Secure and automatic provisioning of computer systems having embedded network devices

摘要

A provisioning method and mechanism for computer systems having embedded network devices. After an initial boot-up of a computer platform, an out-of-band (OOB) controller automatically connects to a corporate DHCP (Dynamic Host Configuration Protocol) server to obtain an IP (Internet Protocol) address and a domain name in which the computer platform is running. The domain name is concatenated with a pre-defined host name to obtain a FQDN (Fully Qualified Domain Name) for a provisioning server. The OOB controller then establishes a TCP connection to the provisioning server. A server certificate chain received from the provisioning server is validated. An attempt to login to the provisioning server is made. If corporate security policy dictates granting access to the computer platform, then provisioning configuration data is received over a secure and encrypted channel.