Clarissa Pinto Bastos

Heru Pranoto

02/05/2011
What is TR-069?
A protocol for communication between Customer
Premise Equipment (CPE) and Auto-Configuration Server
(ACS) that encompasses secure auto-configuration as well as
other CPE management functions within a common
framework.
Why TR-069?
Service Providers can, through TR-069, use one
common platform to manage, through the Internet, all of their
Customer Premise Devices, no matter the device nor the
manufacturer.
This common application has never been achieved
before due to CPE vendors creating proprietary mechanisms for
management, and not wanting to expose those mechanisms to
their competitors.
CPE ACS
Open connection
SSL initiation
HTTP post
HTTP response
Inform request
Inform response
HTTP post
GetParameterValues response
HTTP response
SetParameterValues request
HTTP post
SetParameterValues response
Close connection
HTTP response
HTTP post
HTTP response
GetParameterValues request
TR-069 CPE/ACS Interaction Model:
Advantages of TR-069:
CWMP device configuration, troubleshooting, firmware upgrades,
user management, and reporting for TR-069 enabled devices to
reduce truck rolls

Enables service providers to offer dynamic services such as home
networking, security, Voice over IP, centrally managed by a TR-069
ACS

Reduces support calls by automated/proactive monitoring and
managing of TR-069 CWMP devices
Disadvantages TR-069:
No matter how well the specification is written, there is room for
interpretation and error during implementation.
Example: There is a typo in the specification where a common word, used to define
a field, is misspelled. Does the vendor take the specification at its literal meaning,
or does the vendor correct the spelling error?
SOAP implementation: TR-069 requires that all communications between
the CPE (client) and ACS (server) be done via a persistent, bi-directional
connection. However SOAP was designed for transitory, one-way
communications where the roles of client and server are clearly defined. By
requiring a persistent connection, TR-069 is switching these roles during
communications, something SOAP wasn't designed to do and introducing
complexity to a "simple" protocol.
In the current specification it is necessary for the SOAP to be generated
manually, a process highly prone to errors and interpretation.
From fine point technologies website: http://www.finepoint.com/services/certification.htm
Disadvantages TR-069 (cont.)
Has to cross several layers of protocols and methods that must interoperate:
Layer

Description

CPE/ACS Application

The application uses the CPE WAN Management Protocol on the CPE and ACS,
respectively. The application is locally defined and not specified as part of the CPE WAN
Management Protocol.

RPC Methods

The specific RPC methods that are defined by the CPE WAN Management Protocol.

SOAP

A standard XML-based syntax used here to encode remote procedure calls. Specifically
SOAP 1.1
HTTP

HTTP 1.1

SSL/TLS

The standard Internet transport layer security protocols. Specifically, either SSL 3.0
(Secure Socket Layer), or TLS 1.0 (Transport Layer Security)

TCP/IP

Standard TCP/IP.

Table 1 of TR-069 Amendment 1
TR-069 vs. SNMP
SNMP is a technology that is tried and true, but each company has it's
own MIB (management information base), and SNMP has been known to have
security flaws. TR-069 was created to be device agnostic, meaning that all CPE
devices can be managed by one TR-069 Auto Configuration Server (ACS) no
matter the manufacturer etc.
SNMP (Simple Network Management Protocol) is used by network
management systems to monitor network-attached devices for conditions
that warrant administrative attention. It consists of a set of standards for
network management, including an application layer protocol, a database
schema, and a set of data objects.
Privacy Concerns:
Although it may seem invasive and insecure to have devices able to
be accessed without active consent, there are many security protocols included
in the TR-069 documents.
Security Goals:
The CPE WAN Management Protocol is designed to provide a high degree of
security. The security model is also designed to be scalable. It is intended to allow basic
security to accommodate less robust CPE implementations, while allowing greater
security for those that can support more advanced security mechanisms. In general terms,
the security goals of the CPE WAN Management Protocol are as follows:
Prevent tampering with the management functions of a CPE or ACS, or the
transactions that take place between the CPE and ACS.
Provide confidentiality for the transactions that take place between a CPE and
ACS.
Allow appropriate authentication for each type of transaction.
Prevent theft of service.
From the TR-069 Amendment 1 document:

What can TR-069 be used for so far?
Any and all CPE, such as VoIP Analog Telephone Adapters, DSL Modems, and
Residential Gateways.
These capabilities are provisioned by TR-069 and its extensions (TR-098, TR-
104, TR-106, TR-110, TR-111)

TR-069 Extensions:
TR-098 - data model for internet gateway devices (DSL modems with built in routers)

TR-104 - data model and any specific items for VoIP devices

TR-106 - a base object structure for TR-069 enabled devices

TR-110 - a reference model for VoIP configurations

TR-111 - covers applying TR-069 to remote management of home networking devices

Conclusion
Since TR-069s ratification, changing market dynamics continue to
impact the way service providers conduct business. A single high-speed
data service is no longer a viable, long-term path to retain market share
or grow revenue. Prices of core data servicesand the associated
marginsare declining steeply, and market saturation of basic
broadband is on the horizon. To remain competitive, carriers are
expanding into new video and content services, going after video
franchises, bundling entertainment packages, and competing head-to-
head with traditional cable operators to attract and retain new
customers.
TR-069 has to keep expanding to incorporate the many new
technologies being developed for in-home use
References:
Technical Report DSL Forum TR-069 CPE WAN Management
Protocol, 2004
http://en.wikipedia.org/wiki/TR-069