurveillance Software Manual
najjaci
No ratings yet
TP75 Bios 120618
Document40 pages
TP75 Bios 120618
zmeiiemz
No ratings yet
Getting Started With Ios Ips
Document12 pages
Getting Started With Ios Ips
satya28
No ratings yet
Privilege Mode
Document20 pages
Privilege Mode
rokan
No ratings yet
ENUN3700NH
Document25 pages
ENUN3700NH
Orosz János
No ratings yet
Lab 2.3.5 Configure General Router Security: Objective
Document10 pages
Lab 2.3.5 Configure General Router Security: Objective
quangteo2009
No ratings yet
01 03 Auto Start Configuration
Document15 pages
01 03 Auto Start Configuration
Andrei Stelmach
No ratings yet
AutoSecure CiscoRouter
Document28 pages
AutoSecure CiscoRouter
Waqas Moazzam
No ratings yet
PPS Tutorial
Document27 pages
PPS Tutorial
Yafte Ascencio
No ratings yet
Basic Software Configuration Using The Cisco IOS Command-Line Interface
Document22 pages
Basic Software Configuration Using The Cisco IOS Command-Line Interface
heruye mulugeta
No ratings yet
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassoulii
No ratings yet
Windows Update Agent API
Document9 pages
Windows Update Agent API
Hector Balseiro Ramirez
No ratings yet
DL380 Full 2022 01 11 SPDAW16062
Document5 pages
DL380 Full 2022 01 11 SPDAW16062
Hector Balseiro Ramirez
No ratings yet
DL380 Ful Ver2 2022 01 11 SPDAW16063
Document5 pages
DL380 Ful Ver2 2022 01 11 SPDAW16063
Hector Balseiro Ramirez
No ratings yet
MS-DOS and Windows Command Line SC Command: Availability
Document21 pages
MS-DOS and Windows Command Line SC Command: Availability
Hector Balseiro Ramirez
No ratings yet
(Retina CS and Retina Network Security Scanner) : Enterprise Vulnerability Management
Document4 pages
(Retina CS and Retina Network Security Scanner) : Enterprise Vulnerability Management
Hector Balseiro Ramirez
No ratings yet
Class 21
Document5 pages
Class 21
surajrasika
No ratings yet
MTS4 Base Station
Document4 pages
MTS4 Base Station
rachit2712
No ratings yet
Appointment Slots
Document28 pages
Appointment Slots
abdulyunus_amir
No ratings yet
Lecture - 01 With Answers
Document17 pages
Lecture - 01 With Answers
Sc Lim
No ratings yet
Reading B1 PDF
Document7 pages
Reading B1 PDF
hector7095
100% (1)
Zimbra OS Admin Guide 8.6.0
Document208 pages
Zimbra OS Admin Guide 8.6.0
Danilo Rodrigues da Silva
No ratings yet
Axioo Neon CNC c14 (CZC CPL s01 r48)
Document54 pages
Axioo Neon CNC c14 (CZC CPL s01 r48)
z3xa5347
100% (1)
Cost289 Final Report
Document88 pages
Cost289 Final Report
kyfeee
No ratings yet
Evolution of Media PDF
Document44 pages
Evolution of Media PDF
nikhilsaraf4
No ratings yet
Cambridge English Proficiency1
Document10 pages
Cambridge English Proficiency1
Marcelo Maciel de Almeida
No ratings yet
DCA 2019 Batch
Document25 pages
DCA 2019 Batch
Wjajshs Ushd
No ratings yet
SIP Trunking For Dummies Preview
Document12 pages
SIP Trunking For Dummies Preview
Manish Gandhi
No ratings yet
28.9 RHEL-7-Security - Guide-en-US PDF
Document266 pages
28.9 RHEL-7-Security - Guide-en-US PDF
Trains-Of-India
No ratings yet
Sparsh Nephrocare - IMC Interim Report
Document11 pages
Sparsh Nephrocare - IMC Interim Report
Samyak Raj
No ratings yet
Lecture W4 CN IP Addressing P1
Document65 pages
Lecture W4 CN IP Addressing P1
Hamza Ibrahim Khan
No ratings yet
Nameko
Document43 pages
Nameko
Julio Miranda
No ratings yet
3.1 4 Join Domain
Document21 pages
3.1 4 Join Domain
Karl Olave
No ratings yet
Uwc Ug 2020
Document1 page
Uwc Ug 2020
Justine Ochora
No ratings yet
How To Use It
Document3 pages
How To Use It
Ruben Legaspi
No ratings yet
Ip Routing On Cisco Ios Ios Xe and Ios XR
Document131 pages
Ip Routing On Cisco Ios Ios Xe and Ios XR
Daniel Doyharzabal
No ratings yet
AS3030 User Manual - 606-0000-681
Document95 pages
AS3030 User Manual - 606-0000-681
Pedro Bastidas
No ratings yet
Bully Me No More: Lesson Plans On Bullying
Document9 pages
Bully Me No More: Lesson Plans On Bullying
ribEnglish
No ratings yet
Maternity/Pregnancy Emergency Admission To Sabah Hospital - PROCESS (As of End of Dec 2016)
Document1 page
Maternity/Pregnancy Emergency Admission To Sabah Hospital - PROCESS (As of End of Dec 2016)
Mercy Edward
No ratings yet
Ticket Bangkok
Document1 page
Ticket Bangkok
Colin Dai
No ratings yet
Anand Milk Collection Centres
Document5 pages
Anand Milk Collection Centres
indreshdubey
No ratings yet
IDG - Referecne CLI Aug 2020 - Sri PDF
Document1,180 pages
IDG - Referecne CLI Aug 2020 - Sri PDF
Sridhara Shastry
No ratings yet