What is a firmware upgrade and why is it important?
Firmware is the software that is embedded into a hardware device. Firmware consists of a set of commands that control how your network device behaves. When a vendor releases the latest OS version for a certain device, you'll need to upgrade the existing OS version to the latest release. This is known as a firmware upgrade. Network devices like routers and switches should always be updated to the latest firmware version to ensure optimal network performance. Firmware updates provide free and instant improvements to the functionality of these devices that enhance the user experience. Upgrading firmware also fixes any existing bugs and protects you from vulnerabilities.
Fixing vulnerabilities by upgrading Firmware in Network Configuration Manager.
Manually logging in to each device to check if it is vulnerable or not is a time-consuming task. Rather than logging in manually, you can use Network Configuration Manager's Hardware Inventory
tab to filter vulnerable devices based on the firmware version number. Network Configuration Manager lists all the devices running on a version number that requires an upgrade. Once the devices are listed, firmware can be updated in those devices by bulk execution of configlets, saving time by fixing vulnerabilities in multiple devices at once.
How to execute firmware upgrades in Network Configuration Manager?
Network Configuration Manager upgrades firmware using advanced script execution mode in Configlets. Advanced script execution is used to execute a series of interconnected commands on a device. Firmware upgrades can be performed on demand, or they can be scheduled for execution at any future point in time. All you need to do is to create a template containing the required commands, and then use this template to execute repetitive tasks for many devices.
Now, let's look at an example of upgrading firmware by executing configlets:
The Requirements to upgrade Firmware for a Cisco IOS Router
- Memory requirement: The router should have sufficient disk or flash memory to store the Cisco IOS. The router should also have sufficient memory (DRAM) to run the Cisco IOS. If the router does not have sufficient memory (DRAM), the router will have boot problems when it boots through the new Cisco IOS.
- Interfaces and modules support: You must ensure that the new Cisco IOS supports all the interfaces and modules in the router.
- Software feature support: You must make sure that the new Cisco IOS supports all the features used with the old Cisco IOS.
Cisco IOS upgrade
Once all the above requirements are satisfied, you must follow the following steps to upgrade Firmware in a Cisco device:
- Download the Cisco IOS software image onto the TFTP Server in Network Configuration Manager.
- Verify whether the TFTP Server has IP connectivity to the router. In order to achieve connection, the router interface and the TFTP server must have an IP address in the same range or a default gateway configured.
- Once the connection is established, copy the IOS image to the router from the TFTP Server.
- Save the configuration and reload the router.
- After the reload is complete, the router will run the desired Cisco IOS software image.
Sample command for copying an IOS image to the Router:
The above terminal shows the sample command that will be executed in a TELNET or a putty. The corresponding configlet commands for upgrading Firmware in Network Configuration Manager is shown below:
<command prompt=']?'>copy tftp: flash:</command>
<command timeout='120' suffix='$NO_ENTER'>y</command>
Once the commands are given, the configlets can be applied in bulk to multiple devices to upgrade Firmware. Not just that, with the help of configlets you can also execute commands to fix errors and to make bulk changes. Also, learn about firmware vulnerability management to identify potential network threats and fix them.