Secure boot is part of the Unified Extensible Firmware Interface (UEFI) standard which ensures that a device boots only using a software that is trusted by the Original Equipment Manufacturer (OEM). The UEFI specification defines a secure boot methodology that prevents loading software which is not signed with an acceptable digital signature. When the device starts, the firmware checks the signature of the boot software and the operating system. If the signatures are valid, the device boots, and the firmware gives the control to the operating system.

When you enable the secure boot feature:

• Malicious software applications and unauthorized operating systems are prevented from loading into the systems during the system startup process.

• Only authorized software applications are allowed to boot up from the device. The software applications that boot up on the device are certified by Cisco.

• A secure compute system ensures that the intended software on the system runs without malware or tampered software.