I think people tend to get hung up on where you store the key material for a server. Hardware token and TPM being two options that are less secure, but network bound disk encryption is supported as well as a combination. So you could have it require the network key as well as the matching PCRs from the TPM for the proper software load before it will unseal.