Cisco SPA901-UK Provisioning Guide - Page 10

Provisioning Overview, Remote Firmware Upgrade - user guide

Get Cisco SPA901-UK - Small Business Pro PDF manuals and user guides
UPC - 745883570751
View all Cisco SPA901-UK manuals
Add to My Manuals
Save this manual to your list of manuals

Page 10 highlights

Provisioning Cisco Small Business VoIP Devices Provisioning Overview 1 Provisioning Overview Cisco Small Business provisioning solutions are designed for high-volume residential deployment, where each IP Telephony Device typically resides in a separate LAN environment that is connected to the Internet through a NAT device. Configuration profiles can be generated by using common, open source tools that facilitate integration into service provider provisioning systems. Cisco Small Business IP Telephony devices support secure remote provisioning and firmware upgrades. User intervention is not required to initiate or complete a profile update or firmware upgrade. Supported transport protocols include TFTP, HTTP, and HTTPS with a client certificate. An IP Telephony device can be configured to resynchronize its internal configuration state to a remote profile periodically and on power up. A 256-bit symmetric key encryption of profiles is supported. In addition, an unprovisioned IP Telephony device can receive an encrypted profile specifically targeted for that device without requiring an explicit key. Secure first-time provisioning is provided through a mechanism that uses SSL functionality. NOTE Remote customization (RC) units are customized by Cisco so that when the unit is started, it contacts the Cisco provisioning server to download its customized profile. Remote Firmware Upgrade A remote firmware upgrade is achieved by using TFTP or HTTP, but not by using HTTPS because the firmware does not contain sensitive information. The upgrade logic is capable of automating multi-stage upgrades, if intermediate upgrades are required to reach a current upgrade state from an older release. A profile resync is only attempted when the IP Telephony device is idle, because the upgrade might trigger a software reboot. General purpose parameters are provided to help service providers manage the provisioning process. Each IP Telephony device can be configured to periodically contact a normal provisioning server (NPS). Communication with the NPS does not require the use of a secure protocol because the updated profile is encrypted by a shared secret key. The NPS can be a standard TFTP, HTTP, or HTTPS server. Cisco Small Business IP Telephony Devices Provisioning Guide 9

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
Provisioning Cisco Small Business VoIP Devices
Provisioning Overview
Cisco Small Business IP Telephony Devices Provisioning Guide
9
1
Provisioning Overview
Cisco Small Business provisioning solutions are designed for high-volume
residential deployment, where each IP Telephony Device typically resides in a
separate LAN environment that is connected to the Internet through a NAT device.
Configuration profiles can be generated by using common, open source tools that
facilitate integration into service provider provisioning systems. Cisco Small
Business IP Telephony devices support secure remote provisioning and firmware
upgrades. User intervention is not required to initiate or complete a profile update
or firmware upgrade.
Supported transport protocols include TFTP, HTTP, and
HTTPS with a client certificate.
An IP Telephony device can be configured to resynchronize its internal
configuration state to a remote profile periodically and on power up. A 256-bit
symmetric key encryption of profiles is supported. In addition, an unprovisioned IP
Telephony device can receive an encrypted profile specifically targeted for that
device without requiring an explicit key. Secure first-time provisioning is provided
through a mechanism that uses SSL functionality.
NOTE
Remote customization (RC) units are customized by Cisco so that when the unit is
started, it contacts the Cisco provisioning server to download its customized
profile.
Remote Firmware Upgrade
A remote firmware upgrade is achieved by using TFTP or HTTP, but not by using
HTTPS because the firmware does not contain sensitive information. The upgrade
logic is capable of automating multi-stage upgrades, if intermediate upgrades are
required to reach a current upgrade state from an older release. A profile resync is
only attempted when the IP Telephony device is idle, because the upgrade might
trigger a software reboot.
General purpose parameters are provided to help service providers manage the
provisioning process. Each IP Telephony device can be configured to periodically
contact a normal provisioning server (NPS). Communication with the NPS does not
require the use of a secure protocol because the updated profile is encrypted by
a shared secret key. The NPS can be a standard TFTP, HTTP, or HTTPS server.