- ページ 33

サーバー Cisco UCS B420 M4のPDF インストールとサービスノートをオンラインで閲覧またはダウンロードできます。Cisco UCS B420 M4 38 ページ。 Blade server

ページを印刷する
Cisco UCS B420 M4 インストールとサービスノート
Servicing the Blade Server

Enabling the Trusted Platform Module

The Trusted Platform Module (TPM) is a component that can securely store artifacts used to authenticate the
server. These artifacts can include passwords, certificates, or encryption keys. A TPM can also be used to
store platform measurements that help ensure that the platform remains trustworthy. Authentication (ensuring
that the platform can prove that it is what it claims to be) and attestation (a process helping to prove that a
platform is trustworthy and has not been breached) are necessary steps to ensure safer computing in all
environments. It is a requirement for the Intel Trusted Execution Technology (TXT) security feature, which
must be enabled in the BIOS settings for a server equipped with a TPM.
Note
TPM installation is supported after-factory. However, a TPM installs with a one-way screw and cannot be
replaced, upgraded, or moved to another server. If a server with a TPM is returned, the replacement server
must be ordered with a new TPM.
If there is no existing TPM in the server, you can install TPM 2.0. You must first upgrade to UCS firmware
that supports Intel E5-4600 v4 CPUs, which is Cisco UCS Manager Release 2.2(8) and later or Release 3.1(2)
and later (because Cisco aligned support for TPM 2.0 with these CPUs).
Although TPM 2.0 can be installed in servers that are running Intel Xeon Processor E5-4600 v3 or v4 CPUs,
TPM 2.0 requires UCS firmware that supports Intel E5-4600 v4 CPUs, either Cisco UCS Manager Release
2.2(8) and later or Release 3.1(2) and later.
Caution
If the Cisco UCS B420 M4 server (with Intel E5-4600 v4 or v3 CPUs) is running UCS firmware that added
support for Intel E5-4600 v4 CPUs, then it will work with TPM version 2.0. However, if you downgrade the
firmware and BIOS to a version earlier than Release 2.2(8) or earlier than Release 3.1(2), then you are
vulnerable to a potential security exposure. See the following support matrix for TPM versions.
Table 3: TPM Support Matrix by Intel CPU Version
Intel CPU
Intel E5-4600 v3
Intel E5-4600 v4

Procedure

Step 1

Install the TPM hardware.
a) Decommission and remove the blade server from the chassis.
b) Remove the blade server cover.
TPM Version Supported
TPM 1.2
TPM 2.0
TPM 1.2
TPM 2.0
Cisco UCS B420 M4 Blade Server Installation and Service Note
Enabling the Trusted Platform Module
Minimum UCS Manager (UCSM) Version
Release 2.2(5)
Release 2.2(8) or Release 3.1(2)
Release 2.2(8) or Release 3.1(2)
Release 2.2(8) or Release 3.1(2)
31