TPM lockout

New Generation Firewalls are equipped with TPM chips to help secure the devices

These systems are designed to "Lockout" after 32 abrupt power down events(Power Failure, Pulling power cord to turn the device down).
For every ungraceful shutdown(Power Failure, Pulling power cord to turn the device down).the TPM counter is incremented by 1 , after 32 such events the device goes into Lockout mode.
Once the system is in lockout mode , the system will not boot properly. For systems with encrypted drives, the system will stay at BIOS level. For systems with non-encrypted drives, it will boot into maintenance mode
For the system to recover, keep the system powered on for at least two hours. For systems with encrypted drives, the system will auto-reboot and should come back up properly. For systems with non-encrypted drives, perform a reboot from the maintenance mode
For every two hours the device is powered on, the TPM lockout counter will be decremented by one

To make sure that the device does not go into lockout mode make sure that the device has proper power and when ever we need to turn the device off make sure we are doing so gracefully by navigating to the option and turning the device off using the power down option

Follow the steps outlined in this Document to perform a graceful shutdown from the operational cli/GUI when ever you want to power the device down

1931 Views
0 comments
3 Likes

Unlock your full community experience!

TPM lockout

TPM lockout