FCC Bans All Foreign-Made Routers from U.S. Import and Sales

The Federal Communications Commission has barred the import and sale of consumer Wi‑Fi routers manufactured outside the United States, a sweeping move framed as a national security safeguard that immediately reshapes the home networking market. While households can keep using their current equipment, the pipeline of new models is set to constrict, potentially for years.

What the FCC Actually Decided in Its Sweeping Router Ban

The FCC added all foreign-made consumer and small office/home office routers to its Covered List, which identifies communications gear deemed an “unacceptable risk” to national security. Products on that list cannot receive FCC equipment authorization, a prerequisite for most devices to be imported or sold domestically. The prohibition applies regardless of where a product was designed; if it’s built abroad, it’s now ineligible for new authorization.

Crucially, the agency did not revoke existing authorizations. Previously certified routers—no matter where they were made—can remain on shelves and continue entering the country. But once those SKUs age out, U.S. consumers and internet service providers will face a much narrower set of options unless exemptions materialize.

Who is Affected Across Brands, ISPs, and Home Networks

The ruling touches nearly every mainstream brand. Popular names like TP-Link, ASUS, and D-Link overwhelmingly rely on Asian contract manufacturers, and even U.S. brands such as Netgear source the bulk of their hardware from the same suppliers. The policy also covers many ISP-supplied gateways and mesh systems, most of which are assembled by global original design manufacturers.

Routers designed in the U.S. but built overseas fall within the ban, as do products conceived abroad but assembled domestically only in part. The result is a wholesale disruption of a supply chain that, for decades, has concentrated production in regions with deep networking hardware expertise.

The Security Rationale Cited by U.S. Officials and Agencies

An interagency national security determination cited a crescendo of attacks exploiting small office and home office routers, pointing to the 2024 Salt Typhoon campaign as a marquee example in which compromised routers were “directly implicated.” U.S. officials have repeatedly warned that aging firmware, weak default configurations, and opaque supply chains turn consumer routers into staging grounds for espionage, data theft, and disruptive operations.

Those concerns echo joint advisories from CISA and the FBI, which have documented state and criminal actors co-opting unpatched routers to proxy traffic, mask command-and-control, and conscript devices into botnets. In this view, eliminating foreign-built models from future authorizations reduces the attack surface and gives regulators tighter leverage over code provenance, update practices, and component sourcing.

What Stays the Same for Now for Owners, Retailers, and ISPs

If you already own a router, you don’t need to replace it. Retailers can continue selling stock that has existing FCC approval, and ISPs can deploy previously authorized models. Warranty replacements for authorized SKUs should continue to flow, though consumers may notice dwindling availability of specific configurations, especially newer Wi‑Fi 7 devices.

That said, the longer-term outlook is constrained. Without new authorizations, the typical annual refresh cycle—driven by chipset advances, security improvements, and standards updates—will slow. Performance and coverage gains that consumers have come to expect may be harder to find as inventories tighten.

Supply Chain and Market Impact for Routers and Gateways

Consumer routers are overwhelmingly assembled by a handful of Asian manufacturers, including Sercomm, Arcadyan, and Wistron NeWeb. Industry analysts at firms such as Dell’Oro Group and IDC have long noted that this concentration delivers low costs and rapid iteration—but leaves little domestic capacity to backfill if imports are restricted.

Near-term consequences could include higher prices, product shortages, and delays in rolling out next‑generation features. Retailers will likely triage remaining inventory toward high‑demand mesh systems, while enterprises may snap up SOHO-grade hardware for branch and remote worker kits. ISPs, which procure millions of gateways annually, face procurement whiplash unless exemption pathways are clarified.

Exemptions and the Bar to Clear for Authorization Requests

The FCC indicated that exemptions can be granted after national security review, with the Department of Homeland Security and the Defense Department authorized to evaluate applications. While formal criteria were not published in full, companies should expect rigorous scrutiny of software bills of materials, secure boot and firmware update mechanisms, supply chain traceability, and vulnerability response programs aligned to NIST and CISA Secure by Design principles.

Vendors with transparent development practices, reproducible builds, and auditable code provenance could have a pathway, but the process will likely be slow and selective. Industry groups, including the Consumer Technology Association and major ISPs, are expected to press for clear timelines and a predictable compliance regime.

What Consumers Should Do Now to Secure and Plan Purchases

There’s no need to rush a replacement. Keep your current router updated, enable automatic firmware updates if available, change default passwords, and disable remote management features you don’t use. If you must buy soon, prioritize models already authorized and in stock, and consider ISP-provided equipment as a temporary bridge while the market recalibrates.

For power users and small businesses, watch for vendors announcing U.S. assembly lines or exemption-ready product families with verifiable software supply chain controls. In a market suddenly defined by provenance, the most valuable spec may be “how it’s made,” not just “how fast it is.”