Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Article Number: 000146404

UEFI and Secure Boot

Summary: Windows 8 introduces a new requirement for PC manufacturers (OEMs) that may require modifications to your OS deployment infrastructure.

Article Content

Symptoms

Windows 8 introduces a new requirement for PC manufacturers (OEMs) that may require modifications to your OS deployment infrastructure.  That requirement ensures that all Windows 8 systems are shipped with their BIOS in UEFI Mode and Secure Boot enabled. 

 
SLN310069_en_US__1icon Note: For a background on UEFI read this whitepaper.
SLN310069_en_US__1icon Note: For specific information on deploying UEFI systems with Configuration Manager 2012 SP1, read the "Imaging the Latitude 10 with Windows 8 using Configuration Manager 2012" whitepaper by Chris Minaugh from Dell IT.

  
This is a good thing, as UEFI mode removes hardware limitations that were present with Legacy Mode and adds greater functionality, while Secure Boot ensures that the boot loader is verified and has not been impacted by malware or rootkits.   Please read the Building Windows 8 Blog post that gives the full background for Secure Boot and specifies the OEM requirement.

Most customers are using Legacy mode on their client systems even if UEFI mode is available so here are some steps to prepare for UEFI and Secure Boot enabled Windows 8 systems.

1. Evaluate- The following areas of your infrastructure could be impacted by UEFI/Secure boot enabled Windows 8 systems.  Review your current environment and evaluate whether UEFI/Secure boot enabled systems will require a change to your:

  • BIOS configuration
    • CCTK and OMCI can configure both UEFI and Legacy modes, but you should test against a UEFI/Secure Boot enabled system to validate your current BIOS configuration.
  • HDD configuration
    • UEFI Mode requires GPT partitions which are different from Legacy Mode/MBR partitions.
  • Security tools
    • Review your HDD encryption and other security tools for compatibility
  • OS Deployment Tools
    • KACE, MDT, and ConfigMgr will support Windows 8 but may require you to install the latest version (ConfigMgr 2012 SP1 for example) to be able to deploy Windows 8 on a UEFI/Secure Boot enabled system.
  • Boot methods
    • WinPE 4.0 (available in the ADK) is required to deploy to UEFI enabled systems. The latest Mass Storage controller drivers may be required.
    • UEFI PXE is also required and is different from Legacy PXE.

2. Plan - After identifying areas of your infrastructure that require changes to support UEFI/Secure Boot enabled systems, create a plan to make those modification and identify steps to continue with your current environment until those modifications are made.
 

3. Test and Implement - Test the required modifications in your lab environment to ensure that they meet your requirements before deploying into production.  Once your infrastructure is ready to deploy Windows 8 on UEFI/Secure Boot enabled systems, then you will be ready to take delivery of OEM delivered Windows 8 systems.

SLN310069_en_US__1icon NOTE: Please bookmark this page as we will be adding additional information as it becomes available.

Article Properties

Last Published Date

21 Feb 2021

Version

3

Article Type

Solution

Back to Top