Cisco SPA901-UK Provisioning Guide - Page 9

Provisioning Cisco Small Business VoIP Devices Small Business and Residential Deployment Provisioning 1 This customized, ongoing configuration is supported by the following features: • Reliable remote control of the endpoint • Encryption of the communication controlling the endpoint • Streamlined endpoint account binding Remote Endpoint Control and NAT A service provider can remotely modify the configuration parameters in an IP Telephony device after the unit has been deployed to the customer premises and upgrade the firmware. The IP Telephony device accesses the Internet through a router by using network address translation (NAT). For enhanced security, the router might attempt to block unauthorized incoming packets by implementing symmetric NAT (a packet filtering strategy that severely restricts the packets that are allowed to enter the protected network from the Internet). Communication Encryption The configuration parameters communicated to the IP Telephony device can contain authorization codes or other information that protect the system from unauthorized access. It is in the service provider's interest to prevent unauthorized activity by the customer, and it is in the customer's interest to prevent the unauthorized use of the account. The service provider can encrypt the configuration profile communication between the provisioning server and the IP Telephony device, in addition to restricting access to the administration web server. Cisco Small Business IP Telephony Devices Provisioning Guide 8