Table of Contents
Advertisement
ADAPTER unit is shipped from the factory, it contains a default common Profile and is considered
Unprovisioned. To save costs and expedite delivery, however, it is very desirable that an
Unprovisioned unit can be shipped directly from the factory to the subscriber's location without any
preprocessing by the Service Provider.
The PHONE ADAPTER contacts the Service Provider's provisioning server via the IP network or
Internet when it is plugged into the subscriber's home or business Local Area Network (LAN) –
assuming the provisioning server is reachable from the subscriber's home network – to pull the
designated profile to be installed in that particular PHONE ADAPTER unit. Furthermore, the PHONE
ADAPTER unit will periodically contact the provisioning server to download an updated profile. The
protocol for downloading the configuration profile can be "clear text" TFTP or HTTP data or it can be
encrypted TFTP, HTTP or HTTPS data if security is required. Security will be discussed in more
details in a later section.
This type of autonomous remote provisioning, where the individual PHONE ADAPTER unit pulls the
profile from the provisioning server is very scalable and flexible. Using this provisioning method, a
large number of PHONE ADAPTER units can be provisioned simultaneously and updated
periodically.
However, some basic information must be provided to the PHONE ADAPTER before it can be
provisioned in this fashion: a) the IP address or domain name of the provisioning server to contact,
and b) an ID and/or a password to send to the provisioning server such that it can associate it with a
specific subscriber and obtain the corresponding profile. This information can be sent out-of-band to
the subscriber via secured email or in a letter inside a welcome kit, for example. The subscriber might
need to punch in some numbers using a telephone connected to the PHONE ADAPTER in order to
enter this information into the unit. The PHONE ADAPTER provides an easy-to-use interface with
audio instructions to make this initial configuration process as painless as possible. An alternative is
for the unit to be provisioned with this basic information by the Service Provider before the unit is
shipped to the subscriber.
In addition to the batch mode of remote provisioning, the PHONE ADAPTER allows an interactive
mode of local provisioning. One way to offer this feature is through the use of an IVR system
(accessed through an attached telephone set). The user can access a diagnostic or configuration
menu to check the status of the device or to change some of the settings. This method of provisioning
may be applied by an administrator when the device is at the Service Provider's office, or by the
subscriber under the guidance of trained personnel during over-the-phone troubleshooting.
A third method of entering provisioning information into the PHONE ADAPTER is by way of its
integral web server via a browser on a PC.
configuration parameters via an easy-to-use, password protected graphical user interface.
method of provisioning might be preferred by administrators who wish to access the PHONE
ADAPTER over a secure corporate/institutional LAN or by the residential subscriber who is a "power
user."
1.1.3.
Security Overview
Security may be applied at many levels in the context of the PHONE ADAPTER. The following are
examples of information that should be secured:
The configuration profile pulled from the provisioning server – The downloading of the
profile should be secured since it contains authentication (password/user name ID /
number) information for accessing subscriber telephony services. It may also contain other
passwords and/or encryption keys used for a variety of management and service
operations.
The administration password to the PHONE ADAPTER unit – The unit must disallow
access to administrative functions to unauthorized users. This access can be controlled
with an administrator password. The administrator password can be one of the parameters
in the PHONE ADAPTER configuration profile.
© 2004 Linksys Proprietary (See Copyright Notice on Page 2)
The subscriber has the option to set and adjust
This
10
Advertisement
Table of Contents
