The TR-069 communication protocol is managed by an Auto Configuration Service, or ACS. Technical Report 069 (also known as TR-069) is a middleware protocol that allows remote management of customer premises equipment (CPE). This CPE is linked to an IP network. The use of CPE WAN Management Protocol (CWMP), which is an application layer communication mechanism for connecting the Auto Configuration Service (ACS) to CPE, is at the core of this protocol.

The ACS lets you manage and administer CPEs that are TR-069 enabled over the internet. It’s a key connection between customers’ devices and the provider’s support staff and departments, as well as support systems and technicians involved in network management. Remote provisioning can be automated, as can a variety of management functions for TR-069 devices, such as firmware upgrading.

The Benefits of TR-069

The benefits of TR-069 with respect to end-user devices are numerous. There is a sector standard for connecting devices, and some of the advantages of using TR-069 include:

  • Remotely provisioning CPE.
  • Better visibility into broadband networks and CPE, as well as improved management and control.
  • Customisable, user-friendly interface for collecting and viewing analytical data on network activity and usage, as well as service use and home network features.
  • Among others, you’ll get access to new managed data services such as content filtering, parental controls, WiFi, home video surveillance, and online backup.
  • The ability to provide subscribers with some level of self-service through apps and portals.
  • Managing connected homes and IoT environments with the potential to provide additional services.
  • Ability to provide better customer service and a positive user experience via diagnostics, firmware management, and monitoring.
  • Customer service calls and visits will be less frequent as a consequence of the software, allowing for more efficient use of assets.
  • There’s no need for subscribers to spend time each year configuring their CPE.
  • An automated method for services to be deployed.
  • Ability to take advantage of a more cost-effective solution.

There are several other factors that have contributed to the TR-069’s increasing popularity. It’s also worth noting that TR-069 can be utilised with other protocols, including the familiar DOCSIS.

How Does a Device Connect to the ACS Server?

A proper and secure connection between a CPE device and the auto configuration server needs several parameters configured on the device itself:

  • ACS URL: an Internet address of the ACS, which is accessible from the device.
  • Periodic Inform Interval: defines a frequency of communication with the ACS.
  • Username and password: verification data is optional. It depends on the ACS requirements and an expected security level.

Are ACS Servers Secure?

The original CWMP was designed by the Broadband Forum to ensure that a high degree of security was provided. As a result, you may feel confident in the knowledge that ACS servers and TR-069 are secure. With the creation, several security objectives have been considered in order to provide protection and peace of mind. This includes:

  • Preventing tampering with CPE or ACS management capabilities.
  • Tampering with transactions between CPE and the ACS are prevented.
  • Ensuring the confidentiality of transactions between the CPE and ACS.
  • Allowing for proper authorisation of all transaction types.
  • Service theft prevention.

Recommended ACS Server

Now that we understand what TR-069 is, along with the benefits that it has for telco and ISP companies in the device management sector, we need to identify any solutions in the market where seamless device management is possible.

Axiros is a company that designs and sells software products for the telecommunications industry. One of their most popular product lines, called AXESS, is an Auto Configuration Servers (ACS). This software can be used to automate all aspects when monitoring and provisioning devices effortlessly by managing residential and business CPEs with TR-069 and TR-369 protocols. It also ensures monitorization and provisioning of technologies such as fiber, xDSL, and satellite. This ensures telco businesses and ISPs can manage residential and business CPEs along with the entire E2E (exchange to exchange) device chain.

AXESS ACS Functionalities

Here is a list of all the functionalities which AXESS ACS, provided by Axiros, can provide for companies:

(Taken from: https://www.axiros.com/products/axess-acs)

  • Remote device management
  • Zero-touch provisioning
  • Short-time monitoring – troubleshooting device monitoring
  • Fully TR-069 compliant – and all subsequent standards
  • Customer self service portal support
  • Workflow engine, supporting inter-device management tasks
  • Intelligent firmware management
  • Security management
  • Multiple NBI protocols – extendable on request
  • Interoperability ensures that all TR-069 standard-compliant devices can be managed
  • Embedded permissions for Add, View, Change, Delete
  • Embedded email, syslog, XML-RPC, SOAP, JMS clients
  • Administrative front ends, fully customizable including language adaption with support of >100 languages
  • XML-RPC, XML and SOAP backend interfaces, server and client, synchronous and asynchronous
  • Security matrix (non-global role system)
  • Customizable authorization system
  • Schedulable mass operations
  • Workflow engine for setup of arbitrarily complex multi-step workflows, offering the following features:
  • Intra-CPE and inter-CPE workflows
  • Fully programmable
  • State handling
  • Transaction safety
  • Definable exception handling
  • Modular
  • Ships as standard Linux package, installed within minutes on each node
  • Solaris supported, with one major release offset
  • Application Server including Object Database and optimized primary SQL storage
  • Secondary SQL for consolidated custom data: Oracle 10/11, MySQL, PostgresSQL
  • CPE hierarchical grouping and virtual grouping for batch operations on arbitrary sets of CPEs
  • Grouping by any device, customer profile or service definition setting, in any combination
  • Any workflow triggerable for any group, active, passive or scheduled