I've been hunting today for some documentation on Trusted Platform Module (TPM) and some deep dive info on how it interacts with a host server. I've noticed that there are very few posts on this subject, and even fewer details on checking the status of TPM via the host server or how to interface with TPM to "assert physical pressence".
I have some new IBM HS22 blades that look like they have the TPM in them, but the BIOS interface is a little confusing. It says it is enable, but physcial presence is "not asserted". I know this is something I need to look up via IBM, but I was hoping to find more info on the subject in the VMware admin guides or deployment guides. Anyone know where I can find some good documentation?
Hello,
I think you have an issue with your system BIOS and the TPM device then you really have a hardware issue. The OS (ESX) is not really involved at this time. TPM 'stuff' happens before ESX even boots.
Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]
Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]
Hello,
You can use TPM to ensure the boot disk has not changed within vSphere. There was a white paper on this from VMware. Mainly it was for ESXi. You cannot have the vTPM for each VM however.
It is mainly used as an integrity check. This becomes quite important as the vmkernel is opened up to allow third party drivers such as VMsafe.
Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]
Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]
I'm not looking to use TPM for virtual machines, only the host. I'm mainly looking for more info on fixing the message in the BIOS of physcial presence is "not asserted"
James
Hello,
I think you have an issue with your system BIOS and the TPM device then you really have a hardware issue. The OS (ESX) is not really involved at this time. TPM 'stuff' happens before ESX even boots.
Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009
Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]
Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]