Note: This process should work for Windows and Linux as well. Verify the EFI boot path for the OS.
Through ESXi 6.0 I have run my hosts in Legacy BIOS mode on UCS. There just was nothing significant enough worth the hassle of switching to UEFI on UCS (rather: I had more important fires to put out…). The one feature I did want, Secure Boot, wasn’t supported by ESXi 6.0 and earlier.
vSphere 6.5 introduced support for Secure Boot. Mike Foley has a great blog post about Secure Boot in ESXi 6.5. If you are starting your 6.5 upgrade and are using Legacy mode, consider switching to UEFI. It’s minimal effort and increases the security of your hypervisor.
Since I was working on rolling out a new UCS environment with ESXi 6.5 in a remote office environment, this felt like a great time to switch to UEFI and get the benefits of Secure Boot. This is not complicated on UCS, but there is a new Boot Policy that must be created. This policy can be reused for Windows (and other OS).