HP (Hewlett-Packard)メーカーXZ938UTの使用説明書/サービス説明書
ページ先へ移動 of 74
HP ProtectTools Security Software, Version 6.0 User Guide.
© Copyright 2009, 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Microsoft, Windows and Windows Vista are either trademarks or registered trademar ks of Microsoft Corporation in the U nited States and/or other countries.
About This Book This guide provides basic information for upgr ading this comput er model. WARNING! Text set off in this manner indi cates that failure to follow di rections could result in bodily harm or l oss of life .
iv About This Book ENWW.
Table of contents 1 Introduction to security ............. .......... .......... .............. .......... ............. .......... ........... ........ ......... ........... ........... 1 HP Pro tectT ools fea tures . ........... ............ .......
Specifying device settings ......... ............ .............. ........... ............ ............. ............ .............. 16 Configuring Applications Settings ................ ............ ............... ........... ............... ........
Logging in after Drive En cryption is activat ed ......... .............. ........... ........... .............. ......... 30 Advanced tasks ............ ........ ........... ......... ........ ......... ........... ........ ......... ........ .......
Settin g a shred schedule ................ ............. ................ .............. ................ .............. .......... 44 Selecting or crea ting a sh red prof ile ................ ................ .................... ....................
Creating an extendable JITA for a user or group ............ .............. .......... ............. ............ .. 55 Disab ling a JIT A for a us er or group .......... ........... ............... ............... ............ .............. ..... 56 Advanc ed Setti ngs .
x ENWW.
1 Introduction to security HP Protec tTools sec urity so ftware p rovides se curi ty features that help pr otect against unauthor ized access to the compute r, networks, and critical da ta. Enhanced security functi onality is provided by several HP ProtectTools software modules.
HP ProtectTools features The following tab le details the key fe atures of HP ProtectT ools modules: Module Key features HP ProtectTools Security Manager Administrative Console ● The Security Manager setup wizard is used by administrators to set up and configure levels of security and security logon methods.
Module Key features Smart Card Security (part of Security Manager) ● Provides a management software interface for Smart Card. HP ProtectTools Smart Card is a personal se curity device that protects authentication data requiring both the card and a PIN number to grant access.
Example 1: A Purchasing Agent for a lar ge manufacturer ma kes most of her corp orate transact ions over the Internet. She also frequently visits seve ral popular web sites that require log in information. She is keenly aware o f security so does not use the same pa ssword on every account.
Both Embedded Security an d Drive Encryption for HP ProtectT ools will not allow access to the encrypted data even when the dr ive is removed beca use they are bo th bound to th e original motherboar d.
Example 1: A Stock Broker wants to make sure his e-ma ils only go to specific clients and ensure no one can fa ke the e-mail account and intercept it. The Stock Bro ker signs himself and h is clients up with Privacy Manager. Privacy Manager issues th em a Certifica te of Authentication (CA) to each user.
● Creating str ong passwor d policies ● Addressing regulatory security mandates Protecting against targeted theft An example of this ty pe of incident would be the ta rgeted theft of a computer or its confidential data and customer in formation. This can easily occur in open office e nvironments or in unsecured a reas.
Preventing unauthorized access from internal or external locations Unauthorized access to an unsecured business PC presents a very tangible risk to critical data such as information fro m financial ser vices, an execu tive, or R&D tea m, and to priv ate informatio n such as patient records or personal financia l records.
Additional security elements Assigning security roles In managing comput er security, one impo rtant prac tice is to divide responsibilities and rights among various types of administrators a nd users. NOTE: In a small organizati on or for individual use, thes e roles may all be held by the same person.
HP ProtectTools password Set in this HP ProtectTools mo dule Function Smart Card PIN Smart Card Security Can be used as a multifactor authentication optio n. Can be used as a Windows authentication. Authenticates users of Drive Encryption, if the Smart Card token is selected.
Backing up credentials and settings You can back up crede ntial s in the following ways: ● Use Drive Encryption for HP Prot ectTools to select and back up HP ProtectTools credentials.
2 HP ProtectTools Security Manager Administrative Console About HP ProtectTools Administrative Console Administration of HP ProtectTools Security M ana ge r is provided through the Administrative Console.
● Management Tools - Opens your default bro wser to a web page where you ca n discover additional managem ent applications and tool s that extend th e features of Security Manager as well as a means to stay no tified whe n ne w applications and updates are available.
Enabling security features The security features enabled here app ly to all users of this computer. 1. In the left pane of the Administrative Consol e, expand Security , an d click on Featur es . 2. To enable a se curity feature, click the corresponding check box next to Windows Logon Security and/or Protect data (activates Dr ive Encryption).
4. In the Policy section drop -down list, choose wh ether AN Y (only one) of the specified credentia ls are required, or if ALL of the sp ecified credential s are required in order to authen ticate a user. 5. Click the Apply button. Defining Settings You can specify wh ich advanced security settings to allow.
Removing a user NOTE: This proced ure does not delet e the Window s user account. I t only removes that a ccount from Secu rity Manager . To complete ly remove t he user, you must remov e the user f rom both Sec urity Manager and Wi ndows. 1. Click Start , click All Programs , click HP , and the n click HP ProtectToo ls Administrative Console .
Encrypting Drives Drive Encryption fo r HP ProtectTools allows yo u to encrypt compu ter hard drives, making th e hard drive unread able and inaccessi ble to any unauth orized person who might try to access it even if the drive has been re moved from the computer or se nt to a data recovery servi ce.
3 HP ProtectTools Security Manager HP ProtectTools Security M anager a llows you to significantly increase the security of your computer. Through the us e of Security Manager applica tions, you can: .
NOTE: If the HP Password Ma nager level of security has not been conf igured, users must still enter their Windows password at th e Windows lo gin screen, re gardless of the security login methods that are required by other l evels of security.
Initializing the Smart Card HP ProtectTools Security M anager can support a nu mber of different Smart Cards. The number an d type of characters used as PIN numbers may vary. The manufacturer of the Smart Card should provide tools to install a security certificate and managem ent PIN that ProtectT ools will use in its security algorithm.
Shredding or bleaching files File Sanitizer for HP ProtectTools deletes files by ove rwriting them with meaning less data. This process, referred to as “shredding,” grea tly enhanc es information security by making the deleted files very difficult to recover.
Adding applications Additional applications may be avail able to add new features to this program. 1. Click Start , click All Programs , click HP , and the n click HP ProtectTools Security Ma nager . 2. In the Sec urity Manag er left pane , select the Administration drop-d own menu and click Discover Mor e .
5. Enter your password to verify your id entity, then click the arrow button. 6. Enter a path and name for the stor age file. By default, the file will be saved to your Documents folder. Click Browse to specify a different location. Click Next . 7. Enter and confirm a password to protect the file.
Changing your Windows user name and picture Your Windows user name and a picture are display ed in the upper left corne r of Security Manager. To change your user name and/or picture: 1. Click on the upper left section of Security Manager with your user name and picture.
4 Password Manager for HP ProtectTools Logging on to Win dows, websites and programs is easier and more se cure when you use Password Manager. Password Manager allows you to set up the logon screens o f websites and pro grams for quick and secure access.
● Open Password Ma nager - Launc hes the Security Man ager dashboar d on the Passwor d Manager page. ● Help - Displays online help for the Password Manager application. NOTE: The administrator of the comput er may have set up Se curity Manager to requ ire more than one credential when verifying your identity.
4. Edit your logon information. ● Click the arrows to the right of a l ogon field to populate it with o ne of several preformatte d choices. ● Optionally, click Choose oth er fields to add additio nal fields from the screen to your logo n. ● Deselect Submit account data if you want the logon fields filled in but do n ot want them submitted.
Managing your logons Password Manager makes managing your logon info rmation - user names, p asswords and multiple logon accounts - painless and i ntuitive, from one central location.
5 Drive Encryption for HP ProtectTools NOTE: Drive Encryp tion for HP ProtectToo ls is available on some mode ls only. In today’s world, a co mputer belonging to you or anyone on your staf f coul d be stolen, and critical information abou t your company could b e seriousl y compromised.
Setup procedures Opening Drive Encryption 1. Click Start , click All Programs , click HP , and the n click HP ProtectToo ls Administrative Console . 2. Click Drive Encryption . General tasks Activating Drive Encryption Use the HP Protect Tools Administrative Console Setup Wizard to activat e Drive Encryption.
Encrypting or decryp ting individual drives 1. In the Administrative Co nsole left pane, expand Drive Encryption , and click Encryption Manage ment . 2. Click the Change Encryption b utton. 3. In the Change En cryption dialog box, sel ect or clear the check box ne xt to each hard dri ve you want to e ncrypt or decrypt, a nd then c lick OK .
6 Privacy Manager for HP ProtectTools Privacy Manager is a tool used to obtain Certificates of Authority, which veri fy the source, integrity, and security of communicati on when using Microso ft mail, Microsoft Office docu ments, and Instant Messenger.
set up as an account wi thin Microsoft Outlook on the same co mputer from which you are requesting the Privacy Manage r Certificate. Requesting a Privacy Manager Certificate 1. In the Security Manager le ft pane, expand Privacy Manager , and cli ck Certificates .
Renewing a Privacy Manager Certificate When your Privacy Manager Certificate nears expiration, you w ill be notified that you need to renew it: 1. In the Security Manager le ft pane, expand Privacy Manager and click Certificat e Manager . 2. Click a Privacy Manager Ce rtificate .
3. On the “Migration Fil e” page, click Bro wse to search for the .dppsm file that you crea ted when you installed or expo rted the Privacy Manager Certificate, and then click Next . 4. On the “Migration Fil e Import” page, click Finish . 5. Click Close , and then click Apply .
Adding a Trusted Contact 1. In the Security Manager le ft pane, expand Privacy Manager and click Truste d Contacts , and then click the Invite Co ntacts butt on. – or – In Microsoft Outlook, clic k the do wn arrow next to Send Securely on the toolb ar, and then click Invite Contacts .
NOTE: When the e -mail is received by the Trusted Con tact recipient, the re cipient must open the e-mail and click Accept in th e lower-right corner of the e- ma il, and then click OK when the confirmation dialog bo x opens.
Configurin g Privacy M anager in a Mi crosoft Off ice docum ent 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, highlight File Sanitizer , and then click Shred Now . 2. When the confirmation dialog box opens, cli ck Yes .
To add a sugge sted signer to a Micro soft Word or Micro soft Excel document: 1. In Microsoft Word or Microsoft Excel, create and save a document. 2. Click the Insert menu. 3. In the Text group on the toolbar , click the arrow next to Signature Line , and the n click Privacy Manager Signature Provider .
5. Click OK . 6. Authenticate using your chosen security logon method. If you later decide to edit th e document, follow the st eps in Signing a Microsoft Of fice Document . When the encrypti on is removed, you can edit th e document. Follow the st eps in this section to encrypt the do cument again.
Using Privacy Manager in Microsoft Outlook When Privacy Manager is installe d, a Privacy butt on is displayed on the Microso ft Outlook toolbar, and a Send Securel y button is displayed o n the toolbar of each Microsoft Outlook e-mail message.
Advanced tasks Migrating Privacy Manager Ce rtificates and Trusted Contacts to a different computer You can securely migrat e your Privacy Manag er Certificates and T rusted Contacts to a different computer.
7 File Sanitizer for HP ProtectTools File Sanitizer is a tool that allows you to securely er ase critical files and folde rs (personal inform ation or files, historical or Web-rel a ted data, or other data components) on your computer and periodically bleach you r hard driv e.
Setting a free space bleaching schedule NOTE: Free space bleaching is f or those assets t hat you delete using the Windows Recycle Bin or for manually deleted a ssets. Free space ble aching provides no additional security to shredded assets. To set a free space bleaching schedule: 1.
To select a prede fined shred profile: 1. In the Security Manager le ft pane, expand File Sanitizer and click Settings . 2. Click a predefined sh red profile.
NOTE: It is highly recommende d that you run free space bl eaching regularly if you use the simple delete option. 1. In the Security Manager le ft pane, expand File Sanitizer , click Settings , select Si mple Dele te Settings , and then click View Details .
Manually shredding one asset CAUTION: Shredded assets cann ot be recovered. Care fully consider which items you select for manual shredd ing. 1. Right-click the HP ProtectTools icon in the notification area, at the far right of the taskbar, highlight File Sanitizer , and then click Shred One .
Aborting a shred or free space bleaching operation When a shred or free space ble aching opera tion is in progress, a messa ge above the HP ProtectTools Security M anager icon i n the no ti fication area is di splayed.
8 Embedded Security for HP ProtectTools NOTE: The integrated Trusted Platform Module (TPM) embedded security chip must be installed in your computer to use Embedded Security fo r HP ProtectTools. Most HP commercial desktop computers include the Infineon TPM, which is the only commo n criteria certified chip to meet T CG specifications.
To enable th e embedded security ch ip in Computer Setup: 1. Open Computer Setup by turning on or resta rting the computer, and then pressing F10 while the “F10 = ROM Base d Setup” message is displaye d in the lower-left corner of the screen.
NOTE: To use secure e-mail, you must first conf igure the e-mail client to u se a digital certificate that is created with Embedded Security . If a digital certificate is not av ailable, you must obtain one fro m a certification authority.
Advanced tasks Backing up and restoring The Embedded Security backup feature creates an arch ive that contains ce rtification information to be restored in case of eme rgency. Creating a backup file To create a backup file: 1. Click Start , click All Programs , click HP , and the n click HP ProtectTools Security Ma nager .
9 Device Access Manager for HP ProtectTools This secu rity tool is available to a dministrato rs only. Device Access Manager for HP ProtectTool s has the following security fe atures that protect agai.
NOTE: If background serv ice is not running , it attempts to st art now. Click Yes to allow it. 5. Click OK . Device class configuration (advanced) More selections a re available to allow specific us ers or groups of users to be granted or denied access to types of devices.
Scenario: A Simple Configuration policy is configured to deny all non-Device Administrators access to the DVD/CD-ROM drive. Result: A JITA enabled user attempts to access t he DVD/CD-ROM drive, they receive the same access denied me ssage as a non JITA ena bled user.
5. Set the JITA perio d to the required time . 6. Click the Extendable check box. 7. Click the Apply button. The selected user can now login, authenticate to Security Manager and access the device. One minute before the JIT A period is about to expire , the user will be prom pted to extend their JITA period.
10 Computrace for HP ProtectTools Computrace for HP ProtectTools is a tool that can remotely monitor, manage, and track your computer. Once activated, Computrace for HP ProtectTools is configured from the Ab solu te Softwar e Customer Center.
Glossary activation. The task that must b e completed before any o f the Driv e Encryption features ar e a ccessible. Drive Encryption is activated using the HP ProtectTo ols Security Mana ger Administrative Consol e setup wizard. Only an administrator can activate Drive Encryption.
Drive Encryp tion key r ecovery ser vice. The SafeBoot Reco very Service. It stores a copy of the encryption key, enabling you to access your computer if you forget you r password and do not have access to your local backup key. You must crea te an account with the service to set up onlin e access to your backup key.
A task that allows the us er to decrypt one or more chat history sessions, displaying the Contact Screen Name(s) in plain text and ma king the session availab le for viewing. revocation pas sword. A password that is cre ated when a user requ ests a digi ta l certificate.
A communication session during which trusted messages ar e sent from a trusted send er to a Trusted Contact. trusted message. A communication session during which trusted messages ar e sent from a trusted send er to a Trusted Contact. Trusted Platform Modu le (TPM) embedded secu rity chip.
Index A access controlling 53 preventing unauthorized 8 accessing HP ProtectT ools Security 6 account basic user 50 advanced tasks Device Acce ss Manager 54 Embedded Security 52 B background service, .
changing Windo ws user name 24 changing your picture 24 device access 21 drive encryption status 21 logging in 18 managing communi cation privacy 20 managing pa sswords 19 preferences 22 setting crede.
viewing Privacy Manager certificate details 33 viewing trusted contact details 37 R restricting access to sensitive data 7 device access 53 S security key objectives 6 levels 13 logging in 18 login me.
デバイスHP (Hewlett-Packard) XZ938UTの購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
HP (Hewlett-Packard) XZ938UTをまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはHP (Hewlett-Packard) XZ938UTの技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。HP (Hewlett-Packard) XZ938UTの取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。HP (Hewlett-Packard) XZ938UTで得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
HP (Hewlett-Packard) XZ938UTを既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はHP (Hewlett-Packard) XZ938UTの不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、HP (Hewlett-Packard) XZ938UTに関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちHP (Hewlett-Packard) XZ938UTデバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。
