I'm building a custom PC workstation with MSI motherboard running the latest version of Windows 10 Professional x64. The motherboard BIOS is UEFI (not legacy BIOS). I would like to use Veeam Agent for Windows for backup/restore on this PC workstation. I'm debating whether or not to enable the Windows Secure Boot feature available on my motherboard for this workstation.
From previous research, I understand that it's possible to restore to different hardware using Veeam, and Veeam is also compatible with Windows BitLocker.
There is one specific scenario that I'd like to confirm will work. Assume the following:
Windows Secure Boot is enabled on the original motherboard.
Windows BitLocker is enabled for all drives in the original Windows 10 Pro x64 OS.
Backups are made with the latest version of Veeam Agent for Windows.
The original motherboard dies and is replaced by a new motherboard, but the existing SSDs are ok.
Questions:
In the above scenario, will I be able to restore my Veeam backups to new hardware if Windows Secure Boot was enabled on the original machine where the backups were made?
What if BOTH the motherboard and SSDs need to be replaced? Does that affect whether or not the Veeam backups can be used to restore to a new machine?
Some devices implement a feature called "verified boot", "trusted boot" or "secure boot", which will only allow signed software to run on the device, usually from the device manufacturer. This is considered a restriction unless users either have the ability to disable it or have the ability to sign the software.
As always: it's a good idea to test with your configuration. In worst case, you can disable it on demand anyway