Posted by Tony Hillerson on June 26, 2020
The idea of "zero-touch-configuration" of devices has been around for a while, notably in the SD-WAN space. In terms of device management in general, the important goal is that of making a device's physical location irrelevant to the device's manager. Ideally any device should never have to be in someone's hands throughout its entire lifecycle, from production line to warehouse to deployed location and so on until the end of the device's normal operations, in order for its configuration to be updated.
Configuration here can cover simple things, like network settings, to higher-order capabilities, like management of software running on the device, including updates to that software. The general implementation model is that some software runs on the device in order to maintain a connection to a management system. When the device comes online, no matter where it is at the time, it can retrieve its configuration and begin its lifecycle. As new devices roll off the production line, they have the latest configuration waiting for them, and the latest configuration can also be delivered to devices already in the field.
However a nuance exists to the zero-touch-configuration workflow, one that we've noticed as we've worked with a few different types of customers. The question is one of ownership.
As a device management platform, there's a question we need to ask whenever it comes to configuring a device: "which account owns the device". Configuration of the device necessarily involves access to important data, some of which need to be protected and not shared.
There are a few customer types, notably but not exclusively device OEMs that use our platform to offer device management and the other rich capabilities of our platform to their customers. An important choice these OEMs can make with our platform is whether or not they wish to manage the customer's account themselves, or whether they'd like the end customer's account to stand alone and share no data with the OEM's account. The trade-off is between management responsibility for the end-customer versus the customer's privacy.
Another important relationship to consider is any intermediate owners of the device on the way to the end-customer. Some of our customers may pass ownership of the device through another entity - and thus another account - on the way to final ownership and configuration by the end-customer. An example is the chain from OEM to reseller to end-customer. There could also be enterprise use cases that follow the same pattern between business units.
Configuration of the device probably makes sense within the end-customer's account, using information that is owned by that account. However some initial information needs to be in place at the point the device is produced and provisioned with our SmartEdge management software. This allows the device to be identified and available for remote configuration through any changes that need to take place. However in many cases, the destination, end-customer, account is not yet known.
Since the initial configuration is only necessary, or for reasons noted above, only desired, at the point the end-customer account is known, but the account may not be known until later in any given process - we've designed a lightweight concept for defining and managing a device in this interim state: an escrow device.
The conceptual model of an escrow device is that the device is held on behalf of an end-customer, and destined to finally come to rest in a customer account. At that point, the initial zero-touch-configuration process can take place. In the meantime, all that needs to be done by the device management system is to keep track of the device until that process is ready to take place.
The process is this:
This process balances the concerns of remote management and delivery of device configuration, data ownership, and optimization of the device provisioning process.
The concept of "zero-touch-configuration" is an important admission of the needs of managing connected devices in the modern world. Physical interaction with devices is costly in time and limited to the processes by which devices are produced, stored, shipped, and ultimately arrive at the location they need to be. Any device management system worth mentioning offers this capability.
However other concerns of a device management platform, such as data protection, account sandboxing, and so forth require the ability to manage devices' journey through the platform to the end-customer account. The concepts of escrow devices and device transfers, built into EdgeIQ's platform, give our customers, whether OEM, device provisioner, reseller, or end-customer of any type, the ability to manage the important changes of ownership that take place in these cases.