Method and apparatus for a secure network install
First Claim
1. A computer implemented method for a secure network install for a client, the computer implemented method comprising:
- receiving a request for a boot image file from a client at a proxy server to form a received request, wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address, and wherein the proxy server and the client are on a same subnet;
responsive to receiving the request, locating, by the proxy server, a boot image file server from a list of servers and corresponding boot image files for the boot image file server by performing a lookup of the boot image file in a mapping file to form a located boot image file wherein the mapping file includes the list of servers and corresponding boot image files;
identifying, by the proxy server, an Internet Protocol address of the boot image file server for the boot image file;
retrieving, by the proxy server, the located boot image file from the boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and
sending the retrieved boot image file from the proxy server to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server.
0 Assignments
0 Petitions
Accused Products
Abstract
A method, an apparatus, and computer instructions are provided for a secure network install. One aspect of the present invention provides a proxy server within the same subnet of the client for performing a lookup of the boot image file and downloading the boot image file from a boot file server in a secure manner. The client in turn downloads the file from the proxy TFTP server. Another aspect of the present invention modifies the client remote boot code to include a secure boot file download discovery (SBDD) mode. The client starts the SBDD mode by sending a request for a boot image file to a subnet broadcast address and port, which is listened by a proxy TFTP server. The proxy TFTP server receives the client request and downloads the boot image file. The client in turn downloads the boot image file from the proxy TFTP server.
-
Citations
22 Claims
-
1. A computer implemented method for a secure network install for a client, the computer implemented method comprising:
-
receiving a request for a boot image file from a client at a proxy server to form a received request, wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address, and wherein the proxy server and the client are on a same subnet; responsive to receiving the request, locating, by the proxy server, a boot image file server from a list of servers and corresponding boot image files for the boot image file server by performing a lookup of the boot image file in a mapping file to form a located boot image file wherein the mapping file includes the list of servers and corresponding boot image files; identifying, by the proxy server, an Internet Protocol address of the boot image file server for the boot image file; retrieving, by the proxy server, the located boot image file from the boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and sending the retrieved boot image file from the proxy server to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server. - View Dependent Claims (2, 3)
-
-
4. A computer implemented method for a secure network install for a client, the computer implemented method comprising:
-
detecting, by a proxy server, a broadcast of a boot image file request initiated by a client at a subnet broadcast address and port used by the proxy server to form a detected request wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address; responsive to detecting the request, locating, by the proxy server, a boot image file server from a list of servers and corresponding boot image files for the boot image file server by performing a lookup of the boot image file in a mapping file to form a located boot image file wherein the mapping file includes the list of servers and corresponding boot image files; identifying, by the proxy server, an Internet Protocol address of the boot image file server for the boot image file; retrieving, by the proxy server, the boot image file from a boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and sending the retrieved boot image file from the proxy server to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server. - View Dependent Claims (6, 8, 9, 10)
-
-
5. A computer implemented method for a secure network install for a client, the computer implemented method comprising:
-
detecting, by a proxy server, a modification of a remote boot code of a client to include a secure boot image file download discovery mode; responsive to detecting the request, initiating, by the proxy server, the secure boot image file download discovery mode to send a request for a boot image file to a subnet broadcast address and port wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address; locating, by the proxy server, a boot image file server from a list of servers and corresponding boot image files for the boot image file server by performing a lookup of the boot image file in a mapping file to form a located boot image file wherein the mapping file includes the list of servers and corresponding boot image files; identifying, by the proxy server, an Internet Protocol address of the boot image file server for the boot image file; retrieving, by the proxy server, the boot image file from a boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and sending the retrieved boot image file from the proxy server to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server. - View Dependent Claims (7)
-
-
11. A computer program product comprising:
-
a non-transitory computer usable storage medium having computer usable program code for a secure network install, the computer program product including; computer usable program code for receiving a request for a boot image file from a client at a proxy server to form a received request, wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address, and wherein the proxy server and the client are on a same subnet; computer usable program code for responsive to receiving the request, locating, by the proxy server, a boot image file server from a list of servers and corresponding boot image files for the boot image file server by performing a lookup of the boot image file in a mapping file to form a located boot image file wherein the mapping file includes the list of servers and corresponding boot image files; computer usable program code for identifying, by the proxy server, an Internet Protocol address of the boot image file server for the boot image file; computer usable program code for retrieving, by the proxy server, the located boot image file from the boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and computer usable program code for sending the retrieved boot image file from the proxy server to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server. - View Dependent Claims (12, 13, 14)
-
-
15. A computer program product comprising:
-
a non-transitory computer usable storage medium having computer usable program code for a secure network install, the computer program product including; computer usable program code for detecting, by a proxy server, a broadcast of a boot image file request initiated by a client at a subnet broadcast address and port used by the proxy server to form a detected request wherein the request is for the secure network install by using a modified client remote boot control code, wherein the modified client remote boot control code places the client in a Secure Bootfile Download Discovery (SBDD) mode, wherein the request for the boot image file includes a location of the boot image file and a client Internet Protocol address; computer usable program code for responsive to detecting the request, locating, by the proxy server, a boot image file server from a list of servers and corresponding boot image files for the boot image file server by performing a lookup of the boot image file in a mapping file to form a located boot image file wherein the mapping file includes the list of servers and corresponding boot image files; computer usable program code for identifying, by the proxy server, an Internet Protocol address of the boot image file server for the boot image file; computer usable program code for retrieving, by the proxy server, the boot image file from a boot image file server using a secure file transfer protocol to form a retrieved boot image file, wherein the secure file transfer protocol includes at least one of file encryption and checksum verification; and computer usable program code for sending the retrieved boot image file from the proxy server to the client, wherein the client receives the client Internet Protocol address, the location of the boot image file, and an Internet Protocol address of the proxy server from a dynamic host configuration protocol server. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification