Method and apparatus for a secure network install
First Claim
1. A computer implemented method in a proxy server for a secure network install, wherein the proxy server is a trivial file transfer protocol (TFTP) server, the computer implemented method comprising:
- receiving a request for a boot image file from a client at the proxy server to form a received request, wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address, and wherein the proxy server and the client are on a same subnet;
locating a boot image file server from a list of servers and corresponding boot image files for the boot image file by performing a lookup of the boot image file in a mapping file to form a located boot image file, wherein the mapping file includes the list of servers and corresponding boot image files;
identifying an Internet Protocol address of the boot image file server for the boot image file;
retrieving the located boot image file from the boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and
sending the retrieved boot image file to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, an apparatus, and computer instructions are provided for a secure network install. One aspect of the present invention provides a proxy server within the same subnet of the client for performing a lookup of the boot image file and downloading the boot image file from a boot file server in a secure manner. The client in turn downloads the file from the proxy TFTP server. Another aspect of the present invention modifies the client remote boot code to include a secure boot file download discovery (SBDD) mode. The client starts the SBDD mode by sending a request for a boot image file to a subnet broadcast address and port, which is listened by a proxy TFTP server. The proxy TFTP server receives the client request and downloads the boot image file. The client in turn downloads the boot image file from the proxy TFTP server.
-
Citations
1 Claim
-
1. A computer implemented method in a proxy server for a secure network install, wherein the proxy server is a trivial file transfer protocol (TFTP) server, the computer implemented method comprising:
-
receiving a request for a boot image file from a client at the proxy server to form a received request, wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address, and wherein the proxy server and the client are on a same subnet; locating a boot image file server from a list of servers and corresponding boot image files for the boot image file by performing a lookup of the boot image file in a mapping file to form a located boot image file, wherein the mapping file includes the list of servers and corresponding boot image files; identifying an Internet Protocol address of the boot image file server for the boot image file; retrieving the located boot image file from the boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and sending the retrieved boot image file to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server.
-
Specification