Network Boot in a Zero-Trust Environment with UEFI
How to get your Suse OS to boot or install from a Https server
Bios Engineer at Intel for 22 years. Support and enablement of UEFI specification with operating system vendors at Tianocore.org EDKII project. Ran USA UEFI plugfests at www.uefi.org/events.
Session title: Network Boot in a Zero-Trust Environment with UEFI Description: Network boot is commonly used for everything from booting thin clients to using IT automation for bare-metal provisioning. Unfortunately, most network boot infrastructure is based on outdated standards such as TFTP and PXE. This presents an issue when implementing a Zero Trust architecture, where security principles need to be implemented within the network perimeter. This session introduces modern methods for securing network boot infrastructure, including UEFI Secure Boot and HTTPS Boot, and how they can be enabled with the right combination of firmware and server configuration. Will discuss the details on how to make your latest UEFI firmware use Https and SUSE SLES 12 SP4 and SLES 15 for network installation and boot.
Slide have been uploaded to: https://www.slideshare.net/douglasdemaio/network-boot-in-a-zerotrust-environment-with-uefi
- 2019 March 8 - 10:00
- 45 min
- Ballroom F
- openSUSE Summit at SCaLE17x