“Ready BIOS for Device Guard Use” includes a drop down that
will allow the user to set up the BIOS configuration Windows
requires to enable Device Guard, or change the configuration
back to the configuration before Device Guard was enabled.
Device Guard is a Windows feature that enables higher
security around drivers and BIOS behavior.
The following settings are possible:
• Configure on Next Boot
• Clear Configuration on Next Boot
When set to "Configure on Next Boot", the BIOS will change
the features listed below to their suggested Device Guard
states, on the boot after saving changes and exit.
Virtualization features will be enabled.
Removable and network boot devices will be disabled (for
example, USB boot, CD-ROM boot, Thunderbolt boot, etc.).
MS UEFI CA Key will be disabled.
When set to "Clear Configuration on Next Boot", the BIOS will
set the listed features to their Custom Default state if custom
defaults have been saved. If custom defaults have not been
saved, the BIOS will restore the listed features to their factory
default states.
UEFI only. Enables driver support for NVMe Intel Optane
storage module. Requires additional configuration by
Intel Rapid Storage Technology software application.
Comments to this Manuals