Zero-touch provisioning

Last updated

Zero-touch provisioning (ZTP), or zero-touch enrollment, [1] is the process of remotely provisioning large numbers of network devices such as switches, routers and mobile devices without having to manually program each one individually. [2] The feature improves existing provisioning models, solutions and practices in the areas of wireless networks, (complex) network management and operations services, and cloud based infrastructure services provisioning. [3]

Contents

ZTP saves configuration time while reducing errors. [2] The process can also be used to update existing systems using scripts. [2] Research has shown that ZTP systems allow for faster provisioning versus manual provisioning. [4] The global market for ZTP services was estimated to be $2.1 Billion in 2021. [5]

In April 2019, the Internet Engineering Task Force published RFC 8572 Secure Zero Touch Provisioning (SZTP) as a Proposed Standard. [6]

The FIDO Alliance published FIDO Device Onboard version 1.0 in December 2020, and followed up with a FIDO Device Onboard version 1.1 in April 2022. Several FDO "app notes" augment this specification. FIDO Device Onboard is also a ZTP type protocol.

Applications

One application of the technology is to improve delivery of cloud computing services. [7] The concept has been particularly influential for information technology when paired with mobile device management. [8] Repetitive processes that can be automated and streamlined include configuring settings; collecting inventory details; deploying apps; managing licenses; and implementing security policy, including password management and wiping remote devices. [9]

System architecture

A basic ZTP system requires a network device that supports ZTP, a server that supports Dynamic Host Configuration Protocol (DHCP) or Trivial File Transfer Protocol (TFTP), and a file server. [2] When a ZTP-enabled device is powered on, the device's boot file sets up configuration parameters. A switch then sends a request using DHCP or TFTP to get the device's configuration file from a central location. The file then runs and configures ports, IP addresses and other server parameters for each location. [2]

Similar concepts

A similar concept is the zero-touch network, which integrates zero-touch provisioning with automation, artificial intelligence and machine learning. [8]

Standards activity

In December 2017, the European Telecommunications Standards Institute (ETSI) formed the Zero-touch network and Service Management group (ZSM) to accelerate development and standardization of the technology. [10] In the summer of 2019, the group published a series of documents defining ZSM requirements, reference architecture and terminology. [10]

In April 2019, the Internet Engineering Task Force published RFC 8572 Secure Zero Touch Provisioning (SZTP) as a Proposed Standard. [6]

Related Research Articles

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.

An Internet Protocol address is a numerical label such as 192.0.2.1 that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface identification, and location addressing.

In telecommunication, provisioning involves the process of preparing and equipping a network to allow it to provide new services to its users. In National Security/Emergency Preparedness telecommunications services, "provisioning" equates to "initiation" and includes altering the state of an existing priority service or capability.

The Address Resolution Protocol (ARP) is a communication protocol used for discovering the link layer address, such as a MAC address, associated with a given internet layer address, typically an IPv4 address. This mapping is a critical function in the Internet protocol suite. ARP was defined in 1982 by RFC 826, which is Internet Standard STD 37.

Trivial File Transfer Protocol (TFTP) is a simple lockstep File Transfer Protocol which allows a client to get a file from or put a file onto a remote host. One of its primary uses is in the early stages of nodes booting from a local area network. TFTP has been used for this application because it is very simple to implement.

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

An ephemeral port is a communications endpoint (port) of a transport layer protocol of the Internet protocol suite that is used for only a short period of time for the duration of a communication session. Such short-lived ports are allocated automatically within a predefined range of port numbers by the IP stack software of a computer operating system. The Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), and the Stream Control Transmission Protocol (SCTP) typically use an ephemeral port for the client-end of a client–server communication. At the server end of the communication session, ephemeral ports may also be used for continuation of communications with a client that initially connected to one of the services listening with a well-known port. For example, the Trivial File Transfer Protocol (TFTP) and Remote Procedure Call (RPC) applications can behave in this manner.

A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.

The Bootstrap Protocol (BOOTP) is a computer networking protocol used in Internet Protocol networks to automatically assign an IP address to network devices from a configuration server. The BOOTP was originally defined in RFC 951 published in 1985.

Zero-configuration networking (zeroconf) is a set of technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers. Without zeroconf, a network administrator must set up network services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer's network settings manually.

<span class="mw-page-title-main">Preboot Execution Environment</span> Standard for booting from a server

In computing, the Preboot eXecution Environment, PXE specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as DHCP and TFTP.

Linux Terminal Server Project (LTSP) is a free and open-source terminal server for Linux that allows many people to simultaneously use the same computer. Applications run on the server with a terminal known as a thin client handling input and output. Generally, terminals are low-powered, lack a hard disk and are quieter and more reliable than desktop computers because they do not have any moving parts.

<span class="mw-page-title-main">Home network</span> Type of computer network

A home network or home area network (HAN) is a type of computer network that facilitates communication among devices within the close vicinity of a home. Devices capable of participating in this network, for example, smart devices such as network printers and handheld mobile computers, often gain enhanced emergent capabilities through their ability to interact. These additional capabilities can be used to increase the quality of life inside the home in a variety of ways, such as automation of repetitive tasks, increased personal productivity, enhanced home security, and easier access to entertainment.

<span class="mw-page-title-main">TR-069</span> Router configuration protocol over HTTP

Technical Report 069 (TR-069) is a technical specification of the Broadband Forum that defines an application layer protocol for remote management and provisioning of customer-premises equipment (CPE) connected to an Internet Protocol (IP) network. TR-069 uses the CPE WAN Management Protocol (CWMP) which provides support functions for auto-configuration, software or firmware image management, software module management, status and performance managements, and diagnostics.

Lightweight Access Point Protocol (LWAPP) is a protocol that can control multiple Wi-Fi wireless access points at once. This can reduce the amount of time spent on configuring, monitoring and troubleshooting a large network. The system will also allow network administrators to closely analyze the network.

<span class="mw-page-title-main">Pano Logic</span> American information technology company

Pano Logic was a manufacturer of devices which present virtual desktops to the end user with no local processing power. They describe this concept as "zero client". This is perceived as offering benefits in end-user support and in power provision to desks. OEM versions have been included in displays from some vendors, allowing a single unit to be deployed. The company failed in October 2012. In March 2013, Propalms announced they had acquired the rights to support Panologic customers, and will "help transition the customer base to a new platform".

Yet Another Next Generation is a data modeling language for the definition of data sent over network management protocols such as the NETCONF and RESTCONF. The YANG data modeling language is maintained by the NETMOD working group in the Internet Engineering Task Force (IETF) and initially was published as RFC 6020 in October 2010, with an update in August 2016. The data modeling language can be used to model both configuration data as well as state data of network elements. Furthermore, YANG can be used to define the format of event notifications emitted by network elements and it allows data modelers to define the signature of remote procedure calls that can be invoked on network elements via the NETCONF protocol. The language, being protocol independent, can then be converted into any encoding format, e.g. XML or JSON, that the network configuration protocol supports.

Cisco Prime Network Registrar (CNR) is a Cisco software product that includes components for Domain Name System (DNS) services, Dynamic Host Configuration Protocol services, Trivial File Transfer Protocol (TFTP) services, and Simple Network Management Protocol functions. CNR provides a regional and local management structure and is supported on server hardware and software based on 32-bit and 64-bit architectures. This product is now called Cisco Prime Network Registrar.

DNOS or Dell Networking Operating System is a network operating system running on switches from Dell Networking. It is derived from either the PowerConnect OS or Force10 OS/FTOS and will be made available for the 10G and faster Dell Networking S-series switches, the Z-series 40G core switches and DNOS6 is available for the N-series switches.

Cisco Prime is a network management software suite consisting of different software applications by Cisco Systems. Most applications are geared towards either Enterprise or Service Provider networks. There is Cisco Network Registrar among those.

References

  1. Gold, Jack (May 16, 2019). "How can zero-touch enrollment help Android admins?". Techtarget.com. Retrieved February 24, 2023.
  2. 1 2 3 4 5 Gillis, Alexander (May 1, 2021). "zero-touch provisioning (ZTP)". Techtarget.com. Retrieved January 3, 2023.
  3. Demchenko, Yuri; Filiposka, Sonja; Tuminauskas, Raimundas; Mishev, Anastas; Baumann, Kurt; Regvart, Damir; Breach, Tony (2015). "Enabling Automated Network Services Provisioning for Cloud Based Applications Using Zero Touch Provisioning". 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC). pp. 458–464. doi:10.1109/UCC.2015.82. ISBN   978-0-7695-5697-0. S2CID   16630605 . Retrieved February 24, 2023.
  4. Boskov, Ivan; Yetgin, Halil; Vucnik, Matevz; Fortuna, Carolina; Mohorcic, Mihael (2020). "Time-to-Provision Evaluation of IoT Devices Using Automated Zero-Touch Provisioning". GLOBECOM 2020 - 2020 IEEE Global Communications Conference. pp. 1–7. arXiv: 2009.09731 . doi:10.1109/GLOBECOM42002.2020.9348119. ISBN   978-1-7281-8298-8. S2CID   221818631 . Retrieved February 24, 2023.
  5. "Zero-Touch Provisioning Market Size, Share & Trends Analysis Report By Component, Device Type, Network Complexity, Enterprise Size, Industry, By Regional Outlook, Competitive Strategies, And Segment Forecasts, 2022 - 2030". grandviewresearch.com. Retrieved January 19, 2023.
  6. 1 2 Watsen, Kent; Abrahamsson, Mikael; Farrer, Ian (April 1, 2019). "Secure Zero Touch Provisioning (SZTP) RFC 8572". IEGF.org. Retrieved March 6, 2023.
  7. Demchenko, Yuri; Filiposka, Sonja (November 1, 2016). "ZeroTouch Provisioning (ZTP) Model and Infrastructure Components for Multi-provider Cloud Services Provisioning". researchgate.net. arXiv: 1611.02758 . Retrieved January 4, 2023.
  8. 1 2 "What is a zero-touch network?: Hype vs. reality". rcrwireless.com. December 17, 2021. Retrieved January 4, 2023.
  9. "Zero-Touch Provisioning: A New Model for Device Management". Insight. October 15, 2018. Retrieved May 19, 2023.
  10. 1 2 "Zero touch network & Service Management (ZSM)". ETSI.org. Retrieved January 4, 2023.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.