This section provides an overview of secure zero touch provisioning (SZTP).
SZTP automatically loads version files (such as the system software package, configuration files, and patch files) when a newly delivered or unconfigured device is powered on.
During network device deployment, an administrator needs to perform software commissioning onsite after hardware installation is complete. If many devices are sparsely distributed on the network, the deployment efficiency is low and the labor cost is high as the administrator needs to manually configure each device.
Although the conventional ZTP function can be used to obtain version files from a file server and automatically load them, data may be transmitted insecurely (for example, the username and password are not encrypted or the server is forged). To address these issues, SZTP is introduced. It uses two-way authentication, data encryption, and other methods to ensure that devices can be deployed securely and reliably with low manpower costs and high efficiency.