Requirements

This section sets out the requirements for initializing and configuring the TPM on an SNS firewall.

An SNS firewall equipped with a TPM

See the list of the relevant firewall models on the Stormshield website at Our Stormshield Network Security firewalls.

Secure Boot enabled on the SNS firewall

On SNS in 4.8.7 and higher versions, TPM protection is incomplete as long as the Secure Boot feature is not enabled. You are advised to enable it before initializing the TPM, but this can be done later. Do note, however, that a warning will be appear in the SNS firewall Dashboard if Secure Boot is disabled, and the TPM is initialized.

On SNS 4.3 LTSB versions, you are advised to enable Secure Boot on the SNS firewall, even though it is not mandatory.

NOTE
Secure Boot is enabled by default on some SNS firewall models. For more information on the models concerned, and on enabling Secure Boot, refer to the technical note Managing Secure Boot in SNS firewalls' UEFI.

Permissions to access the TPM

To initialize and configure the TPM, the administrator must hold the TPM access (W) privilege. Only the admin account can assign this privilege in Configuration > System > Administrators, Administrators tab, Switch to advanced view button.

Ability to access the CLI console on the SNS firewall

If you wish to perform any of the actions in this technical note from the SNS firewall's CLI console, go to Configuration > System > CLI console from the SNS firewall's web administration interface. For more information, refer to the section CLI console in the SNS v4.8 or v4.3 LTSB user guide, depending on the version used.