Example Provisioning Direction from the ServerThe following figure shows an example NOTIFY message from the server, directing the units to performprovisioning. The text "check-sync" is specified for "CFG_RESYNC_FROM_SIP".NOTIFY sip:1234567890@sip.example.com SIP/2.0Via: SIP/2.0/UDP xxx.xxx.xxx.xxx:5060;branch=abcdef-ghijklFrom: sip:prov@sip.example.comTo: sip:1234567890@sip.example.comDate: Wed, 1 Jan 2014 01:01:01 GMTCall-ID: 123456-1234567912345678CSeq: 1 NOTIFYContact: sip:xxx.xxx.xxx.xxx:5060Event: check-syncContent-Length: 02.2.6 EncryptionSecure Provisioning MethodsIn order to perform provisioning securely, there are 2 methods for transferring configuration files securelybetween the unit and the server.Which method is used depends on the environment and equipment available from the phone system.Method 1: Transferring Encrypted Configuration FilesA BCFG_FILE_KEY2 CFG_FILE_KEY2A. Unencrypted configuration fileB. Encrypted configuration fileTo use this method, an encryption key is required to encrypt and decrypt the configuration files. A presetencryption key unique to each unit, an encryption key set by your phone system dealer/service provider, etc.,is used for the encryption. When the unit downloads an encrypted configuration file, it will decrypt the file usingthe same encryption key, and then configure the settings automatically.Method 2: Transferring Configuration Files Using HTTPSThis method uses SSL, which is commonly used on the Internet, to transfer configuration files between theunit and server. For more secure communication, you can use a root certificate.Notice• To avoid redundant data transfer over the network, important data, such as the encryption key usedto encrypt the configuration files and the root certificate for SSL, should be configured throughpre-provisioning as much as possible.• It is recommended that you encrypt the data in order to keep the communication secure whentransferring configuration files.However, if you are using the units within a secure environment, such as within an intranet, it is notnecessary to encrypt the data.Document Version 2015-02 Administrator Guide 472.2.6 Encryption