SCHENKER CONNECT 15 (E26): Extended product information (Deep Dive) IntroductionWith the SCHENKER CONNECT 15 (E26), we are introducing a new 15.6-inch business platform that is consistently designed with connectivity, security and ease of maintenance in mind. SCHENKER CONNECT 15 (E26) on bestwareThe SCHENKER CONNECT 15 is deliberately positioned between traditional office notebooks and high-end premium models: it combines modern platform technology with practical business features without introducing unnecessary complexity or costs.The following Deep Dive provides further technical and conceptual background on the SCHENKER CONNECT 15 in the following areas. CPU performance and RAM configuration Performance profiles and fan control Internal layout, maintenance and batteries Smart card reader and optional LTE Keyboard layout Comparisons with SCHENKER WORK and XMG EVO Security feature: Secured-Core PC Level 3 CPU performanceThe SCHENKER CONNECT 15 (E26) features the Intel Core 5 120U with 10 cores, 12 threads and up to 5 GHz boost clock (see Intel spec sheet).This is a refresh generation within the Raptor Lake U family. Thanks to a robust cooling system and Honeywell PTM7950 thermal compound, the CPU can operate continuously at up to 28 watts (peaking at up to 35 watts) whilst remaining well below its thermal limits.Therefore, the CPU, although it has a TDP (or Processor Base Power) of only 15 watts, operates significantly faster in the SCHENKER CONNECT 15 compared to similar devices. Performance limits are determined by the CPU itself – the cooling system is not the limiting factor here.Information on the RAMSCHENKER CONNECT 15 (E26) supports memory capacity and speed of up to 64 GB DDR5-5200. Thermal pads link the memory modules to the motherboard to distribute excess temperature over a large area.Intel officially permits a maximum memory size of up to 96 GB for the Intel Core 5 120U. However, we deliberately limit our offering to 64 GB because very large DDR5 SO-DIMM modules (48 GB and above) can reach significantly higher module temperatures under sustained synthetic load (such as the AIDA64 Stress Test) than their 32 GB counterparts.We always validate the RAM configurations we offer. Operation with 64 GB (2x 32 GB) is no problem – however, we cannot approve operation with 96 GB (2x 48 GB).We therefore advise against such DIY upgrades. For configurations exceeding 64 GB, we recommend switching to the XMG EVO series.Performance ProfilesThe Control Center of the SCHENKER CONNECT 15 (E26) offers several performance profiles, which can also be cycled through with the Fn+F3hotkey. The following table shows the key figures for the profiles in detail: Profile PL1 PL2 PL4 Performance 30 W 44 W 60 W Entertainment 15 W 44 W 60 W Entertainment + Noiseless 9 W 44 W 60 W Quiet 7 W 44 W 60 W Definition: PL1: Continuous load PL2: Load peaks (<1 second) PL4: Ultra-short load peaks (in the millisecond range) The "Noiseless" mode is an option within Entertainment mode that can be permanently enabled. Pressing Fn+F3 therefore only switches between three profiles – not four.On battery, PL1 and PL2 are also limited to 15 watts in Performance mode to conserve battery health. However, the full 60 watts of PL4 are available even on battery for ultra-short load peaks.Fan controlOverviewThe SCHENKER CONNECT 15 (E26) uses profile-based fan control with clearly distinct objectives. Depending on the performance profile, the system prioritises either maximum reactivity and thermal reserve, a balanced efficiency point, or minimal noise with strictly capped power limits.The diagram shows fan speed (in %) horizontally and temperature (°C) vertically in three curves: Performance: aggressive, rising early and sharply to accommodate high sustained power and rapid load changes. Entertainment: moderate, with a clear "sweet spot" between performance and noise level. Quiet: as quiet as possible, with a significantly later start-up and a flatter ramp. The steps between each level are deliberately broad. Combined with temperature averaging and hysteresis, this results in fairly smooth fan control, rather than constant up-and-down regulation by single percentage points.Temperature averagingCPU temperatures are quite dynamic. Hotspots can spike sharply within fractions of a second during short bursts of load, without resulting in a sustained load scenario. Varying with each performance profile, our fan control does not use the raw real-time temperature value as the basis for fan control, but rather an average, smoothed over several seconds.Steady speeds thanks to hysteresisIn addition, the SCHENKER CONNECT 15 uses hysteresis logic to prevent oscillation around thresholds. Put simply: there is a temperature at which the fan speed is increased (Temp Up), and a lower temperature below which it is reduced again (Temp Down).This range ensures that the fan does not constantly jump back and forth between two speeds when the temperature fluctuates just around a threshold value.These ranges are not directly visible in the diagram above – the diagram shows only the "Temp Up" values for each profile.Improvement over SCHENKER WORK seriesTemperature averaging and hysteresis are implemented in this form for the first time in the SCHENKER office class with the SCHENKER CONNECT 15. This logic was not yet present in the predecessor models of the SCHENKER WORK series.The reason lies in the hardware basis of the embedded controller firmware: The SCHENKER CONNECT 15 utilises a larger EC firmware ROM and a more powerful microcontroller, which allows for more complex control logic. This puts the CONNECT 15 on a par with the XMG EVO series, as well as our gaming laptops and workstations, in terms of fan control functionality.Thanks to the combination of temperature averaging, hysteresis and deliberately set limits, the SCHENKER CONNECT 15 can run quietly in typical office scenarios, but can still really rev up under prolonged full load in performance profiles without the system temperatures even coming close to the throttling limits.Maintenance and internalsThe battery of the SCHENKER CONNECT 15 (E26) can be removed and replaced without tools – the battery compartment has a mechanical lock for security. Before removing the battery, you should shut down the laptop or put it into hibernation mode.The laptop has a small service cover for the LTE module and SIM card slot. This cover can be opened with a captive, coin-operated screw – changing the SIM card therefore takes just a few minutes.For RAM and SSD upgrades, however, the entire bottom cover must be removed. Once the standard Phillips-head screws have been removed, the RAM and SSD are easily accessible:The photo shows the interior with the bottom cover removed, and therefore also without the removable battery. The photo shows: Large fan with a diameter of 85 mm, a height of 6 mm and 79 fan blades. Two RAM slots to the right of the CPU. The thermal pads are located beneath the RAM modules and connect them to the motherboard. SSD slot to the right of the RAM modules. Bottom right: LTE module and, next to it, the SIM card slot (LTE antennas are not yet connected in this photo). Bottom centre: the underside of the touchpad, stabilised by a metal frame. The left side of the image shows the right side of the notebook with the large SmartCard reader, a USB-A port and the full-size LAN I/O port. The Wi-Fi module is located in the center, between the fan and the CPU. Next to it is the CMOS button cell battery. We show a true-to-scale comparison of the internal layout with that of the SCHENKER WORK series in this animated GIF:schenker-connect-15-e26_inside_vs_work-15_vs_work-15-base.gifThe comparison clearly shows that both the fan and the heat pipe in the SCHENKER CONNECT 15 are larger than in the previous WORK series models.Spare batteriesSpare and replacement batteries will be available on bestware in the future. Stock is currently still on its way. The batteries are compatible with other models from our ODM partner.Anyone wishing to purchase a spare battery now we advise to check out the following pages: [1] [2] [3].The part numbers for the batteries are: V640BAT-3-55 6-87-V640S-54J00 6-87-V640S-54J01 6-87-V640S-54J02 6-87-V640S-54J03 6-87-V640S-54J04 All of the part numbers listed above are 100% compatible with one another and technically identical.Information on the SmartCard readerIntroductionThe SmartCard reader in the SCHENKER CONNECT 15 (E26) is a contact-based reader compliant with ISO/IEC 7816 (Class A/B/C) and the PC/SC 2.0 interface standard. It is designed for standard SmartCards in business and government environments.ApplicationsTypical applications include: VPN authentication and remote access in enterprises. Email signing and encryption (S/MIME) in organisations with PKI. Windows login via smart card (smart card as a second factor instead of a password). Document signing in PKI/certificate environments (depending on the signing software used). Administrative and access processes where certificates are deliberately not stored on the SSD. Can I also use this to access the online ID function of the German identity card?No. The SmartCard Reader is not suitable for the online ID function (eID) of the German identity card (Personalausweis). The eID function explicitly requires a contactless reader compliant with ISO/IEC 14443 (NFC), such as those built into many smartphones. See also:Bund.de > AusweisApp > USB Card ReadersHow far do SmartCards protrude from the chassis?When inserted, SmartCards protrude from the card reader by more than half their length. Therefore, if the laptop is packed into a bag or rucksack for mobile use, the card should be removed beforehand to prevent mechanical damage.Information on the optional LTE moduleIntroductionThe SCHENKER CONNECT 15 (E26) can be optionally configured with an LTE module. The SIM card slot and the LTE module are accessible via a separate service covers.The Huawei ME906s we offer includes the following features: Mobile network standards: 4G LTE (FDD), 3G (HSPA+/UMTS), 2G (EDGE/GPRS/GSM) LTE bands (FDD): B1, B2, B3, B5, B7, B8, B20, B28 3G bands: B1, B2, B5, B8 2G frequencies: 1900 / 1800 / 900 / 850 MHz Bandwidth (LTE): up to ↑ 50 Mbps ↓ 150 Mbps Bandwidth (HSPA+): up to ↑ 5.76 Mbps ↓ 42 Mbps Bandwidth (WCDMA): up to ↑ 384 kbps ↓ 384 kbps Bandwidth naturally depends on the network and location – the data speeds listed are under ideal conditions.The Huawei ME906s is recommended for Europe, Australia/New Zealand, Latin America and for global travel; it supports LTE Band 28 for extended coverage in rural and international networks.Can I use my mobile phone contract on my laptop?Yes, this is often possible – but it depends on your mobile contract. In Germany, there are two common options: MultiSIM/second SIM card added to an existing smartphone contract, often from as little as €5 per month. A standalone data plan (Data-SIM) for the laptop only. If you already have a contract, the MultiSIM solution is usually the more cost-effective option. When ordering the MultiSIM, however, you must ensure you order a physical SIM card – not an eSIM.For further details, we have compiled a list of links to various mobile network providers here.MultiSIM options: Provider Link Telekom (Private customers) Link Telekom (Business customers) Link Vodafone Link o2 Link 1&1 Link congstar Link Other providers with Data-SIM plans: Provider Link WinSIM Link smartmobil Link PremiumSIM Link yourfone Link Drillisch Link For further information, we also recommend reading this article: MultiSIM & Co.: One number, multiple SIM cards [teltarif.de] (translated from German)Does the laptop also support eSIM?We currently only support LTE modules with a physical SIM (nano-SIM). eSIM is currently not available. If eSIM is essential for your project, please contact us with your requirements – we will investigate possible alternatives for high-volume orders.Keyboard layoutThe SCHENKER CONNECT 15 features a white-backlit keyboard with a full numeric keypad, full-size arrow keys and Fn-Lock function. The backlighting is adjustable in 5 levels.In addition to the alphanumeric block, the Fn functions include the following hotkeys: Key Fn function Escape Fn Lock F1 Reduce LCD brightness F2 Increase LCD brightness F3 Change power profile F6 Mute audio F7 Reduce volume F8 Increase volume F9 Touchpad off F10 LCD off F11 Airplane mode F12 Standby Space Toggle keyboard backlight ` ~ (below ESC) Media play/pause 1 Media previous 2 Media next Arrow ↑ Page up Arrow ↓ Page down Arrow ← Home Arrow → End Following a survey in 2024, we have deliberately omitted the Copilot key from our keyboard layout. Instead, we retain both the "Ctrl-Right" key, and the context menu key (as a dedicated key).What does MIL-STD-810H certification mean?The product validation standard MIL-STD-810H defines a series of environmental and stress tests used to assess the resilience of electronic devices under controlled laboratory conditions.This is not a single "overall certificate", but rather individual test methods, each of which is carried out and passed separately.This model was tested according to the following MIL-STD-810H methods: MIL-STD-810H Test Method Test Conditions Result 501.7 High Temperature 30–60 °C / 5–44% RH / 24 h / 1 cycle30–43 °C / 14–44% RH / 24 h / 1 cycle Passed 502.7 Low Temperature Non-operating: -25 °C / 24 h / 1 cycleOperating: -21 °C / 24 h / 1 cycle Passed 503.7 Temperature Shock Non-operating: -21 °C to 60 °C3 cycles, 2 hours each Passed 507.6 Humidity 30–60 °C / 95% RH / 24 h / 10 cycles Passed 514.8 Vibration 5–500 Hz / 3 hours20–2000 Hz / random frequency Passed 516.8 Shock Drop test (packaged): 122 cm, 8 corners / 12 edges / 6 facesOperating: 20G, 11 ms, 3 shocksNon-operating: 40G, 11 ms, 3 shocks Passed 528.1 Mechanical Vibration 4–15 Hz operating16–25 Hz operating26–33 Hz operatingTotal 2 hours Passed The tests listed simulate typical environmental and transport stresses such as: High and low temperatures Rapid temperature changes High humidity Vibration during transport Shock loads during operation and when packed Note: the drop test in accordance with Method 516.8 refers to a device in original packaging, dropped from 122 cm height. This does not mean that an unpacked notebook should be dropped onto hard surfaces from any height.The completion of these tests confirms increased resilience against typical environmental and transport stresses. However, this does not make that laptop a "ruggedised" special-purpose device designed for extreme operating conditions. Rather, the MIL-STD-810H tests demonstrate a robust construction within the context of standard mobile usage scenarios.How does the SCHENKER CONNECT 15 differ from the previous WORK series?The SCHENKER CONNECT 15 (E26), with its SmartCard reader, optional LTE support and support for Secured-Core PC, is optimised for connectivity and security.Further advantages and new features include: A bright display with 400 nits, compared to 300 nits in the previous WORK series. Slightly increased sRGB colour gamut coverage of over 90%. Cooling system with Honeywell PTM7950 thermal compound, a larger fan and improved fan control. Keyboard with black keycap edges (the WORK series had white edges, also known as keycap skirts). Tool-free replaceable battery. Tool-free access to the SIM card slot. 180° display opening angle (also featured on the WORK 15 Base, but not on the WORK 15). Support for Wi-Fi 7. Advantages of the WORK series, on the other hand, included: Aluminium display lid and base shell. Larger 73 Wh battery in the SCHENKER WORK 15 (M23). Higher maximum SSD capacity (8 TB in the WORK series, 4 TB in the SCHENKER CONNECT 15). We have compiled a comprehensive comparison of the spec sheets here:SCHENKER Laptop Portfolio Overview and Feature ComparisonOn the top of the page, click on the "SCHENKER WORK & SCHENKER CONNECT" for details.Will there be successors to the SCHENKER WORK series?There are no further platform updates are planned for the chassis of the existing SCHENKER WORK series. The SCHENKER WORK 15 and WORK 17 have existed in their current form since 2021. Although the SCHENKER WORK 14 Base and WORK 15 Base were only introduced in 2023, a platform update no longer makes sense here either. The reason for this is that future platforms will require extensive changes to the motherboard layouts, which would also necessitate changes to the port configuration – meaning new chassis would be required for sure.The chassis of the SCHENKER CONNECT 15, on the other hand, has been designed from the ground up with compatibility with future Intel CPU generations in mind.Whether and when there will be new models in the SCHENKER WORK series is not yet clear. It is possible that new developments in the WORK series will focus on 14-inch and 17.3-inch sizes, meaning the 15.6-inch form factor will be exclusively occupied by the SCHENKER CONNECT 15 for the foreseeable future.How does the SCHENKER CONNECT 15 differ from the XMG EVO 15?The XMG EVO series combines a metal chassis with powerful CPUs, massive storage capacities and a very robust cooling system. The XMG EVO models thus incorporate many of the features of a premium gaming laptop, but without a dedicated graphics card. What's more, they are available with both AMD and Intel CPUs – all from the 45+ watt class, which is a step above the CPUs found in the SCHENKER CONNECT and SCHENKER WORK ranges.The SCHENKER CONNECT 15, on the other hand, is a laptop specifically tailored to the requirements of business customers. Its strengths lie in the combination of a smart card reader, optional LTE and high maintainability, plus a classic Gigabit LAN I/O port without a flip mechanism.XMG EVO 15 (M25) starts at a price of €1,449, so it is also significantly more expensive than the SCHENKER CONNECT 15 (E26), which is available from €999 (both prices include 19% VAT).All about Secured-Core PC Level 3IntroductionMicrosoft "Secured-Core PC Level 3" (SCPC L3) is a particularly strict Windows security configuration, consisting of a chain of Secure Boot, TPM, Intel Trusted Execution Technology (TXT) including Intel Dynamic Root of Trust for Measurement (DRTM), as well as Windows features such as "Memory Integrity" (HVCI) and "Firmware Protection".SCPC L3 is particularly beneficial for corporate customers, government-related environments and anyone requiring a defined, strict Windows security baseline.How does Secured-Core PC Level 3 differ from the lower levels?Secured-Core PC describes a security architecture in which hardware, firmware and the operating system are closely integrated. Depending on the configuration and the protection mechanisms enabled, different protection levels can be distinguished.The terms "Level 1–3" are aimed at manufacturers – Microsoft uses these terms when communicating with OEM partners. In Windows itself, however, these levels are referred to, amongst other things, as: Level 1: Standard hardware security Level 2: Enhanced hardware security Level 3: All Secured-core PC features enabled These levels differ as follows: Protection Features Description Level 1 TPM 2.0, Secure Boot, UEFI protection mechanisms, DEP Protection against tampering during system startup Level 2 Additionally: Virtualization-based Security (VBS), Hypervisor, Memory Integrity (HVCI), Kernel DMA Protection Protection against kernel exploits, unsigned drivers, and certain DMA attacks Level 3 Additionally: Secure Launch (DRTM), SMM Protection, Firmware Protection Version 3 Protection against advanced firmware and SMM attacks at the hardware level Essentially, most modern Windows 11 laptops already meet the Level 2 requirements in their standard configuration. To meet Level 3, however, individual certification is required, which can only be achieved by selected systems.In our portfolio, only the SCHENKER CONNECT 15 (E23) currently meets this security standard.Why is SCPC L3 an upgrade option, not included in the base configuration?In SCHENKER CONNECT 15 (E26), SCPC L3 is disabled by default and can be activated in our online shop as a service for €29 (incl. 19 % VAT).The additional charge arises because activation is not simply a "BIOS default", but involves individual steps that must be carried out manually in firmware on each individual device. These steps must be carried out manually for each device and require several reboots.Systems pre-configured with SCPC L3 at the time of ordering are also guarantee to have that feature maintained in the event of any service issues. Furthermore, our support staff is available to answer any questions regarding the Secured-Core PC protection level.Can I set up SCPC L3 myself at a later date?Yes, Secured-Core PC Level 3 can also be set up by the user at a later date, free of charge – even if it was not pre-configured at point of purchase. We provide instructions and relevant tools here: https://go.schenker-tech.de/secured-core-pc-toolkitWhat are the benefits of SCPC L3? Greater resilience against attacks on the boot chain and firmware (protection below the operating system). Stricter driver and kernel integrity mechanisms via VBS/HVCI (reduces the attack surface caused by kernel-mode malware). Better suitability for B2B environments with security baselines (e.g., where IT departments require Secure Boot, VBS and specific Defender policies). Are there any disadvantages?Secured Core PC was introduced back in 2019 – Level 3 was first introduced in 2021. At the time of its introduction, there may have been isolated compatibility issues, for example with certain drivers or virtual machines (VM hosts). However, most of the features underlying SCPC (memory isolation, hypervisor) are now standard across the Windows ecosystem, which is why drivers and application software have adapted accordingly.Therefore, there are virtually no practical disadvantages left – nevertheless, we would like to explain at least some historical aspects in more detail here.Older docking stations may only work after logging into WindowsOn systems with SCPC enabled, protection against DMA-based attacks may affect the behaviour of some older Thunderbolt docking stations prior to login. When SCPC is enabled, Windows applies stricter rules to devices whose drivers are not compatible with DMA remapping (IOMMU isolation).Note: this legacy issue already applies to Level 2 of Secured-Core PC.In such cases, peripheral devices (mice, keyboards, screens) connected via a docking station may only become available after logging into Windows. However, the laptop's input devices (keyboard, touchpad, fingerprint sensor) will already function in this scenario. In particular, the fingerprint sensor allows you to log in "blindly", even if the primary screen (on the dock) is still inactive.This behaviour is intentional and is designed to prevent memory access by external devices before the operating system has taken full control. Again, this may only affect very old docking stations – were were not able to determine since when exactly DMA protection was taken into consideration by docking station manufacturers, but we assume that this only affects docking stations from before 2019.Driver compatibilitySCPC L3 requires the activation of "Memory integrity" (HVCI, core isolation) in Windows. This feature has been enabled by default since Windows 11 – but can, of course, also be disabled.This security feature blocks older kernel drivers that do not yet meet certain modern security requirements.For standard devices that rely on integrated Windows drivers (keyboards, mice, USB storage, audio devices, webcams), there is virtually no risk of incompatibility.Device types that may be incompatible include, for example: Older USB-to-serial adapters Older capture cards Older controllers for industrial machinery Software that installs low-level kernel drivers (older anti-cheat systems, hardware monitoring or tuning tools) If a driver is incompatible with HVCI memory integrity, Windows will not allow the associated device to operate.At this point, you can then disable the "Memory Integrity" option in the Windows settings. This will allow the affected device to function, but you would also lose SCPC-L3 status.However, this problem is unlikely to occur in the real world outside of only extremely rare cases. Memory integrity has been enabled by default on all compatible Windows 11 installations since its introduction in 2021. Device drivers and common low-level software adapted years ago.Any remaining incompatibilities are likely limited to older (no longer supported) kernel drivers, obsolete and highly exotic peripheral devices, or specialised tools that are no longer maintained by the vendor.VirtualisationAs previously described, SCPC L3 requires HVCI memory integrity to be enabled in Windows. This feature utilises so-called virtualisation (VBS – virtualisation-based security), i.e. the relocation or abstraction of core functions into a virtual machine. This means that the Windows hypervisor (the basis for system-level virtualisation) is always active.At the time of HVCI's introduction around 2021, this caused problems for users who ran their own virtual machines (such as VMware or VirtualBox) – these were significantly slower with HVCI or the hypervisor enabled, or required special configuration.However, providers of VM solutions have long since adapted to this new reality. If you use appropriately up-to-date VM hosts, these will work out-of-the-box even with HVCI memory integrity enabled, without any noticeable performance limitations.How can I check if SCPC L3 is enabled?This can be checked directly in the Windows settings: Open Windows Security. Navigate to Device Security. If SCPC L3 is active, Windows displays this status message: "Your PC is manufactured as a Secured-core PC by SchenkerTechnologiesGmbH and has all Secured-core PC features enabled".Alternative method: Press Win+R and type "msinfo32". Scroll down and look for "Virtualisation-based security" - it should be set to "Secure Launch". How does SCPC L3 work under the hood?Schematically speaking, SCPC L3 works as follows: Secure Boot ensures that only trusted boot components are executed. The Trusted Platform Module (TPM 2.0) records cryptographic metrics of the boot process. Secure Launch (DRTM) uses CPU functions to verify the operating system's launch independently of the firmware. Virtualization-Based Security (VBS) isolates security-critical components. Memory Integrity (HVCI) ensures the trustworthiness of kernel drivers Firmware/SMM protection measures limit the firmware code accessible after boot Together, these features detect or prevent attacks on the firmware or attempts at low-level compromise before Windows is affected.Will SCPC L3 slow down my device? Does it affect battery life? (No.)There are virtually no noticeable differences in performance or efficiency. SCPC L3 is not an active feature that runs constantly in the background, but rather a protocol and validation chain enforced at the system level, which is subject to particularly strict rules to detect tampering with the firmware or boot loader and prevent its execution.Can my device be remotely controlled in any way with SCPC L3? (No.)Unlike common fleet management solutions such as Microsoft Intune, NinjaOne or CrowdStrike Falcon, SCPC L3 is merely a system hardening measure – no remote control, no remote access.Does SCPC L3 send any data to Microsoft? (No.)SCPC L3 is purely a hardware/firmware/software feature and does not require an internet connection.Is SCPC L3 intended only for government agencies/enterprises, or does it also help ordinary users?Ordinary users can also benefit from SCPC L3 – particularly those who travel frequently, use untrusted networks, or want stronger protection against "hard-to-remove" infections.Does SCPC L3 replace antivirus or endpoint security? (No.)SCPC L3 merely provides a stronger foundation that restricts attackers' capabilities, even if malware is executed. Standard endpoint protection remains necessary.Context: not all malware attempts to embed itself in firmware or boot loaders. Ransomware, for example, can already wreak havoc within the user's context (without administrator privileges), as it has access to the user's data within the user's context.SCPC L3 therefore does not replace an antivirus scanner, but merely prevents malware or targeted attackers from being able to 'hide' in the firmware or the operating system kernel.The antivirus protection enabled by default in Windows 11 (also known as ‘Windows Defender’) is also essential for SCPC L3.Can I disable SCPC L3 again at a later date?Yes, SCPC L3 can be deactivated by the user at any time at the firmware or operating system level. To do this, simply deactivate one of the relevant components, such as HVCI memory integrity in Windows or "Intel Trusted Execution Technology" (TXT) in the BIOS setup. Alternatively, simply uninstalling the relevant Intel TXT driver is sufficient.Does SCPC L3 make it more difficult to sell a laptop later on? (No.)SCPC L3 is not linked to the user account or the user's identity. A system with SCPC L3 can be reset to factory settings at any time.How does SCPC L3 differ from conventional PCs with "Secure Boot"?Secure Boot ensures that only trusted, signed boot components are loaded. SCPC L3 builds on this by adding a stronger, hardware-verified transition into the operating system (called 'Secure Launch' or DRTM: Dynamic Root of Trust for Measurement).The system thus detects firmware tampering even if the malware has somehow bypassed the Secure Boot check – for example, if the malware authors are in possession of certain cryptographic keys that should strictly be held only by Microsoft and a few hardware manufacturers.Can I still install BIOS updates with SCPC L3 enabled?To install BIOS updates via the EFI shell, Secure Boot must be temporarily disabled. As part of this manual maintenance procedure, SCPC L3 is also temporarily disabled. Once the BIOS update has been successfully completed, you can (and should) re-enable Secure Boot – for example, by performing a BIOS reset.For this reason, it is important to always obtain BIOS updates only from trusted sources (such as directly from the manufacturer – i.e. from us).ConclusionWe hope this Deep Dive has provided a clear and comprehensible overview of the technical background and design decisions behind the SCHENKER CONNECT 15 (E26).Configure & order: SCHENKER CONNECT 15 (E26) on bestwareShould you have any further questions – for example, regarding specific use cases, IT rollouts, security requirements or custom configurations – we are happy to assist.Submit a support request