What is TR-069 - and what isn't it?
The Broadband Forum's (formerly DSL-Forum) Technical Reports for a Customer Premises Equipment (CPE) WAN Management Protocol (the TR-069), can be described as a framework and a data object model for the communications between a customer device - such as a broadband router - and a central-side auto-provisioning/management server (commonly referred to as an ACS). Or in other words a "common language" among all supporting CPE and managements system vendors regardless of make and model.
Although "TR-069" is the common term referenced in litterature and product specifications and in reality denotes a specific Technical Report published under the Broadband Forum, it commonly implies an entire suite of standards and specifications, which apart from TR-069 itself includes specifications such as TR-064, TR-098, TR-104, TR-106, TR-111, TR-135, TR-140 and others. "TR-069" should therefore generally be interpreted more as a term or concept, and is used under this definition in the descriptions below.
TR-104 is an extension of TR-069, which extends in scope to include the data object models needed for the provisioning of Voice-over-IP devices. Recent additions to the suite of managements specifications for service-based CPE's include TR-135 (Set-Top Box object model for VoD/IP TV devices) and TR-140 (Network Attached Storage device object model).
Unified Provisioning Model
Although the original specification targeted Internet Gateway Devices (routers), the TR-106 object model expands the scope of the TR-069 suite by adding a more generic specification - simply known as Device. This TR-106 object model can be described as a skeleton object model, which expand the application of TR-069 to network devices, which are in fact not routers, but rather LAN-based service devices. As an example, the specification for VoIP (TR-104), can be applied to both Integrated Access Devices (IAD's - also known as VoIP routers), ie. a device with router functionality (Internet Gateway Device - TR-069) as well as to Analogue Telephone Adapters (ATA), which are simple LAN-devices with no routing capability (Device - TR-106). By utilizing the TR-104 object model applied relative to the root object (InternetGatewayDevice or Device), a unified configuration scheme can be achieved regardless not only of model and make, but also regardless of whether the VoIP service is being delivered through the VoIP feature of an IAD or through a dedicated LAN-device, such as an ATA or IP Phone.
This represents a very powerful concept to a service provider as VoIP can be offered, and - most importantly - automatically provisioned through a coherent process - in theory regardless of what equipment is used to actually deploy the service.
Applicable to many different device types
A common misconception is that the TR-069 is only applicable to broadband (or specifically ADSL CPE) devices. This is really not surprising, as the technical reports are published by the Broadband Forum, but in fact, the TR-069 only specifies how devices should communicate, and though originally targeted mainly for internet gateways, it is a framework which can be utilized by many other types of equipment - for example Analogue Telephone Adapters (ATA's), WiFi and Wimax devices, PLC gateways, IP Phones, Set-Top Boxes, Digital Media, Specialized Digital Home devices and many more.
Several new object models are in development under the Broadband Forum, targeting standard specifications for new types of devices, not only in terms of what content or network services the devices can deploy, but also in terms of the access technology - Ethernet, DSL, Wireless, Passive-Optical Networks (PON) and others.
Network Friendly and Secure
TR-069 uses HTTP or HTTPS to communicate with the ACS. More specifically the protocols are based on SOAP messaging, which can seamlessly pass through firewalls and NAT gateways, as the traffic resembles that of normal web-browsing. Usually no special means are necessary to facilitate connectivity between the CPE and ACS, allowing default firewall policies to remain unchanged. In addition, the use of Secure Socket Layer (SSL) under HTTPS can optionally encrypt all traffic between CPE and ACS, effectively inhibiting eavesdropping on configuration data sent to the CPE. Also, standard means of strong authentication, such as Digest or Certificate-based authentication is commonly used.
To even further securing the provisioning mechanism, no configuration data are allowed to be sent over ACS-initiated connections, which make it practically impossible for malicious servers to take control of the CPE. The ACS is only allowed to request a contact from the CPE (Connection Request), however, the CPE will only accept configuration from pre-destined management servers during connections initiated by the CPE itself.
Apart from responding to connection requests issued by the ACS, the CPE will normally initiate connections to the ACS at given time intervals (Periodic Inform), during startip (boot) and upon the occurence of special events. Connections from the CPE are known as Informs, and can be uitlized by the ACS to maintain status of the CPE or perform configuration changes, firmware upgrades or other tasks.
With the expanding scope of TR-069 into the digital home and LAN-based devices, the above mechanisms also represent a challenge, as LAN-based devices in practically all cases are located behind firewall gateways, which would actively prevent a connection request from the ACS from ever reaching the LAN-devices. As such ACS-initiated connection requests can easily be vital to the services deployed, a set of specifications has been designed to overcome this challenge. The TR-111 specification addresses this problem, allowing the ACS to send a connection request to the CPE by encapsulating the conenction request into a UDP datagram, and employ the STUN protocol (Simple Traversal of UDP through NAT) to allow the UDP dtagram to pass through the gateway. In addition, the TR-111 specification also includes a collaboration model between ACS, gateway and LAN device.
Unified Abstraction Layer
By utilizing TR-069 and related standards, a unified abstraction from hardware is achieved. In practical terms, this means that CPE from various manufacturers can be provisioned and managed seamlessly alongside each other. Most leading CPE vendors today offer TR-069 manageability of their devices. For the service providers this is crucial as operational procedures and systems need not change if any new equipment is introduced to deliver their services.
As communications standards, TR-069 and related object models, such as TR-104, are not centric to the usage of the equipment. It is merely the tools to configure them. In order implement a fully automated provisioning system, the management platform within the ACS needs to integrate all the business and operations logics, centric to the types of subscriptions offered by Service Provider. Its objective is a need to integrate the back-end support and logistics systems in order to automate the operational flow end to end.
Why use TR-069?
The end-to-end automated provisioning of CPE can be a huge cost-saver in terms of logistics, services and support. In today's world, more and more services are being offered on the back of broadband access. However, CPE's are at the same time becoming increasingly complex beyond the grasp of normal broadband subscribers, resulting in a significant increase in support calls. TR-069 based provisioning entirely removes the burden of CPE configuration from the subscribers, as the entire roll-out of services are being handled through a fully automated process. In reality, the user only need to connect and power on the CPE. The CPE will by itself connect to the ACS and retrieve its individual subscriber configuration in a matter of seconds. Not only does this introduce cost-savings in terms of logistics and support, it also greatly improves the users experience of the services, thus reducing churn.
In addition, TR-069 may represent upportunities for service providers to provide innovative services, capitalizing on the in-depth control of complex devices, which the specifications have to offer.
The OneNetwork Management System
The main objective of Works Systems' OneNetwork Management System (OneMS) is the integration of business processes from the Service Providers operational systems i.e. ordering, logistics, service and support processes, covering the full life-cycle of a Customer Premises Equipment. TR-069, TR-104 and several other DSL-Forum standards are among the means to communicate with the CPE, in order to facilitate the provisioning of the subscription type offered by the Service Provider in a fully automated process. In addition to TR-069 and related standards and protocols, OneMS also support several other types of CPE communication, including vendor proprietary protocols.
Read more about the OneNetwork Management System here.
Works Systems provides tools and services to aid the implementation of TR-069 and related specifications into CPE, and our customers include a large number of well-known brands world-wide.
The products offered include:
- OpenAgent, a TR-069 embedded client source code for CPE's ( read more here )
- OneCentric 8200, a specialized ACS for testing and development of TR-069 (read more here )
For any questions regarding Works Systems' products and services, please do not heistate to contact us