Table of Contents
A week ago we broke down the FCC’s decision to add all foreign-produced consumer-grade routers to its Covered List. Since then, the questions have been pouring in. Fortunately, the FCC published an official FAQ page addressing the most pressing concerns from manufacturers, retailers, and consumers alike. We went through it so you do not have to squint at government prose.
Here is what you need to know.
The FCC’s Official FAQ, With Our Translation
The FCC posted a full FAQ at fcc.gov/faqs-recent-updates-fcc-covered-list-regarding-routers-produced-foreign-countries. Below is the full text of the most important questions directly from the FCC, followed by plain-English context from us.
Q: Why did the FCC add routers produced in foreign countries to the Covered List?
From the FCC: “The FCC updated the Covered List following a thorough review by a White House-convened Executive Branch interagency body with appropriate national security expertise, which jointly and severally made a specific determination that routers produced in any foreign country pose ‘unacceptable risks to the national security of the United States and to the safety and security of U.S. persons’ and should be included on the FCC’s Covered List. This determination also allowed for exemptions if the Department of War (DoW) or the Department of Homeland Security (DHS) transmits a specific determination to the FCC that a given router, or class of routers, does not pose such risks.”
5Gstore Translation: This did not come from the FCC itself. The White House pulled together an interagency security body, that body made a blanket determination that all foreign-made routers are a risk, and the FCC updated its Covered List accordingly. The FCC is the messenger here, not the decision-maker. The exemption pathway (Conditional Approval from DoW or DHS) is the only door back in for new foreign-produced models.
Q: What does it mean for a router to be “produced in a foreign country”?
From the FCC: “The nationality of the entity or entities producing routers is not relevant to whether such routers are considered to be ‘produced in a foreign country.’ Both types of routers are ‘covered.’ The National Security Determination states that ‘Production generally includes any major stage of the process through which the device is made, including manufacturing, assembly, design, and development.’ Producers of routers with these processes made abroad should apply for Conditional Approval.”
5Gstore Translation: This is the part that blindsides a lot of American brands. If your router is designed in California but assembled in Vietnam, it is covered. If the PCB is fabricated in Taiwan for a US company, it is covered. The brand’s country of origin does not matter. What matters is where the actual production happens. That catches a massive portion of the consumer networking market, including names you would never associate with foreign adversary risk.
Q: Does this affect routers I already own or have already purchased?
From the FCC: “Foreign-produced routers that have previously received FCC authorization (as shown by the FCC ID on the device) may continue to be imported, sold, and used in the U.S. Consumers currently using covered routers in small and home offices do not need to do anything. The Covered List does not restrict the continued use by consumers of previously-purchased devices. Consumers will continue to be able to purchase previously authorized routers.”
5Gstore Translation: If it has an FCC ID and it was authorized before March 23, 2026, it can still be sold and used. This is good news for retailers with existing inventory and for consumers who bought something last month. The ban applies forward only, to new models seeking new authorizations. What you have works. What is already on shelves can stay on shelves and be sold.
Q: Can manufacturers of foreign-produced routers get any kind of approval going forward?
From the FCC: “Yes, the National Security Determination stated that foreign-produced routers pose unacceptable risk to the national security of the United States and to the safety and security of U.S. persons ‘unless Department of War (DoW) or the Department of Homeland Security (DHS) transmits to the FCC a specific determination that a given router or class of routers do not pose such risks.’ Entities can apply for ‘Conditional Approvals’ by submitting an email with the information in the guidance to conditional-approvals@fcc.gov. The information will be forwarded to DoW and DHS for their evaluation. The FCC will update the Covered List based on Conditional Approvals it receives from DoW or DHS and publish the relevant information on the Covered List website.”
5Gstore Translation: There is a pathway, but it runs through the Department of War and DHS, not the FCC. The process requires comprehensive supply chain disclosure and, in most cases, a credible commitment to establishing US-based manufacturing. Think of it as a waiver program with real teeth. As of this writing, no router Conditional Approvals have been issued. A handful of drone makers received approvals under the similar UAS process that went into effect in December 2025, so there is a precedent, but it is a high bar.
Q: What exactly is a “router” under this ruling?
From the FCC: “The FCC followed the definitions in the National Security Determination. ‘Routers’ is defined by National Institute of Standards and Technology’s Internal Report 8425A to mean consumer-grade networking devices that are primarily intended for residential use and can be installed by the customer.”
5Gstore Translation: This is one of the more important nuances in the entire ruling. The definition specifically targets consumer-grade, residential-use devices. Enterprise-class equipment, cellular routers designed for fleet and industrial deployment, managed networking infrastructure, and commercial-grade equipment from vendors like Peplink, Cradlepoint, Teltonika, Semtech, Inseego, Digi, and Katalyst are not consumer-grade residential devices in the NIST 8425A sense. That distinction matters enormously for our customers. We are still watching closely and will update you the moment there is any regulatory clarity that affects the enterprise and industrial cellular categories.
Q: What about software and firmware updates for covered routers that are already authorized?
From the FCC: “The Office of Engineering and Technology issued a blanket waiver allowing previously authorized routers to receive software and firmware updates that mitigate harm to U.S. consumers. These include software and firmware updates to ensure the continued functionality of the devices, such as those that patch vulnerabilities and facilitate compatibility with different operating systems. The waiver will be in place at least until March 1, 2027.”
5Gstore Translation: The FCC recognized that freezing all updates on millions of already-deployed devices would create a serious security problem. The blanket waiver through March 1, 2027 allows manufacturers to keep pushing security patches and compatibility updates to existing authorized models without triggering new authorization requirements. That is sensible policy. What happens after March 1, 2027 is still an open question.
Q: How does the equipment authorization process work going forward for router applicants?
From the FCC: “In the equipment authorization process, applicants have to self-certify that any RF device is not ‘covered equipment.’ Going forward, this includes self-certification that the RF device is not a router ‘produced in a foreign country.’ Applicants seeking equipment authorization for any router will bear responsibility for certifying, in good faith, that any such router was not ‘produced in a foreign country.'”
5Gstore Translation: Any company applying for a new FCC equipment authorization for a router must now certify that the device was not produced in a foreign country. A false certification is not a paperwork technicality. It carries real legal exposure and could result in revocation of all existing authorizations. This creates significant compliance risk for companies with complex global supply chains.
The Bigger Picture: What This Means for the Market
The ruling is sweeping in ways that the headline summaries do not fully capture. Virtually every major consumer router brand, including household names you would find at any big-box retailer, manufactures in Asia. Taiwan, Thailand, Vietnam, and China collectively produce nearly all of the consumer networking hardware in American homes today. None of that goes away overnight for existing inventory, but the pipeline for new models has effectively been shut off for any company that cannot quickly pivot to domestic production or obtain a Conditional Approval.
The cyberattacks cited in the ruling, Volt Typhoon, Flax Typhoon, and Salt Typhoon, were real. They exploited vulnerabilities in small office and home office routers to establish persistent footholds in American networks. The security concern is genuine. Whether a forward-only import restriction on new models is the most effective remedy for a problem that already exists in millions of deployed devices is a fair question. But the policy is now in effect, and the industry has to respond to it.
What This Does NOT Mean for 5Gstore Customers
The enterprise-grade cellular routers we sell, from Peplink, Cradlepoint, Teltonika, Semtech, Inseego, Digi, and Katalyst, serve business, fleet, industrial, and critical infrastructure use cases. They are not consumer-grade residential devices under the NIST 8425A definition the FCC is applying here. We are watching the regulatory space carefully and will publish updates the moment anything changes.
If you have questions about your current equipment, your planned deployments, or how to evaluate your options going forward, reach out to our team. We have been navigating cellular connectivity regulations for over two decades and we are here to help you make sense of this.
5Gstore Take
The FCC FAQ is unusually clear for a government document, and that clarity is actually helpful. The key points are simple: existing authorized devices are not affected, previously stocked inventory can still be sold, and the restriction applies to new models seeking new authorizations. The Conditional Approval pathway exists but is not a quick fix.
For our customers in enterprise, fleet, and industrial connectivity, the direct impact is minimal right now. The NIST definition of consumer-grade routers is a meaningful carveout. But the broader policy direction is clear: the regulatory environment is moving toward domestic production as a baseline requirement for communications equipment. That has implications for the entire industry over the next several years, and we will be covering it every step of the way.
Stay tuned. And as always, if you have questions about your network or your equipment, we are one message away. Contact us here.
FAQ
Does this ruling affect the routers 5Gstore sells? The FCC’s ruling targets consumer-grade residential routers as defined by NIST 8425A. The enterprise and industrial cellular routers we carry from Peplink, Cradlepoint, Teltonika, Semtech, Inseego, Digi, and Katalyst fall outside that consumer-grade definition. We are monitoring the situation closely and will provide updates if that changes.
Can I still buy a router that was authorized before March 23, 2026? Yes. Previously authorized models can still be imported, sold, and used in the United States. The restriction applies only to new models seeking new FCC equipment authorizations.
What is a Conditional Approval and how does a manufacturer get one? A Conditional Approval is an exemption granted by the Department of War or DHS allowing a specific router or class of routers to receive FCC authorization despite being foreign-produced. Manufacturers apply by emailing conditional-approvals@fcc.gov with detailed supply chain information. No router Conditional Approvals have been issued as of the date of this post.
Will my existing router stop receiving security updates? No. The FCC issued a blanket waiver through at least March 1, 2027, allowing manufacturers to push security patches and functionality updates to previously authorized devices without triggering new authorization requirements.
How does the FCC define “produced in a foreign country”? Production is defined broadly to include manufacturing, assembly, design, and development. A router designed in the United States but manufactured or assembled abroad is still considered foreign-produced under this ruling. The nationality of the company is not relevant.
Does this affect enterprise cellular routers used in fleet or industrial applications? Not directly, based on the current definition. The ruling targets consumer-grade networking devices intended for residential use. Enterprise, industrial, and mission-critical cellular routers are a different product category. We recommend staying tuned for any follow-on rulemaking that could expand scope.
Where can I read the full FCC FAQ myself? The official FCC FAQ is at fcc.gov/faqs-recent-updates-fcc-covered-list-regarding-routers-produced-foreign-countries.
