Fixing vulnerabilities by upgrading Firmware in Network Configuration Manager.

Manually logging in to each device to check if it is vulnerable or not is a time-consuming task. Rather than logging in manually, you can use Network Configuration Manager's Hardware Inventory tab to filter vulnerable devices based on the firmware version number. Network Configuration Manager lists all the devices running on a version number that requires an upgrade. Once the devices are listed, firmware can be updated in those devices by bulk execution of configlets, saving time by fixing vulnerabilities in multiple devices at once.

How to execute firmware upgrades in Network Configuration Manager?

Network Configuration Manager upgrades firmware using advanced script execution mode in Configlets. Advanced script execution is used to execute a series of interconnected commands on a device. Firmware upgrades can be performed on demand, or they can be scheduled for execution at any future point in time. All you need to do is to create a template containing the required commands, and then use this template to execute repetitive tasks for many devices.
Now, let's look at an example of upgrading firmware by executing configlets:
 

Do you want to upgrade your network devices' firmware in bulk? Our experts can show you how.

Get personalized online demo >

The Requirements to upgrade Firmware for a Cisco IOS Router 

  • Memory requirement: The router should have sufficient disk or flash memory to store the Cisco IOS. The router should also have sufficient memory (DRAM) to run the Cisco IOS. If the router does not have sufficient memory (DRAM), the router will have boot problems when it boots through the new Cisco IOS.
  • Interfaces and modules support: You must ensure that the new Cisco IOS supports all the interfaces and modules in the router.
  • Software feature support: You must make sure that the new Cisco IOS supports all the features used with the old Cisco IOS.

Cisco IOS upgrade

Once all the above requirements are satisfied, you must follow the following steps to upgrade Firmware in a Cisco device:

  1. Download the Cisco IOS software image onto the TFTP Server in Network Configuration Manager.
  2. Verify whether the TFTP Server has IP connectivity to the router. In order to achieve connection, the router interface and the TFTP server must have an IP address in the same range or a default gateway configured.
  3. Once the connection is established, copy the IOS image to the router from the TFTP Server.
  4. Save the configuration and reload the router. 
  5. After the reload is complete, the router will run the desired Cisco IOS software image.

Sample command for copying an IOS image to the Router:

Upgrade Firmware - ManageEngine Network Configuration Manager

 

The above terminal shows the sample command that will be executed in a TELNET or a putty. The corresponding configlet commands for upgrading Firmware in Network Configuration Manager is shown below:

 

<command prompt=']?'>copy tftp: flash:</command>

<command prompt=']?'>%TFTP_SERVER_IP%</command>

<command prompt=']?'>%SOURCE_FILE_NAME%</command>

<command prompt='confirm'>%DESTINATION_FILE_NAME%</command>

<command timeout='120' suffix='$NO_ENTER'>y</command>

Cisco router firmware upgrade - ManageEngine Network Configuration Manager

Once the commands are given, the configlets can be applied in bulk to multiple devices to upgrade Firmware. Not just that, with the help of configlets you can also execute commands to fix errors and to make bulk changes.

Also, learn about firmware vulnerability to identify potential network threats and fix them.

FAQ

What is firmware upgrade and why is it important?

+