Updating BIOS

This section describes connectors on SN-L-Series (SN-L-Series -2200 and SN-L-Series -3200) firewalls, and the successive steps to follow in this order to update the BIOS to version R1.05 from a USB key.

Most of the connectors on these firewall models are located on the front panel, except the HDMI port, which is located on the rear panel of the firewall.

1: USB-C serial port in console mode

2: RJ45 serial port in console mode

3: USB 3.0 port

4: Ports dedicated to the management of the appliance (MGMT1 and MGMT2)

5: SSD racks for log storage

1: Connection of the protective earth circuit

2: On/off button

3: USB 3.0 port

4: HDMI port: for plugging in the monitor

5: Mains sockets for redundant power supplies.

Connecting devices to the firewall

  • Connect the computer that is equipped with a terminal emulator to the firewall using the USB-A to USB-C cable on the firewall side (this connection to a USB-C port requires the installation of the PL23XX USB-to-Serial driver), or the RJ45 to DB9 serial cable.
  • The firewall can also be connected directly on a monitor, by using an HDMI/HDMI cable. In this case, plug a keyboard into the SNS firewall.

Checking the BIOS version on the firewall

  1. Connect to the firewall system in console or SSH using a Putty program.
  2. Authenticate by using the admin account on the firewall system.
  3. Enter the command: dmidecode -s bios-version
     The firewall will show the BIOS version, which has to be R1.02.

Disabling Secure Boot

During the BIOS update, Secure Boot has to be disabled, so that the firewall can be started on the USB key that was prepared earlier. To disable Secure Boot, refer to the section Disabling Secure Boot in the SNS firewall’s UEFI in the technical note Managing Secure Boot in SNS firewalls' UEFI.

Updating BIOS on the firewall

IMPORTANT
The update process is fully automatic and lasts around five minutes.
Once the process is run, it must never be interrupted, and the firewall must not be disconnected from the power supply.  If this occurs, your firewall will be completely unable to run.

  1. As SN-L-Series firewalls have two internal power supply units to provide a redundant power supply, ensure that you have plugged in both power cords to the electrical mains.
  2. Insert the USB drive that was prepared earlier into a USB port.
  3. Restart the firewall by using the reboot command.
  4. In the command prompt, run the executable file Flash_SNL_R105.nsh. The update process will then start:
    In the command prompt, run the executable file Flash_SNL_R103.nsh
  5. When the update process ends, run the command reset to restart the firewall, which will automatically start up on the USB drive.

Updating the Intel® Management Engine firmware

After the BIOS update, the Intel® Management Engine firmware also needs to be updated.

  1. In the command prompt, run the executable file Flash_ME_SNL.nsh:
    Running the executable file Flash_ME_SNL.nsh in the command prompt
  2. When the update process ends, shut down the firewall by using the reset -s command.
  3. Unplug both power supply cords from your firewall.
  4. Unplug the USB drive from your firewall.
  5. Wait five minutes before plugging both power cords back in.
  6. Start your firewall by holding down the Power button located on the rear panel of the firewall.

Checking the BIOS version and the Intel® Management Engine firmware version on the firewall after the update

  1. Press [Del] several times to stop the startup sequence and access the BIOS.
  2. Go to the Main tab and check the BIOS version, which should be R1.05.
  3. Go to the Advanced > PCH-FW tab and check the Intel® Management Engine (ME Firmware Version), which should be 16.1.35.2557.
  4. Press Esc.