Cloud Connect Operation Overview

October 2021

8AL90354ENAA Ed. 6
Legal notice
www.al-enterprise.com The Alcatel-Lucent name and logo are trademarks of Nokia used under license by
ALE. To view other trademarks used by affiliated companies of ALE Holding, visit: www.al-
enterprise.com/en/legal/ trademarks-copyright. All other trademarks are the property of their respective
owners.
The information presented is subject to change without notice. Neither ALE Holding nor any of its affiliates
assumes any responsibility for inaccuracies contained herein.
© 2021 ALE International, ALE USA Inc. All rights reserved in all countries.

Disclaimer
While efforts were made to verify the completeness and accuracy of the information contained in this
documentation, this document is provided “as is”. To get more accurate content concerning Cross
Compatibilities, Product Limits, Software Policy and Feature Lists, please refer to the accurate documents
published on the Business Partner Web Site.
In the interest of continued product development, ALE International reserves the right to make
improvements to this documentation and the products it describes at any time, without notice or
obligation.

The CE mark indicates that this product conforms to the following Council Directives:
• 2014/53/EU for radio equipment
• 2014/35/EU and 2014/30/EU for non-radio equipment (including wired Telecom Terminal Equipment)
• 2014/34/EU for ATEX equipment
• 2011/65/EU (RoHS)
• 2012/19/EU (WEEE)
 Table of
contents
Cloud Connect Operation Overview

1 Cloud Connect Operation target ......................................... 5

2 Cloud Connect Infrastructure Overview ............................. 6

3 Cloud Connect Operation connection First Time

registration (FTR) .................................................................. 8

4 Cloud Connect Operation services ................................... 10

4.1 Cloud Controlled License: Right To Run (RTR) ............................................. 10
4.2 Fleet Dashboard ............................................................................................... 11
4.2.1 List of product & support of Indirect Resellers .................................................. 12
4.2.2 Fleet functions .................................................................................................. 12
4.3 OXO Connectivity application ......................................................................... 13
4.3.1 Overview .......................................................................................................... 13

5 Cloud Connect product identity ........................................ 14

5.1 CC-SUITE-ID ..................................................................................................... 14
5.2 CC-PRODUCT-ID .............................................................................................. 14

6 Cloud Connect security ..................................................... 15

6.1 Infrastructure Security .................................................................................... 15
6.2 Operations Security ......................................................................................... 15
6.3 Network Security.............................................................................................. 15
6.3.1 External network interfaces .............................................................................. 15
6.3.2 Requirements for customer environments........................................................ 16
6.3.3 Transport Layer Security: TLS protocol properties ........................................... 17
6.3.4 SOCKS5 encryption properties ........................................................................ 17

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 3/19

 Table of
contents
Cloud Connect Operation Overview

6.3.5 Applications Services Security ......................................................................... 17

7 CCO data privacy ................................................................ 19

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 4/19

 Chapter

1 1 Cloud Connect Operation target

Cloud Connect Operation (CCO) addresses the growing demand to accommodate new ways of delivering
Services and Products, regardless of commercial models (market segment, offer, GTM and distribution
mode).
Cloud Connect transforms Alcatel-Lucent Enterprise (ALE) products into “Connected Products”, in order
to help you:

• Upsell and leverage your ALE installed base, thanks to fleet analytics Keep
contact with deployed system / business analytics / usage monitoring
• Increase your margin through easier operations and reduce TCO
Simplify BP operations
• Increase your ARPU thanks to additional added value services
Target in future: Upcoming a la carte service such as Fraud Detection, Security Assessment,
Alarming, …
The CCO infrastructure provides a common infrastructure to efficiently deliver services. Systems are
securely connected to ALE CCO infrastructure over an IP infrastructure, to benefit from outcome-based
services hosted in the cloud.
The permanent and secured link particularly suits for remote management operations and enables further
value-added Cloud services.
Although the following examples are not exhaustive, such services notably encompass VPN opening
(OXO connect only) request for advanced system control, metrics collection, controlling a product right to
run, checking a product state…

For additional information about VPN and OXO Connect, refer to the document: Cloud Connect VPN
Server Reference Design for OXO Connect:
https://myportal.al-enterprise.com/alebp/s/PN/8AL91215ENAA

This document presents the reference design to be used for the VPN server configuration in the Cloud
Connect solution.

For additional information about OXE services, refer to the document: OmniPCX Enterprise - System
Services - 8AL91000USAJ – section 24 Cloud Connect Services.
https://businessportal.al-enterprise.com/8AL91000USAK

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 5/19

 Chapter

Cloud Connect Infrastructure

2
2

Overview

The Cloud Connect Operation Infrastructure (CCOi) hosts the set of services that BPs can run through
an ALE Web Portal. Cloud Connect Operation Infrastructure collects and processes information from both
connected systems, and ALE IS/IT databases such as eBuy and Business Store.
Cloud Connect infrastructure does also set up, maintain, and monitor the link towards connected systems
at customer premises. A unique identification of each connected product, combined with outgoing flows
from customer’s system towards ALE CCOi, leads to a state-of-the-art security level, besides a non-
intrusive solution on customer LAN.
The Cloud Connect Infrastructure is operated by Alcatel-Lucent Enterprise, with a hosting in UE.
ALE International (“ALE”) is committed to abide to the European Union General Data Protection Regulation
(“GDPR”) whereby the actions specified below are completed and will continuously be managed by ALE to
comply with the requirements of GDPR applicable to ALE. Reference: Affidavit for GDPR
compliancy_v010318.

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 6/19

Chapter 2 Cloud Connect Infrastructure Overview

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 7/19

 Chapter

Cloud Connect Operation connection

3
3

First Time registration (FTR)

To log to the CCOi, a product relies on a unique and immutable credential called CC-Product-ID,
computed by the ordering chain, and a password. It remains unchanged after upgrades. Only the
password may change over time.
FTR is in charge of setting up the “communication link” between the system at customer premises and
ALE CCOi; this notably means retrieve the secured credentials.
The FTR process behavior is product dependent:
• OXO: To retrieve this CC product identity 2 methods are possible for OXO connect:
BTS mode is Built To Stock mode.
BTCO mode is Built To Customer Order.

1) BTS mode with customer reference in OXO. The customer reference is fleet_ref+install_id. New from
OXO Connect R3.0.

Installer must enter in the OXO Connect product fleet_ref+install_id and the BP must associate the
same fleet_ref+install_id as in eLP for this installation.

The product has a hardware identification, the product when it connects to the FTR service delivers
it’s the fleet_ref and Install_id entered by the installer on the product and FTR retrieves the CC-
PRODUCT-ID from information provisioned by eLP (association of fleet_ref + install-id to CC-
PRODUCT-ID). The FTR sends the product identity (credential)

2) OXO Connect installation with the same CPU-id as the CPU-id declared in eLP by BP or by EMS
(BTCO) for this installation. mode with CPU-ID.

As the product has a Hardware identification: the product when it connects to the FTR service
delivers its Hardware Identifier (HW-ID/CPU-id) and the FTR service retrieves the CC-PRODUCT-ID
from information provisioned by the eLP (association of the HW-ID with the installation CC-
PRODUCT-ID). The FTR sends the product identity (credential).

OXO Connect in BTCO uses this method thanks to its CPUID. This method is also used when the BP
associated itself a CPU-ID in eLP before installation.

• OXE: since OXE is mainly deployed in pure software mode, the FTR needs to be done once the system
is installed; as the CC-suite-id credential is part of the OXE license file, no additional information is
required to run the FTR process. However, according to specific needs, the CC-suite- id might also be
manually entered at FTR start.
Once retrieved, credentials are used to log in to the CCOi.
To configure FTR parameters, see the product’s documentation. The FTR service is operated by ALE
infrastructure.
After FTR, the CCOi, for security reasons, manages:
• Modification of the password used by the product to log in to the Cloud Connect infrastructure
• Configuration: FTR allows the product to accept only messages from known services and reject all
others (unknown services, hackers…)

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 8/19

Chapter 3 Remote Worker deployment using OPEN VPN

A product can be in one of the three following states:

• Connected: for FTR successfully done

• Hardware not installed: for software suite
• Hardware installed: waiting complete system integration

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 9/19

 Chapter

4 4 Cloud Connect Operation services

The following paragraphs briefly describe the set of services.

4.1 Cloud Controlled License: Right To Run (RTR)

Products often rely on hardware identifiers or dongles to lock licenses and avoid fraudulent usage. In a
more and more virtualized world, hardware identifiers are not available, and dongles are difficult to plug
in a data center.
For OXE, Cloud Controlled License, also known as RTR or dongle-less, removes the need for hardware
identifiers or dongles to ensure that a given product with its appropriate license runs only once. If
fraudulent usage is detected, or if, for any reason, a product must be decommissioned, this service
restricts product usage.
Fraudulent use detection does not replace licenses at product level. Licenses are still controlled by the
existing mechanisms at product level. RTR acts as an on/off switch, it either gives the product the right
to run according to its license file or blocks it.
RTR (Right to Run process) is automatically started after a successful FTR.

A product using CC/RTR can be in one of the three following states:

 Connected (MLE) – blue: RTR is ok, obviously after a successful FTR (According to current
architecture constraints, such an information might be 24 hours late)
 Not connected – grey: product not cloud connected to ALE.
 Qualifying period (MLE- orange: means the RTR keep alive has not be seen for +72 hours,

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 10/19

 Chapter 4 Cloud Connect Operation services

and within a maximum duration of 20 days. A dedicate highlight needs to be displayed for
products owning a single CC_pdct_ID
 Duplicated (MLE) – red: the CC_pdct_ID and unique token are already used by another
product, which either means a wrong use of this credential or a real hacking; products with the
same CC-pdct-ID will be set in qualifying period.
This status overcome the ”soon blocked” one.

 Soon blocked (MLE) – red: means the RTR keep alive has not be seen for +20 days and has
not yet reach the “panic state” (=30 days): in other words it’s extremely urgent to react before
reaching the OXE “panic” mode.
An email notification is sent once a day to the address configurable in fleet dashboard in the
field Email Notification.

 Blocked-Panic (MLE) –black: no connection from the product for +30days, means the product
is probably running in reduced mode (i.e. Mainly only emergency calls are allowed)

The only way to exit from panic state is to perform a successful FTR with pin code. In case of
detection of duplicated products, the right BP is able with ALE help desk support to perform a new
FTR, FTR with pin code, to legitimate the right product.

4.2 Fleet Dashboard

Fleet Dashboard (https://fleet-dashboard.al-enterprise.com) is a web portal accessible by BPs to manage
their fleet of products.

Fleet dashboard displays all BP’s products, so called BP’s fleet (Products with Cloud Connect
connectivity and products without Cloud Connect connectivity (OXE & OXO Connect). A snapshot of the
landing page is provided above.

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 11/19

 Chapter 4 Cloud Connect Operation services

4.2.1 List of product & support of Indirect Resellers

Fleet Dashboard has been opened to Indirect Resellers (IR).

The fleet dashboard displays (default views):

• OXO Connect & OXE products view per BP applicants.
• OXO & OXE delegated products (The delegation of systems gives capability for Indirect
reseller to manage their own products in the fleet dashboard.)
LIST object is introduced to allow additional fleet dashboard view:
• OXO list is hierarchical two levels: list/fleet_ref (mandatory), subfleet_ref (optional).
• OXE list one level: list/fleet_ref

List management:
• Create/Read Lists (OXE & OXO Connect) by BD admin in fleet dashboard
Add/Remove systems to list:
o Via selection of OXE systems in fleet dashboard by BP admin. An OXE is
associate to one or several lists name per configuration in the fleet dashboard by a
BP admin.
o Via OXO configuration of list references inside OXO connect. An OXO Connect is
associate to one fleet_ref/subfleet_ref per configuration in the OXO Connect
product by BP technician.
• BP admin gives lists visibility to BP user in Business store

Management of lists for IR

• A VAD BD admin can Grant OXE lists visibility to IRs in fleet dashboard
• An IR BP admin can create list for himself. Either fleet_ref/subfleet_ref of IR, or
subfleet_ref of IR attached to fleet_ref of VAD.

Inside the fleet dashboard more description is available in the FAQ section.

4.2.2 Fleet functions

Fleet Dashboard access is based on Business Portal Identity.
The fleet dashboard gives the following views and capabilities:

a) Home page view:

1. The fleet dashboard gives the list of the products SMB OXO Connect and MLE managed by the user
with some information on each and on the fleet: Cloud connected ratio, SPS coverage ratio, Systems
ratio with supported SW, Incidents, RTR status etc...
2. For each product, some details field could be display in this home page. The BP user can select the
field to see.
In addition to columns such as type of product, release, CPU_id, Fleet_ref,Subfleet_ref,Install_id
… (please connect live to see exhaustive list and their purpose through tooltips), you can notably
see:
i. Customized 1 & 2: two free columns that can be used at BP’s convenience
ii. Right to Run status: shows the “cloud controlled license” status and highlights any issue
iii. Support contract status and end date if active
8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 12/19
 Chapter 4 Cloud Connect Operation services

b) OXE offer file: The user can select an OXE and retrieves the live “offer files” through a click:
downloaded files will be stored at usual browser location (eg “download folder”). The user can then
run an Actis quote, ensuring he owns the latest system configuration. He can also upload in OXE
the latest offer
c) OXE & OXO inventory: The user is able to select one or several systems to access
devices/terminal, Licenses, Trunk, Shelve/board details…
d) Access from fleet dashboard to OXO Connectivity: from fleet dashboard home page, by selected
one OXO Connect product access to the OXO connectivity application for detail of the selected
product and some actions like get offer file, VPN…
e) OXO Connect & OXE last incident date: The goal is just to have a field “Last Incident Date” in the
Home Page, indicating the date of the last incident collected on the product. The events are
collected by the Data collector. It will be possible of filtering and sorting on this fields.
f) OXO Connect walled garden view: CF FTR explanation
g) OXE remote console: A BP user with privileged “advanced”, can start a remote maintenance
operation from Fleet Dashboard, on any systems that are connected to ALE Cloud infrastructure
and owning a valid Support. This feature offers the equivalent of an OXE ssh or telnet remote
console, to be able to launch online commands or tools (e.g. MGR tool for configuration, incident
tool, …). Savings: no needs to go onsite nor to install a dedicated VPN per customer, quicker
reaction time to customer request.
For security reason, only one connection is possible at a time.
h) Software update: From Fleet dashboard it is possible for a BP with privileged advanced to ask for
a software update. A BP can request for a selected list of connected systems an update to the last
official version in the same release branch for the product specific markets.

4.3 OXO Connectivity application

4.3.1 Overview
The OXO Connectivity application allows an authenticated BP user to select one product CC-
PRODUCT-ID and the associated OXO Connectivity application services for this product.
The OXO Connectivity application provides the following services:
a) Get offer file
b) Inventory (HW, device, SIP GW, VOIP resource, license, backup)
c) OXO remote management IP connectivity
d) Logs (reset, alarm, session, VPN, migration, license)

For detail see the documentation 8AL91216ENAA

https://myportal.al-enterprise.com/alebp/s/PN/8AL91216ENAA

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 13/19

 Chapter

5 5 Cloud Connect product identity

The Cloud Connect ID is the CC-PRODUCT-ID derived from a CC-SUITE-ID.

OXE embeds the CC-SUITE-ID in its license file ( .swk file); this notably eases the FTR process
described in Cloud Connect Operation connection First Time registration (FTR) on page 7.
The CC-PRODUCT-ID is not derived and is independent from the CPUI-ID, if existing.

5.1 CC-SUITE-ID
This ID is computed by eLP during the order process. The syntax of the CC-SUITE-ID
is:
ADCBE-FGHIJ-KLMNO-PQRST
A 23-character string where A..T represents a hexadecimal digit (from “0” to “9” and “A”
to “F”) in upper case. The 20 hexadecimal digits are packed 5 by 5 and separated by
hyphens “-“.

5.2 CC-PRODUCT-ID
This ID has the following syntax:
CC-SUITE-ID + “-“ + product-type
Example (for OXO Connect): af76e-05961-da1c1-de028 -1

The product-type values are:

 Product Comment
1 OXO-Main used for OXO Connect
3 OXE Virtualized or not

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 14/19

 Chapter

6 6 Cloud Connect security

Cloud Connect Operations is part of the ISO27001:2013 certified perimeter of ALE International
https://www.al-enterprise.com/en/company/news/iso-27001

After the new edition Add the link to the document: OXO Connect & OXE-What about your data
The following chapter gives an overview and summarizes the main security aspect in CCO.

6.1 Infrastructure Security

All the CCO data centers are located in European Union countries (. The CCO data centers hosting
providers are ISO 27001 certified with:
Security controls covers
• Physical Access Control to the infrastructure sites
• High availability controls against physical threats and disasters
• Continuous resource monitoring for permanent availability/resiliency of the infrastructure
• Logical in depths defense against network DoS/DDoS threats
• Perimeter security protection with Firewalls and multi-tier architecture

6.2 Operations Security

CCO requires strict personnel and change control policies supported by
• ALE Organization security policy, covering
• Human resource security
• Assets management
• Access control policies / high privilege management
• CCO operational security
• Software Change control
• Configuration control
• Backup / business continuity
• Software patching / vulnerability management

6.3 Network Security

6.3.1 External network interfaces

Server authentication: The PBX product, aka device, authenticates the CCO infra server thanks to its
server certificate. The server certificate is issued by ALE CCO Certificate Authority kept under the
responsibility of CTSO and installed by CC infra owner. The device embeds the required certificate
“trust store” related to this certificate authority. The trust store must be dedicated to the CC SW client
in the device.
Devices authentication: Since CC client authentication is performed through application link, there are
no requirement to use client certificates on products -> no trust store to manage on CC infra servers
8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 15/19
 Chapter 6 Cloud Connect security

for this purpose.

Application User authentication: user authentication is performed through login/pwd credentials
passed at the application level.

Security protocol: All traffic between product and server is relies on TLS. TLS configuration of XMPP
server follows up to date security standards: TLSv1.2.
Device software download: OXO Connect & OXE can get its software from the network through
HTTPs connection on a repository available from Internet. Encryption and authentication are not a
requirement on this link. Integrity controls mis provided thanks to signature based mechanisms on the
software installation.
The products OXO Connect & OXE will used additional external secured connections to ALE CCO
infrastructure
i. SOCKS5: strong payload encryption to deliver end to end data integrity and confidentiality
ii. IPSec: on demand restricted IPSec VPN outgoing connection from the customer site to the BP
network to maintain a full secure OAM&P link to the customer device.

6.3.2 Requirements for customer environments

CCO targets a low-level footprint on the customer network security policy, but it requires the following
environment conditions to allow traffic from CPE device to CCO infrastructure.
ALE devices must have access to the Internet for reaching the public CCO infrastructure. The Customers
Network Border Gateways & firewalls must allow outbound connections to CC op infra public IP. Outgoing
connections must allow the device to
• resolve FQDN of a public resource, with DNS resolution to port 53/udp
• connect to CCO infra on XMPP over WSS port 443/tcp. CCO URL is connect2.opentouch.com
• connect to CCO infra on SOCKS5 with AES-GCM mode cipher port 80/tcp. The firewall must have
authorized SOCKS5 on this port.
• connect to BP VPN Gateway on IPsec port 500/udp & 4500/udp, for OXO Connect VPN management
link
• connect to Software Repository on HTTPs port 443/tls, for OXO Connect software download

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 16/19

 Chapter 6 Cloud Connect security

6.3.3 Transport Layer Security: TLS protocol properties

TLS protocol is favored to secure the communication interfaces, with following SSL/TLS Policy
• No plain-text connection from the Internet
• TLS enforced for using secure WebSockets
• TLS services are served by a dedicated network security gateway on CCO infra public interface
• 509v3 digital certificates managed within ALE proprietary PKI (see chapter server authentication)
• Minimum 2048 bits-RSA key pairs with RSA-SHA256 signature
• Trust store management on both ends using certificate pinning
• Manufacturer PKI with multilevel security grade on Certificate Authority protection
• SSLv2/SSLv3 disabled in favor of TLS 1.2
• No support of deprecated/vulnerable protocol versions
• No support of deprecated/vulnerable ciphers: no RC4, no DES/3DES, no md5
• Safe against all recent protocol vulnerabilities: DROWN, POODLE, HeartBleed

6.3.4 SOCKS5 encryption properties

Applicative encryption with AES-GCM mode cipher on SOCKS5 connection

6.3.5 Applications Services Security

6.3.5.1 XMPP services

The Cloud Connect infrastructure uses XMPP as a message exchange protocol between the OXE/OXO
Connect products and the CCO infra:
• Relying on standard XMPP server implementation + additional application services
The XMPP standard is an Extensible message oriented middleware platform, It is Open standard / Mature
& Flexibility. XMPP authorized Security (TLS, SASL) addressed with dedicated XEP with Support of
NAT/Firewall traversal

6.3.5.2 Product OXO Connect & OXE: Application Protocol Security – XMPP

6.3.5.2.1 Server Authentication (Infrastructure)

The whole stream between product and server is authenticated and encrypted with TLS
TLS configuration of XMPP server follows latest security standards, RFC 5246
There are Client Authentication (Product) and supports of security standards RFC 4422:
• RFC 5802 performed after TLS secured connection
• User authentication with SCRAM-SHA1 mechanism

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 17/19

 Chapter 6 Cloud Connect security

• XMPP credentials (login + password) are unique and server-side generated with strong password
policies
• XMPP ACL enforced to prevent non-authorized IQs to be forged with Service application service file
provisioning

6.3.5.2.2 Application Protocol Security – SOCKS5

Encrypted channel data with state of the art AES256-GCM cipher

Key exchange performed within the WSS/XMPP control channel
Key and IV (Initialization Vector) randomly set for each session

6.3.5.2.3 Application Protocol Security – IPsec VPN (OXO Connect only)

Cloud Connect Operations provides the remote connection capabilities with IPSec VPN through OXO CC
Connectivity
VPN creation request is initiated by OXO Connect, by triggering an IKE negotiation with the VPN gateway
VPN is based on the IPsec protocol in tunnel mode
Support of IKEv1 and IKEv2 (IKEv2 recommended)
VPN Gateway located on Business Partner premise
Supported gateways, tested with OXO Connect
FORTINET Fortigate 60D
Fortigate Virtual Appliance
Documentation available with OXO Connect - 8AL91215ENAA, VPN server reference design for OXO
Connect. https://myportal.al-enterprise.com/alebp/s/PN/8AL91215ENAA
This document presents the reference design to be used for the VPN server configuration in the Cloud
Connect solution.

6.3.5.2.4 IPsec VPN parameters security (OXO Connect only)

Securing IPSec parameters storage
Secure storage: Encrypted storage in Cloud Connect Operation infrastructure
Secure profile sharing: Export/import functions allow reusing VPN profile parameters with OXO
Connectivity user for without disclosing parameters values

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 18/19

 Chapter

7 7 CCO data privacy

ALE International (“ALE”) is committed to abide to the European Union General Data Protection Regulation
(“GDPR”) whereby the actions specified below are completed and will continuously be managed by ALE to
comply with the requirements of GDPR applicable to ALE. Reference: Affidavit for GDPR
compliancy_v010318

After the new edition Add the link to the document: OXO Connect & OXE - What about your data
Alcatel-Lucent OXO Connect - What about your data?

• for OXE12.0 or 12.1:

related to RTR: “The OXE product sends its CC-SUITE-ID identity periodically, to the RTR CCO service
and the product’s authorized duration value know by the product. The RTR service answers to the
product with a new product’s authorized duration value. This value could be identical, increase or
decrease compare to the value sends by the product. The product’s authorized duration value is
decremented in the product in case the RTR does not answer. No any other data (for example personal
data like phone number, name etc..) are exchange between the product and the RTR service in CCO.
RTR is the only service activated.”
no data is collected in OXE.
• for OXO Connect:
All the data collected by OXO Connectivity application are visible in the OXO Connectivity web pages.
All data are readable and can be download from the OXO Connectivity application. No other data are
accessible via CCO from the OXO Connect product.
• for OXE >=12.2
For OXE: All the data collected by CCO are not visible in fleet dashboard web pages. The data not
visible are only technical data.
RTR is identical to CCO 1.0.
• for OXO Connect >=3.0 For OXO Connect: All the data collected by OXO Connectivity application are
visible in the OXO Connectivity web pages or fleet dashboard web pages. All data are readable and can
be download from the OXO Connectivity application.

END OF DOCUMENT

8AL90354ENAA Ed. 6 - October 2021 – Cloud Connect Operation Overview 19/19