User's Manual
BDH Editor; Reviewed: RJS,
JWS,CLB,ML,RS,RKP,TGS,BH,
PMS, RGF, NHK 4/20/06
Application Notes
©2006 Avaya Inc. All Rights Reserved.
16 of 18
CID 117689
8. Security
HTTP/HTTPS is recommended for 46xx IP telephone software file transfers because it provides
better performance and security than TFTP and is supported on all S8xx0 series Media Servers
running Communication Manager 2.1.1 or later releases.
Transport Layer Security (TLS) is a protocol that enables authentication and data encryption
over insecure networks. TLS runs on top of TCP and adds security to any protocol that uses
reliable connections. It is most commonly used with HTTP to form HTTPS.
When using Avaya S8xx0 Media Servers to download 46xx IP telephone software via
HTTP/HTTPS, the telephone configuration files are transferred using the HTTP over TLS
(HTTPS) protocol and the software binaries are transferred using the HTTP protocol. This is
done for performance reasons since HTTPS is slower than HTTP and the software binaries are
large.
Avaya 46xx IP telephones establish encrypted TLS connections only with servers using Avaya
signed digital certificates. This limits the servers that can be used for HTTP/HTTPS 46xx IP
telephone software downloads to Avaya S8xx0 Media Servers.
9. Media Server Performance Impact
9.1. TFTP Performance
46xx IP telephone software file transfer impact to processor occupancy on Media Servers is
much greater when using TFTP opposed to HTTP/HTTPS. For this reason, it is recommended
that HTTP/HTTPS is used whenever possible. Furthermore, use of TFTP file transfers on an
Avaya Media Server are only supported on an S8300B or later S8300 Media Server running
Communication Manager 2.1.1 or greater and only when 20 or fewer 46xx IP phones are using
the Media Server to obtain software updates. If software updates are provided to more than 20
46xx IP telephones it is likely the Media Server will go into an overload condition and the ability
to process calls will be negatively impacted, or the media server will reset.
9.2. HTTP/HTTPS Performance
HTTP/HTTPS is recommended for 46xx IP telephone software file transfers because it provides
better performance and security than TFTP and is supported on all S8xx0 series Media Servers
running Communication Manager 2.1.1 or later releases.
It is strongly recommended that using Media Servers for HTTP/HTTPS file transfers is limited to
configurations where files are transferred to 300 or less telephones. This limit is necessary
because transfers to more than 300 telephones can cause timeouts and some telephones might
abort the software update leaving older software on the telephone.
Performance measurements were taken using an Avaya S8500 Media Server. Testing included
12 real telephones and all remaining phones were simulated with a test script. The following test
results were obtained:
1. 0 to 300 telephones took up to 5 minutes for all phones to download new software and
come back into service. Processor occupancy increased 7 to 10% briefly a couple of
times during the 5 minute interval.
2. 400 to 1,000 telephones took up to 8 minutes for all telephones to come back into service.
Most of the phones downloaded new software prior to coming back into service, but a
number of them did not. This is due to a timer in the phone that aborts the software
update if the 46xxupgrade script is not transferred in a given amount of time. Some
phones were blocked from transferring files until this timer expired and were brought