Over the past few days I have been researching FOG. Though convinced of its awesomeness, there are a few questions that remain.
The situation is as follows. I am the Systems Librarian for a mid-sized regional University. We have 70 -100 public computers (Dell Optiplex 780s) currently running Windows XP. We use Windows SteadyState to lock them down and prevent unwanted changes to the machines (including everything from malware to patrons cluttering up the computers with files). Since Microsoft discontinued SteadyState the Library has been sticking to XP, but with support ending in April we can hold out no longer and are in the process of transitioning to Windows 7. At the same time we have been seeking a way to centrally manage our computers. The difficulty is that the library is not a part of the campus domain (but is on the network) and all of our computers are in a WorkGroup. We also do not have a server other than a dedicated machine for our catalog and the budget is tight. Thus there seemed to be no way to do things such as push out software to computers, image them remotely, and track usage. When imaging machines we use Clonezilla and have to go around to each one with a flash drive. FOG seems to be the answer to all of our prayers.
Except for two things. First, our campus IT people have their own server running Windows Deployment Services. They image machines via PXE boot, although I do not think their system can do Zero Touch Installation. They also control the DHCP server. If there library were to set up a FOG server, would it create any sort of conflicts? Given that the program uses MAC addresses my assumption would be no as long as it is set up correctly (that is the impression the user guide gives anyway). However networking is not my strong suit. Also our public computers are set to boot from the network first and, despite not being on the domain, are on the same subnet as other public computers around campus.
Second, what sort of security risks does having a FOG server present to the campus network? Although the machine we are planning on putting it on will not have an external IP address I am concerned all the same since Apache is require to run FOG.