During boot, the kernel logs are displayed on the console. As the kernel logs are meant to be restricted to root (kernel.dmesg_restrict=1), this should probably be disabled.
Setting kernel.printk=3 3 3 3 with sysctl configures it so only really important errors will be displayed.
Also see Does printk() cause any security issues?
This can improve boot and shutdown speed too. I've noticed that performance improves significantly after setting this.
dmesg --console-off does not do the trick.
I still see some logs after running that. Changing the kernel.printk sysctl hides more. I can still see some logs even with changing kernel.printk as it starts displaying logs before systemd-sysctl is executed. The only way around that would be setting kernel.printk in the initramfs, before systemd has started if it’s even possible.