Fixing vulnerabilities by upgrading Firmware in Network Configuration Manager.

Manually logging into each device to determine whether it is vulnerable is time-consuming. Instead of logging in manually, you can use Network Configuration Manager's Hardware Inventory tab to filter vulnerable devices according to their firmware version number. Using Network Configuration Manager, all devices running an outdated version number are listed. By listing the devices, firmware can be updated by bulk configlets, saving time by addressing vulnerabilities simultaneously across multiple devices.

How do I upgrade the firmware in Network Configuration Manager?

By using advanced script execution mode in Configlets, Network Configuration Manager upgrades firmware. Script execution is a method of executing a series of connected commands on a device. Software upgrades can be performed on demand, or they can be scheduled for a future date. In order to execute repetitive tasks on many devices, you just need to create a template containing the required commands.

Let's see an example of executing configlets to upgrade firmware:

Firmware Upgrades for Cisco IOS Routers 

Memory requirement: The router should be equipped with sufficient memory (DRAM) to run the Cisco IOS. If the router does not have sufficient memory (DRAM), the router will have boot problems.

Support for interfaces and modules: Make sure the new Cisco IOS supports all the interfaces and modules in the router.

Support for Cisco IOS features: You should ensure that the new Cisco IOS supports all Cisco IOS features.

Cisco IOS upgrade

In order to upgrade Firmware in a Cisco device, you must meet all the requirements listed above:

1. Using Network Configuration Manager, download the Cisco IOS software image to the TFTP server.
2. Check the IP connectivity between the TFTP Server and the router. In order to establish a connection, the router's interface and the TFTP server must have the same IP address range or be configured with a default gateway.
3. Copy the IOS image from the TFTP server to the router once the connection is established.
4. Reload the router after saving the configuration. 
5. Reloading the router will install the desired Cisco IOS software image.

To copy an IOS image to a router, use the following command:

This terminal shows a sample command that will be executed in a TELNET session or a putty session. Following are the configlet commands for upgrading Firmware in Network Configuration Manager:

 <command prompt=']?'>copy tftp: flash:</command>

<command prompt=']?'>%TFTP_SERVER_IP%</command>

<command prompt=']?'>%SOURCE_FILE_NAME%</command>

<command prompt='confirm'>%DESTINATION_FILE_NAME%</command>

<command timeout='120' suffix='$NO_ENTER'>y</command>

Once the commands are entered, the configlets can be applied in bulk to multiple devices to upgrade firmware. Additionally, configlets can also be used to fix errors and to make bulk changes. Learn how to identify and fix firmware vulnerabilities.