diff --git a/app/Http/Controllers/Device/Tabs/NotesController.php b/app/Http/Controllers/Device/Tabs/NotesController.php
index 9975c0645a..8d21d8d5f7 100644
--- a/app/Http/Controllers/Device/Tabs/NotesController.php
+++ b/app/Http/Controllers/Device/Tabs/NotesController.php
@@ -27,9 +27,13 @@ namespace App\Http\Controllers\Device\Tabs;
 
 use App\Models\Device;
 use LibreNMS\Interfaces\UI\DeviceTab;
+use Illuminate\Http\Request;
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
 
 class NotesController implements DeviceTab
 {
+    use AuthorizesRequests;
+
     public function visible(Device $device): bool
     {
         return true;
@@ -54,4 +58,21 @@ class NotesController implements DeviceTab
     {
         return [];
     }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param Request $request
+     * @param Device $device
+     * @return \Illuminate\Http\RedirectResponse
+     */
+    public function update(Request $request, Device $device)
+    {
+        $this->authorize('update-notes', $device);
+
+        $device->notes = $request->input('note');
+        $device->save();
+
+        return back();
+    }
 }
diff --git a/app/Policies/DevicePolicy.php b/app/Policies/DevicePolicy.php
index 508d546922..5bfe354de4 100644
--- a/app/Policies/DevicePolicy.php
+++ b/app/Policies/DevicePolicy.php
@@ -105,4 +105,16 @@ class DevicePolicy
     {
         return $user->isAdmin();
     }
+
+    /**
+     * Determine whether the user can update device notes.
+     *
+     * @param \App\Models\User $user
+     * @param \App\Models\Device $device
+     * @return mixed
+     */
+    public function updateNotes(User $user, Device $device)
+    {
+        return $user->isAdmin();
+    }
 }
diff --git a/app/View/Components/Panel.php b/app/View/Components/Panel.php
new file mode 100644
index 0000000000..19bd313bc7
--- /dev/null
+++ b/app/View/Components/Panel.php
@@ -0,0 +1,37 @@
+<?php
+
+namespace App\View\Components;
+
+use Illuminate\View\Component;
+
+class Panel extends Component
+{
+
+    /**
+     * The Panel title.
+     *
+     * @var string
+     */
+    public $title;
+
+
+    /**
+     * Create a new component instance.
+     *
+     * @return void
+     */
+    public function __construct($title = null)
+    {
+        $this->title = $title;
+    }
+
+    /**
+     * Get the view / contents that represent the component.
+     *
+     * @return \Illuminate\View\View|string
+     */
+    public function render()
+    {
+        return view('components.panel');
+    }
+}
diff --git a/includes/html/forms/update-notes.inc.php b/includes/html/forms/update-notes.inc.php
deleted file mode 100644
index d81de54e2c..0000000000
--- a/includes/html/forms/update-notes.inc.php
+++ /dev/null
@@ -1,37 +0,0 @@
-<?php
-/*
- * LibreNMS
- *
- * Copyright (c) 2015 Søren Friis Rosiak <sorenrosiak@gmail.com>
- * This program is free software: you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation, either version 3 of the License, or (at your
- * option) any later version.  Please see LICENSE.txt at the top level of
- * the source code distribution for details.
- */
-
-header('Content-type: application/json');
-
-$status    = 'error';
-$message   = 'unknown error';
-
-$device_id = mres($_POST['device_id']);
-$notes = $_POST['notes'];
-
-if (!Auth::user()->hasGlobalAdmin()) {
-    $message = 'Only admin accounts can update notes';
-} elseif (isset($notes) && (dbUpdate(array('notes' => $notes), 'devices', 'device_id = ?', array($device_id)))) {
-    $status  = 'ok';
-    $message = 'Updated';
-} else {
-    $status  = 'error';
-    $message = 'ERROR: Could not update';
-}
-echo _json_encode(
-    array(
-        'status'       => $status,
-        'message'      => $message,
-        'notes'        => $notes,
-        'device_id'    => $device_id,
-    )
-);
diff --git a/includes/html/pages/device/notes.inc.php b/includes/html/pages/device/notes.inc.php
deleted file mode 100644
index 5d0cd88872..0000000000
--- a/includes/html/pages/device/notes.inc.php
+++ /dev/null
@@ -1,70 +0,0 @@
-<?php
-/*
- * LibreNMS
- *
- * Copyright (c) 2015 Søren Friis Rosiak <sorenrosiak@gmail.com>
- * This program is free software: you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation, either version 3 of the License, or (at your
- * option) any later version.  Please see LICENSE.txt at the top level of
- * the source code distribution for details.
- */
-
-$data = dbFetchRow("SELECT `notes` FROM `devices` WHERE device_id = ?", array(
-    $device['device_id']
-));
-
-$disabled = '';
-if (!Auth::user()->hasGlobalAdmin()) {
-    $disabled = 'disabled';
-}
-
-?>
-
-<form class="form-horizontal" action="" method="post">
-    <?php echo csrf_field() ?>
-    <h3>Device Notes</h3>
-    <hr>
-    <div class="form-group">
-        <div class="col-sm-12">
-            <textarea class="form-control" rows="6" name="notes" id="device-notes" <?php echo $disabled; ?>><?php echo htmlentities(urldecode($data['notes'])); ?></textarea>
-        </div>
-    </div>
-    <div class="row">
-        <div class="col-md-1 col-md-offset-5">
-            <?php
-            echo '
-                <button type="submit" name="btn-update-notes" id="btn-update-notes" class="btn btn-default ' . $disabled . '" data-device_id="' . $device['device_id'] . '"><i class="fa fa-check"></i> Save</button>
-            ';
-            ?>
-        </div>
-    </div>
-</form>
-<script>
-$("[name='btn-update-notes']").on('click', function(event) {
-    event.preventDefault();
-    var $this = $(this);
-    var device_id = $(this).data("device_id");
-    var notes = $("#device-notes").val();
-    $.ajax({
-        type: 'POST',
-        url: 'ajax_form.php',
-        data: { type: "update-notes", notes: notes, device_id: device_id},
-        dataType: "json",
-        success: function(data){
-            if (data.status == "error") {
-                toastr.error(data.message);
-            } else {
-                toastr.success('Saved');
-            }
-        },
-        error:function(){
-            toastr.error('Error');
-        }
-    });
-});
-</script>
-
-<?php
-unset($disabled);
-?>
diff --git a/resources/views/components/panel.blade.php b/resources/views/components/panel.blade.php
new file mode 100644
index 0000000000..51cd8bc63d
--- /dev/null
+++ b/resources/views/components/panel.blade.php
@@ -0,0 +1,10 @@
+<div {{ $attributes->merge(['class' => 'panel panel-default']) }}>
+@isset($title)
+  <div class="panel-heading">
+    <h3 class="panel-title">{{ $title }}</h3>
+  </div>
+@endisset
+  <div class="panel-body">
+    {{ $slot }}
+  </div>
+</div>
diff --git a/resources/views/device/tabs/notes.blade.php b/resources/views/device/tabs/notes.blade.php
new file mode 100644
index 0000000000..bf06c3fe4c
--- /dev/null
+++ b/resources/views/device/tabs/notes.blade.php
@@ -0,0 +1,14 @@
+@extends('device.index')
+
+@section('tab')
+    <x-panel title="{{ __('Device Notes') }}">
+        <form method="post" action="{{ route('device.notes.update', $device)}}">
+            @csrf
+            @method('PUT')
+            <div class="form-group">
+                <textarea @cannot('update-notes', $device) disabled @endcannot class="form-control" rows="3" name="note">{{ $device->notes }}</textarea>
+            </div>
+            <button @cannot('update-notes', $device) disabled @endcannot type="submit" class="btn btn-default"><i class="fa fa-check"></i> Save</button>
+        </form>
+    </x-panel>
+@endsection
diff --git a/routes/web.php b/routes/web.php
index 6b8fc2e01c..615ca08a27 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -34,6 +34,12 @@ Route::group(['middleware' => ['auth'], 'guard' => 'auth'], function () {
     Route::get('authlog', 'UserController@authlog');
     Route::get('overview', 'OverviewController@index')->name('overview');
     Route::get('/', 'OverviewController@index')->name('home');
+
+    // Device Tabs
+    Route::group(['prefix' => 'device/{device}', 'namespace' => 'Device\Tabs', 'as' => 'device.'], function () {
+        Route::put('notes', 'NotesController@update')->name('notes.update');
+    });
+
     Route::match(['get', 'post'], 'device/{device}/{tab?}/{vars?}', 'DeviceController@index')
         ->name('device')->where(['vars' => '.*']);