Securing Device Communications

VoiceConsole offers an option in creating device profiles to use Secure Sockets Layer (SSL) communications between VoiceConsole and Talkman devices. See Security Considerations to understand how device communications fits into a secure Honeywell Voice Maintenance & Inspection Solution.

Communication Protocols with Devices

VoiceConsole contains a parameter for selecting a secured or non-secured protocol for device communications. If you plan to use SSL-secured communications between VoiceConsole and the devices worn by technicians, you must select the HTTPS option in this field. The default setting is HTTP.

  1. In the VoiceConsole Device Management tab, navigate to Device Profiles.
  2. Click the Create new device profile action link.
  3. Complete the required fields in the device profile wizard.
  4. On the Configure Profile page of the wizard, open the Network Configuration tab.
  5. Select the appropriate protocol from the Device to Console Communications drop-down menu.
  6. Before finishing the device profile, ensure that you have included all required parameters. Settings cannot be edited in a device profile once it has been created.

This parameter tells the voice process software running on the devices to use either the HTTP URL or the HTTPS URL for communicating with VoiceConsole.

Date/Time Considerations for Secured Communication

When a Talkman device powers up, it will attempt to contact an instance of VoiceConsole on the wireless network. If VoiceConsole is configured for SSL-secured communications, it has an HTTPS certificate installed with a specific expiration date. The date/time on the device must fall within the date range of the certificate; if it does not, the connection to VoiceConsole fails.

On an initial boot of the device or the first time a device powers up after being unused and uncharged for a long period of time, it does not have a date/time history to make that first connection with VoiceConsole. Instead, the device attempts to obtain the current date/time from the Microsoft time server, time.windows.com, by default. If your network does not allow access to the default time server, configure an NTP (Network Time Protocol) server on your VoiceConsole server or elsewhere on your wireless network.

The time from the NTP server should be close enough to VoiceConsole time that the certificate will allow the device connection. When the device successfully contacts VoiceConsole, it obtains the remaining time information it needs to function for inspection assignments—the VoiceConsole date/time, if daylight savings time is in effect or not, and the time zone.

Enabling NTP in a Device Profile

  1. In the VoiceConsole Device Management tab, navigate to Device Profiles.
  2. Click the Create new device profile action link.
  3. Complete the required fields in the device profile wizard.
  4. On the Configure Profile page of the wizard, open the Network Configuration tab.
  5. Check the Enable NTP Client checkbox.
  6. If your network restricts Internet access, replace the default server (time.windows.com) with the address of your local NTP service.
  7. Before finishing the device profile, ensure that you have included all required parameters. The settings cannot be edited in a device profile once it has been created.

If you power up a Talkman device that cannot match the certificate date and connect to VoiceConsole, you must perform a device profile load via serial cable. See Configuring Talkman Devices