By Riaan van Staden, Senior Network Engineer

Every installer knows the pressure of getting a network up and running fast. But in the rush to get devices online, firmware and config management often fall to the bottom of the to-do list. That’s a mistake.

Because if you’re not disciplined about how you handle firmware updates and device configuration, you’re building risk into your network from day one. Whether it is one incorrect setting, an outdated firmware file, or an untested change, you can knock out an entire site or leave a client exposed.

Let’s fix that.

1. Firmware matters more than you think

Essentially, outdated firmware needs to be seen as a missed vulnerability patch. It’s a bug waiting to happen. There are many support calls we see that can be traced back to devices running old firmware versions, often with config files that haven’t been touched in months or even years.

The best time to update firmware is before you go live. But don’t do it blind. Always:

• Test firmware in a lab or on a demo unit.
• Review the release notes and compatibility warnings.
• Keep a backup of your current config, clearly labelled and stored in a secure folder.

2. Backup like your job depends on it (because it does)

You’d be surprised how many techs skip this step. If something goes wrong during an update, such as a power failure, a corrupt file, or a version mismatch, and you don’t have a config backup, you’re starting from scratch.

Get into the habit of exporting configs before and after every major change. Use clear filenames with the site, device, and date. Store them in a shared repo your team can access. Future you will thank you. If you can automate these tasks, even better. Automating configuration backups will enable you to easily restore configuration, if required from a central source.

3. Standardise your base configs

Every job is unique. But your starting point doesn’t have to be.

Creating and maintaining a library of base config templates speeds up deployments, reduces human error, and makes troubleshooting much faster. Don’t reinvent the wheel every time. Standardise, then customise. Remember to remove old, unused configuration from your network devices. When a VLAN is no longer being used, remove it.

Just remember to never blindly copy/paste old config files. New firmware might have removed or renamed commands. Always verify compatibility.

4. Secure your interfaces

One of the biggest risks we still see in the field is remote admin interfaces exposed to public IPs. Often, these are still running on default ports with weak passwords.

Always disable remote access unless it’s secured. Change the default ports. Set strong admin credentials. And where possible, limit access to a specific IP range or VPN tunnel. This is low-effort, high-impact security.

5. Don’t skip the documentation

When something breaks six months later, no one wants to guess what version you installed or what tweaks you made. Leave a paper trail. Better yet, leave a digital trial.

Add comments in config files, keep a running changelog per device, and include firmware versions in your site handover notes. These small habits save hours down the line.

Avoid these rookie mistakes

• Skipping the lab test phase: It might work fine in theory, until it doesn’t.
• Using firmware from shady sources: Always go to the official vendor site.
• Forgetting to label your backups: “config_final_final_v2” doesn’t help anyone.
• Deploying during load shedding: Firmware updates + unstable power = bad news.

Be disciplined and prepared.

The best installers aren’t just technically sharp but process-driven. They do the basics better than anyone else. And in networking, that starts with disciplined firmware and configuration management.

At Duxbury, we help installers build smarter, more stable networks from day one, not just when something goes wrong. Talk to us about best practices, device support, and making sure your next install is bulletproof.

Email us at support@duxnet.co.za to learn more or download the full guide from the DuxNet resource centre..