So, here is one sentence you don’t hear a lot any more these days: “Do we have a floppy disk to update the firmware?” Yes, we were looking for a floppy disk to help us out. It prompted a question among us. How often do you need to update the management software in the BIOS of your server?
One of our colleagues, Michael, is a devout believer of updating your server’s firmware at least once a year. The management interfaces of servers (ILO/iDRAC etc. – the software you use for managing the server itself) are sometimes even remotely accessible, meaning they are connected to the Internet. And of course – everything that is connected to the Internet, is a potential victim for hackers. Even if you configure a brand new IP address on the ILO interface of your server, within ten minutes someone has done a port scan and by using OS fingerprinting, found out every detail of your server, what it is running, and what hacks are worth trying on it. As an example, it is still possible to crash the ILO software on many non-updated HP servers remotely, making it impossible for you to manage the server (though the OS will still run).
In this particular case, a customer’s server went down and would not boot any more when an Ethernet cable was connected to one of the on-board network ports. A vague problem that might be resolved with a software update of the BIOS and ILO inside the server. Talking about possible solutions lead us to have an internal discussion about keeping BIOS and ILO/iDRAC software up to date.
Contrary to Michael, I am more of the type: if it ain’t broke, why fix it? The server in question had been operating for almost ten years without any problems. The applications running on it have always been secure and monitored. It is quite normal that a server has a problem after ten years. Most computers won’t even make it that long.
Updating firmware means downtime. Downtime is something we don’t seem to like any more. And if it is all safe and working, why have you servers down for a while? If it is not broke, let it run. Should there be a problem, then we will fix it. As long as we can find the floppy…