Cisco Cisco UCS C240 M3 Rack Server データシート
Cisco UCS C240 M4 High-Density Rack Server (Large Form Factor Disk Drive Model)
56
CONFIGURING the SERVER
STEP 15
ORDER A TRUSTED PLATFORM MODULE (OPTIONAL)
Trusted Platform Module (TPM) is a computer chip (microcontroller) that can securely store
artifacts used to authenticate the platform (server). These artifacts can include passwords,
certificates, or encryption keys. A TPM can also be used to store platform measurements that
help ensure that the platform remains trustworthy. Authentication (ensuring that the platform
can prove that it is what it claims to be) and attestation (a process helping to prove that a
platform is trustworthy and has not been breached) are necessary steps to ensure safer
computing in all environments.
artifacts used to authenticate the platform (server). These artifacts can include passwords,
certificates, or encryption keys. A TPM can also be used to store platform measurements that
help ensure that the platform remains trustworthy. Authentication (ensuring that the platform
can prove that it is what it claims to be) and attestation (a process helping to prove that a
platform is trustworthy and has not been breached) are necessary steps to ensure safer
computing in all environments.
The TPM ordering information is listed in
.
Table 27
Trusted Platform Module
Product ID (PID)
PID Description
UCSX-TPM2-001
Trusted Platform Module 1.2 SPI-based for UCS Servers
UCSX-TPM2-002
Trusted Platform Module 2.0 for UCS servers
NOTE: The module used in this system conforms to TPM v1.2 and 2.0, as defined by
the Trusted Computing Group (TCG). It is also SPI-based.
the Trusted Computing Group (TCG). It is also SPI-based.
NOTE: TPM installation is supported after-factory. However, a TPM installs with a
one-way screw and cannot be replaced, upgraded, or moved to another server. If a
server with a TPM is returned, the replacement server must be ordered with a new
TPM. If there is no existing TPM in the server, you can install TPM 2.0. You must first
upgrade to UCS firmware that supports Intel E5-2600 v4 CPUs, which is Cisco UCS
Manager Release 2.2(7) and later or Release 3.1(1) and later (because Cisco aligned
support for TPM 2.0 with these CPUs).
one-way screw and cannot be replaced, upgraded, or moved to another server. If a
server with a TPM is returned, the replacement server must be ordered with a new
TPM. If there is no existing TPM in the server, you can install TPM 2.0. You must first
upgrade to UCS firmware that supports Intel E5-2600 v4 CPUs, which is Cisco UCS
Manager Release 2.2(7) and later or Release 3.1(1) and later (because Cisco aligned
support for TPM 2.0 with these CPUs).
CAUTION:
If the Cisco UCS server (with Intel E5-2600 v4 or v3 CPUs) is running UCS
firmware that added support for Intel E5-2600 v4 CPUs, then it will work with TPM
version 2.0. However, if you downgrade the firmware and BIOS to a version earlier
than Release 2.2(7) or earlier than Release 3.1(1), then you are vulnerable to a
potential security exposure. See the following support matrix for TPM versions.
version 2.0. However, if you downgrade the firmware and BIOS to a version earlier
than Release 2.2(7) or earlier than Release 3.1(1), then you are vulnerable to a
potential security exposure. See the following support matrix for TPM versions.