Network Boot in a Zero-Trust Environment with UEFI


Network boot is commonly used for everything from booting thin clients to using IT automation for bare-metal provisioning. Unfortunately, most network boot infrastructure is based on outdated standards such as TFTP and PXE. This presents an issue when implementing a Zero Trust architecture, where security principles need to be implemented within the network perimeter. This session introduces modern methods for securing network boot infrastructure, including UEFI Secure Boot and HTTPS Boot, and how they can be enabled with the right combination of firmware and server configuration. Will discuss the details on how to make your latest UEFI firmware use Https and SUSE SLES 12 SP4 and SLES 15 for network installation and boot.

slides at


Ballroom F
Friday, March 8, 2019 - 10:00 to 11:00