Example Provisioning Direction from the Server
The following figure shows an example NOTIFY message from the server, directing the units to perform
provisioning. The text "check-sync" is specified for "
CFG_RESYNC_FROM_SIP
".
NOTIFY sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP xxx.xxx.xxx.xxx:5060;branch=abcdef-ghijkl
From: sip:[email protected]
To: sip:[email protected]
Date: Wed, 1 Jan 2014 01:01:01 GMT
Call-ID: 123456-1234567912345678
CSeq: 1 NOTIFY
Contact: sip:xxx.xxx.xxx.xxx:5060
Event: check-sync
Content-Length: 0
2.2.6 Encryption
Secure Provisioning Methods
In order to perform provisioning securely, there are 2 methods for transferring configuration files securely
between the unit and the server.
Which method is used depends on the environment and equipment available from the phone system.
Method 1: Transferring Encrypted Configuration Files
A
B
CFG_FILE_KEY2
CFG_FILE_KEY2
A.
Unencrypted configuration file
B.
Encrypted configuration file
To use this method, an encryption key is required to encrypt and decrypt the configuration files. A preset
encryption key unique to each unit, an encryption key set by your phone system dealer/service provider, etc.,
is used for the encryption. When the unit downloads an encrypted configuration file, it will decrypt the file using
the same encryption key, and then configure the settings automatically.
Method 2: Transferring Configuration Files Using HTTPS
This method uses SSL, which is commonly used on the Internet, to transfer configuration files between the
unit and server. For more secure communication, you can use a root certificate.
Notice
•
To avoid redundant data transfer over the network, important data, such as the encryption key used
to encrypt the configuration files and the root certificate for SSL, should be configured through
pre-provisioning as much as possible.
•
It is recommended that you encrypt the data in order to keep the communication secure when
transferring configuration files.
However, if you are using the units within a secure environment, such as within an intranet, it is not
necessary to encrypt the data.
Document Version 2015-02
Administrator Guide
47
2.2.6 Encryption