Dell EMC DSS 9620 Installation And Service Manual

Contents

Option DescriptionPower Button Enables or disables the power button on the front of the system. This option is set toEnabled by default.AC Power Recovery Sets how the system behaves after AC power is restored to the system. This option is setto Last by default.AC Power Recovery Delay Sets the time delay for the system to power up after AC power is restored to the system.This option is set to Immediate by default.User Defined Delay (60 s to 240 s) Sets the User Defined Delay option when the User Defined option for AC PowerRecovery Delay is selected.UEFI Variable Access Provides varying degrees of securing UEFI variables. When set to Standard (the default),UEFI variables are accessible in the operating system per the UEFI specification. When setto Controlled, selected UEFI variables are protected in the environment and new UEFIboot entries are forced to be at the end of the current boot order.Secure ME PCI Cfg Space Enabling this setting will hide the PCI configuration space for the Management Engine(ME) HECI devices.Secure Boot Enables Secure Boot, where the BIOS authenticates each pre-boot image by using thecertificates in the Secure Boot Policy. Secure Boot is disabled by default.Secure Boot Policy When Secure Boot policy is set to Standard, the BIOS uses the system manufacturer’s keyand certificates to authenticate pre-boot images. When Secure Boot policy is set toCustom, the BIOS uses the user-defined key and certificates. Secure Boot policy is set toStandard by default.Secure Boot Mode Configures how the BIOS uses the Secure Boot Policy Objects (PK, KEK, db, dbx).• User Mode: In User Mode, PK must be installed, and BIOS performs signatureverification on programmatic attempts to update policy objects. The BIOS allowsunauthenticated programmatic transitions between modes.• Audit Mode: In Audit Mode, PK is not present. The BIOS does not authenticateprogrammatic updates to the policy objects, and transitions between modes. AuditMode is useful for programmatically determining a working set of policy objects. BIOSperforms signature verification on pre-boot images and logs results in the imageExecution Information Table, but executes the images whether they pass or failverification.• Deployed Mode: Deployed Mode is the most secure mode. In Deployed Mode, PKmust be installed and the BIOS performs signature verification on programmaticattempts to update policy objects. Deployed Mode restricts the programmatic modetransitionsSecure Boot Policy Summary Specifies the list of certificates and hashes that secure boot uses to authenticate images.Secure Boot Custom Policy Settings Configures the Secure Boot Custom Policy.Creating a system and setup passwordPrerequisiteEnsure that the password jumper is enabled. The password jumper enables or disables the system password and setup password features.For more information, see the Server board jumper settings section.NOTE: If the password jumper setting is disabled, the existing system password and setup password are deleted and you neednot provide the system password to boot the system.Steps1 To enter System Setup, press F2 immediately after turning on or rebooting your system.2 On the System Setup Main Menu screen, click System BIOS > System Security.32 Pre-operating system management applications