This page discusses – at a basic level – everything you need to know about router firmware updates.
What is a router?
In its simplest form, a router is the device that connects your computer system to the outside world. (For lots of detail on this topic – please see our article on Business Grade Routers versus Domestic Grade Routers)
In a small business scenario it typically delivers your internet connection to whichever computer needs it (e.g. so your users can send and receive email or browse web sites) and will usually allow users outside the network to access resources inside the network over a VPN. In the very smallest of businesses without a proper server, it can also be responsible for connecting the devices together to form a network (e.g. using DHCP and DNS – features both needed to make computers talk to each other).
You can see then that whatever size your business, the router is considered a mission critical device.
What is router firmware?
Router firmware is the “software” that makes your router work, though it is called firmware because it is embedded into a microchip inside your router, rather than on a hard disk. The main difference between firmware and software is that firmware is ‘read only’ and during the normal course of operation cannot be changed. Because firmware is saved on a microchip, your router loads faster, is quicker to operate and manage, and prevents accidental changes to the firmware so increasing security and reliability.
Can firmware be updated?
Yes. Like software, firmware can be updated in order to fix bugs, add new features, or close security holes, though in order to update firmware we have to rely on the manufacturer of the router to release updates and fixes and to do so in a timely manner. Because firmware is saved on a microchip, a small update cannot simply be inserted – the whole firmware image has to be reapplied.
Is it important to keep my router firmware up to date?
Keeping your router firmware up to date is now an essential part of your small business IT maintenance plan. Non urgent updates do not need installation, but important or critical firmware updates that fix vulnerabilities should be installed as soon as they become available(1). As cyber criminals increasingly attack firmware, routers are an excellent target. A compromised router would be virtually undetectable and could be used as a launchpad for internal or external network attacks, disabling security software, remotely controlling devices, stealing data and more.
Are there risks involved in updating router firmware?
Although almost all firmware updates are trouble free there are some small risks we feel obliged to highlight. Although firmware updates only take a few minutes, network problems or power outages that occur while the update takes place could interrupt the firmware update and render the router unusable. It’s also possible but unlikely that a faulty firmware image could do the same. These risks are very small. Do bear in mind that router updates always require a router reboot which – for a few minutes only – will interrupt your users internet connection and may interrupt local network connections.(2).
How do we reduce the risks of firmware updates?
Though the risks of a firmware update are small, there are a number of ways we can reduce and mitigate them (3) as follows:
- We will ensure you have a backup of the router configuration made before the firmware is updated.
- We encourage you to keep your router and network equipment in a locked network cabinet, supported by an Uninterruptible Power Supply.
- We encourage you to have dedicated network switches and not use the routers network switch for local traffic.
- We will ensure that the new firmware has been downloaded directly from the manufacturers official web site, has been verified for authenticity.
- We will normally perform the upgrade from a computer that is located on the same physical network as the router and that is also supported by an Uninterruptible Power Supply.
- We encourage you Ensure you have a router that can either be factory reset to an earlier firmware version or (if things go wrong) has ‘self healing’ features that detect when a firmware upgrade did not complete properly.
- Ensure that you have a router that is manufactured by a reputable router manufacturer and the router itself is covered by a next business day advance swap out warranty.
- For high turnover businesses where any router fault would be damaging, consider purchasing a second backup router, or maintain a second internet connection using a different router(4).
(1) – All RMM customers with a business grade router are considered ‘in scope’ for scheduled firmware updates. If you do not wish us to do these updates then please let us know and we’ll remove the router maintenance plan from your maintenance schedule, though of course we recommend against this.
(2) – We can perform firmware updates out of hours if requested, though this is charged for at double time.
(3) – Not all customers have everything in place to mitigate their risks associated with performing firmware updates. If you want to discuss what your position is, please let us know.
(4) – In either of these examples, router updates would be staggered so that both routers are not updated at the same time.