Press Releases

Avaya Clients Take Action: SAL Gateway

May 13, 2016 | Posted by:
Casey Chaloux

Upcoming industry changes in SHA encryption standards will affect remote operations for the Avaya Aura Communication Manager family of products.  To maintain remote services provided by either Avaya or SPS, most existing implementations of Secure Access Link (SAL) gateway capabilities will require updates and upgrades.

Existing SAL capabilities are provided by client-premises implementations of SAL Gateway, Secure Services Gateway (SSG), and virtualized SAL capabilities.  Each enables Avaya and SPS to remotely connect to Avaya products for:

  • Monitoring of mission-critical solution elements
  • Alarm response services
  • Ability to remotely troubleshoot and resolve incidents
  • Remote administration

Older releases of these applications depend on the Secure Hash Algorithm 1 (SHA-1) standard to ensure the security of remote-access connections.  The industry’s move to the more-secure SHA-2 standard has prompted Avaya to announce End of Service for applications dependent on SHA-1.  SHA resolution strategies for Avaya products have been announced by the manufacturer.

To maintain the service levels that they have come to expect from SPS, clients will need to select and implement a remediation strategy by December 31, 2016.  Common SAL Gateway configurations are listed below, with remediation steps for each product:

Product Status Remediation
Secure Services Gateway Avaya is moving all releases and associated material codes to End of Support status, effective October 1, 2016.  Without remedial action, covered Avaya systems will “go dark” to Avaya and SPS on December 31, 2016, degrading the service level for these products. 

Upgrade and update SAL Gateway to:

  • Release 2.5
  • Service Pack 2 (SP2)
SAL Gateway 1.x
SAL Gateway 2.x All systems will require an upgrade to software release 2.5 with SP2.*
System Platform, vSAL

Avaya System Platform is an application virtualization suite that can be deployed to a client-sourced virtualization server or the embedded server provided by Avaya.

System Platform supports SHA-2 with releases 6.3.1 and higher.*

Upgrade and update System Platform as follows:

  • Release 6.3.1
  • Services Virtual Machine 3
  • SVM3 Service Pack 1 (SP1)
System Platform, Embedded

*NOTE:  Implementation of minor, “dot” releases is covered by SPS service offer “Minor Software Release Management”, if ordered.

For some companies, the most effective response to this upgrade event may be to migrate from an existing Embedded System Platform or vSAL to a stand-alone SAL Gateway that serves the client’s entire Avaya implementation.  Others may find the best value by upgrading to Avaya Aura Communication Manager release 7, which includes SHA-2 support.

If clients choose not to remediate the SHA-1 expiration issue, SPS and Avaya will continue to provide client-initiated phone support as provided under existing support contracts.  Without a SHA-2 certified SAL connection, remote monitoring, alarming, troubleshooting and remediation capabilities will be lost.

To explore any of the above options, clients should contact their SPS representative and request a proposal for the option best suited to their business. SPS has also prepared a new Q&A video to provide background on SAL Gateway and the options that SPS recommends to our clients:  SPS TechBeat: SHA Encryption Standards.

For reference:

SPS Headquarters
300 Littleton Road
Parsippany, NJ 07054
Phone: 888.777.7280
Office Locations

© 2017 Strategic Products and Services (SPS). All rights reserved worldwide.