Questions before rollout aka UEFI/Secure boot
Former user of FOG, haven’t used it since circa 2010. Curious, What is the current status of support for uefi windows 8/10 Support?
I am not going to lie, I just bricked a laptop I was using for testing purposes.
Also please remember that UEFI is not necessarily Secure Boot. Secure Boot is an optional feature of UEFI, which you you will need to disable if you want to boot ANYTHING other than Windows. Yes, technically Secure Boot signing is available to the Linux community, but very few Linux kernels will ever work with Secure Boot.
UEFI support handles the new method of using the hardware initialization and interaction which is much more efficient than BIOS, which is one of the reasons that an OS that supports UEFI can boot so much faster on a UEFI board. So yes, you can make FOG work with a UEFI ecosystem, but you will either need to disable Secure Boot on each workstation every time you want to boot it with FOG, or you will need to disable Secure Boot completely. Honestly Secure Boot is more of a benefit to consumers, and only helps prevent them from getting their bootloader hijacked. A company or enterprise network should have other security measures in place that help prevent and/or mitigate this risk.
There is no easy answer to this. It depends on the hardware used. Some network cards do work great with UEFI iPXE. Others are a nightmare (I guess this one might cause us a lot of headaches: https://forums.fogproject.org/topic/6177/lenovo-m73-boot-hangs).
I’d definitely suggest trying FOG trunk (https://wiki.fogproject.org/wiki/index.php/Upgrade_to_trunk) if you are keen. Just setup a test server to check out if it works for your device(s). Be aware that FOG trunk is under development and not every revision is bug free.