Secure provisioning of Snom phones

Implementing a secure provisioning environment is fundamental when you are deploying phones in an untrusted environment.

During the provisioning the phone retrieves the device settings from the provisioning server, the transferred settings can contains also different types of credentials (SIP accounts, LDAP bind credentials, HTTP client credentials for XML applications, etc..).

It is fundamental that such credentials are not accessible from unwanted or malicious users.

In order to protect those informations you must:

• authenticate and authorize the requests to the data, so only valid users / devices can access the information
• encrypt the transport of the data in order to avoid access to the information via network sniffing

Snom phones uses TLS to provide all the needed security features for the provisioning.

• Page:
  DECT M-Series Provisioning
• Page:
  How do I secure my Snom phone
• Page:
  How to auto-provision VPN Patch to your desk phone
• Page:
  How to configure site-wide vs. local settings in a M500 Pro configuration
• Page:
  How to load a SIP client certificate on the DECT base M300, M700, M900
• Page:
  How to migrate to version 10.1.x
• Page:
  Key lock on Snom phones
• Page:
  Protecting Snom devices against customer interference
• Page:
  Secure provisioning of Snom phones
• Page:
  Securing Snom phones more effectively
• Page:
  Security How-to
• Page:
  Support for OpenVPN redundancy