O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

31.8. Securing NetBoot

NetBoot allows a Mac OS X Server administrator to create special disk images that can then be used to boot other Macs over the network rather than from local hard disks. This can simplify the management of large installations of Macs by eliminating the need to install and update Mac OS X and other software individually on each one.

NOTE

To learn more about NetBoot, read Apple's free PDF guide System Imaging and Software Update Administration, available at www.apple.com/server/macosx/resources/documentation.html.

Because NetBoot is used only on local Ethernet networks — not over the public Internet or Wi-Fi — and because the disk images require administrator access to create and modify them, security concerns are minimal. The only specific security control offered is the capability to restrict client access to NetBoot using the MAC address of the clients' Ethernet cards. You can configure either a list of MAC addresses for which NetBoot access is permitted or a list of MAC addresses for which it's blocked.

To configure NetBoot filtering, follow these steps:

  1. Open Server Admin, which is located in /Applications/Server.

  2. In the sidebar on the left, select your server.

  3. If no services are listed under the server name, click the disclosure triangle next to the server name to reveal them.

  4. If the service names are dimmed, choose Server Connect, type your username and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required