Start Trial

Evaluating Methods to Securely Transfer Cisco Firmware Updates 

by | Sep 13, 2023 | Automation

The typical system administrator manages over 20 devices, and when it comes to network infrastructure there’s a good chance that those devices are made by Cisco. This ubiquity makes Cisco software and firmware updates a multi-day chore for many admins, and the volume of updates themselves seems to be increasing in frequency. In this week’s post, we’re looking at how we can make Cisco updates just a little easier (and hopefully save you some time and money) by reviewing which file transfer protocols are best for deploying Cisco software and firmware updates. 

Two of the most common protocols Administrators will typically use are: 

  • TFTP, which stands for Trivial File Transfer Protocol
  • SCP, which stands for Secure Copy Protocol

Both of these file transfer methods have pros and cons, which we address below.

 

TFTP Overview

 

Trivial File Transfer Protocol is a simplified version of the more robust File Transfer Protocol (FTP). Originally created in the 1970s for computers lacking sufficient memory or disk space to provide full FTP support, TFTP is still used today for basic firmware updates and software distribution on consumer broadband and commercial network routers. 

TFTP or Trivial File Transfer Protocol configuration is best for: 

  • Transferring files 
  • Remote booting without hard drives 
  • Upgrading codes 
  • Backing up network configurations 
  • Backing up router configuration files 
  • Saving IOS images 
  • Booting PCs without a disk 

TFT Pros

  • Can be used to remotely start a computer and back up network or router configuration files.
  • The protocol is fast, easy, and simple
  • Can read and write files without having to establish a connection between the client and the server
  • Uses UDP Port 69 for a lighter memory-weight connection 

TFTP Cons

  • Lacks security. TFTP has no login feature and doesn’t prompt for a username and password, which means you can’t protect these files or audit access to them. Because of this issue, it is advised to transfer files over remote servers instead of over the internet
  • Listing, renaming, and deleting files over TFTP is usually not possible 
  • TFTP cannot list directories or permissions via chmod
  • TFTP’s block by block transfer risks incomplete transfer due to timeout or error packets from missing files, bad format, or lack of memory.
  • TFTP can only execute five commands versus traditional protocols

 

SCP Overview

 

Secure Copy Protocol operates similarly to FTP but adds security and authentication via SSH. The SCP client can upload files to the SSH server or request files and directories for downloading and is most commonly used to transfer computer files securely from a local to a remote host.  

SCP Pros

  • A more secure option as SCP uses SSH for authentication and encryption
  • SCP is a native command in  MacOS, Windows, Linux, and other operating systems
  • SCP can move files between local hosts and/or remote hosts

SCP Cons

  • SCP operates at slightly slower send speeds due to using SSH 
  • SCP does not allow for resuming a file transmission if it’s interrupted 
  • SCP is unable to issue file manipulation or direct commands 

Did you know that Cerberus FTP Server supports Cisco firmware updates and other file transfer activities through SCP? Follow the link to read more about it. 

Third-party solutions to support firmware updates also exist, along with Cisco’s own versions – Cisco Prime and Cisco DNAC. 

We hope you’ve found this information helpful. If you have questions about these features, please feel free to contact our Cerberus FTP Server’s sales team 

Related posts:

  1. On-Premise vs. Cloud: What’s the Best Option for a File Transfer Server?
  2. What’s the Best File Transfer Method for Cisco Unified Communications Manager (CUCM) Backups and Firmware Updates?
  3. Better Cisco Compatibility with Cerberus FTP Server 11.3.5 and Beyond
  4. Automate Cisco Unified Communications Manager (CUCM) Backup Using SFTP