Priority Of Setting Methods - Panasonic KX-UT123 Administrator's Manual

Notice
•
To avoid redundant data transfer over the network, important data, such as the encryption key used
to encrypt the configuration files and the root certificate for SSL, should be configured through
pre-provisioning as much as possible.
•
It is recommended that you encrypt the data in order to keep the communication secure when
transferring configuration files.
However, if you are using the units within a secure environment, such as within an intranet, it is not
necessary to encrypt the data.
To decrypt configuration files, the unit uses the encryption key registered to it beforehand. The unit determines
the encryption status by checking the extension of the downloaded configuration file.
For details about encrypting configuration files, contact the appropriate person in your organization.
Extension of Configuration
File
".e1c"
".e2c"
".e3c"
Other than ".e1c", ".e2c", and
".e3c"
Comparison of the 2 Methods
The following table compares the characteristics for the 2 transfer methods.
Provisioning server load
Operation load
Management of
configuration files
Security of data on the
server when operating
Moreover, there is another method: configuration files are not encrypted while stored on the server, and then,
using the encryption key registered to the unit beforehand, they are encrypted when they are transferred. This
method is particularly useful when several units are configured to download a common configuration file using
different encryption keys. However, as when downloading an unencrypted configuration file using HTTPS, the
server will be heavily burdened when transferring configuration files.

2.3 Priority of Setting Methods

The same settings can be configured by different configuration methods: provisioning, Web user interface
programming, etc. This section explains which value is applied when the same setting is specified by multiple
methods.
Document Version 2013-03
Configuration File Parameters Used for Decrypting
CFG_FILE_KEY1
CFG_FILE_KEY2
CFG_FILE_KEY3
Processed as unencrypted configuration files.
The extension ".cfg" should be used for unencrypted configuration files.
Transferring Encrypted
Configuration Files
Light
Necessary to encrypt data
beforehand.
Files must be decrypted and
re-encrypted for maintenance.
High
2.3 Priority of Setting Methods
Transferring Configuration Files
Using HTTPS
Heavy
(The server encrypts data for each
transmission.)
Unnecessary to encrypt data
beforehand.
It is easy to manage files because
they are not encrypted on the server.
Low
(Configuration files are readable by
anyone with access to the server.)
Administrator Guide 45