TRUSTED PLATFORM MODULE (TPM)

Some firewall models are equipped with a secure physical storage medium called TPM (Trusted Platform Module), designed to protect certificates, private keys, configuration backup files, etc.

The TPM must be initialized before it can be used, i.e., a TPM administration password must be created.

You can initialize it the first time you log in to some configuration modules:

  • Objects > Certificates and PKI,
  • Maintenance > Backup tab,
  • Maintenance > Restore tab,

Initializing the TPM

To initialize and use the TPM, the account of the connected administrator must hold the TPM (E) privilege. To assign this permission to administrators, go to Administrators > Administrators tab > Switch to advanced view.

When you open one of the above modules, the TPM initialization window will appear:

  1. Enter the TPM administration password (at least 8 characters),
  2. Confirm the password
    A progress bar will indicate the strength of the password.
  3. If the firewall is part of a cluster (high availability enabled), select Derive the key from the TPM password so that both firewalls will obtain the exact same key and will not encounter issues when accessing the TPM during a HA switch.
  4. Click on Apply.