Heading
Option
Description
System Security Provides these options:
●
Data Execution Prevention—Enables or disables Data Execution Prevention mode in the
CPUs. This mode prohibits code from running in pages that were set up as data pages, and
prevents attacks such as buffer overflows. Operating system support is required for this
feature.
●
Virtualization Technology (VTx)—Enables or disables Intel Virtualization Technology to
increase workstation performance.
●
Virtualization Technology for Directed I/O (VT–d2)—Enables a virtual machine to gain
exclusive control of a hardware device, such as a graphics card.
●
Embedded Security Device—This option becomes available if Embedded Device is set to
Available.
Embedded Security Device (Hidden or Available) turns the Trusted Platform Mechanism
(TPM) on and off. Device Hidden is the default. If this option is made available, the following
options become available:
◦
Power-On Authentication Support—Enables and disables an authentication feature that
requires you to enter a TPM user key password to start the workstation. This feature
uses the TPM to generate and store the authentication password.
◦
Reset Authentication Credential—Resets the authentication functionality and clears
authentication credentials.
To enable the Embedded Security Device and to access any security features associated
with the device, you must enter a setup password.
Setting a device to Available lets the operating system access the device. Hidden makes the
device unavailable. It is disabled by the BIOS and cannot be enabled by the operating system.
●
Intel IO Virtualization—Enables or disables Virtualization Technology to increase workstation
I/O performance.
●
Embedded Security Device Support—Lets the workstation leverage the trusted platform
mechanism device.
●
OS Management of Embedded Security Device—Enables or disables operating system
control of the TPM device, including turning it on and off, initializing it, and resetting it.
●
Reset of Embedded Security Device through OS—Enables or disables operating system
ability to reset the TPM.
Setup Security
Level
Lets the administrator set the security level of each setup feature.
Power
OS Power
Management
Enables or disables:
●
Runtime Power Management
●
MWAITE-AWARE OS
●
Idle Power Savings
●
ACPI S3 Hard Disk Reset
●
ACPI S3 PS/2 Mouse Wakeup
●
USB Wake on Device Insertion
●
Unique Sleep State Blink Rates
Table 4-1
Computer Setup (F10) Utility menu descriptions (continued)
ENWW
The Computer Setup (F10) Utility
37