Avaya SAL Gateway (Secure Access Link) is a remote connectivity solution used by Avaya to provide remote support for its products.

In addition to being a secure method, you do not need to locate the server in a DMZ network environment to keep the remote connection open. Configuring the firewall to only allow the outbound connections to the Avaya servers is enough. The only port you need to open as outbound is 443 (HTTPS).

Avaya SAL Gateway Network Topology
Avaya SAL Gateway Network Topology

Licensing

Avaya SAL Gateway does not require a special license. It is offered free of charge to every customer who has support maintenance agreement with Avaya.

Installation Options

Avaya SAL Gateway server can be installed in VMware as OVA since version 3.0. If you prefer not use Avaya modified OVA, you can install it as “Software-only” on top of Linux RHEL 7.

You can deploy SAL Gateway and Policy Server on one server or two separate servers for security reasons.

Avaya SAL Gateway System Requirements

*RecommendedRAMCPUDisk Space
Avaya SAL Gateway2 *4 GB1 *2 Core10 *40 GB
Avaya Policy Server2 *4 GB1 *2 Core10 *40 GB

Why is it Important?

When you install SAL Gateway, you use all benefits of your Avaya support agreement.

  • In the event of an incident, SAL must be installed to guarantee remote connection duration to your Avaya systems provided by Avaya.
  • In case of “data corruption” on the Communication Manager, the only option for the system engineer as the remote connection method is SAL.
  • If you activate the Alarming option after installing SAL, Avaya automatically creates service request and assigns an engineer in case of any major alarm from Avaya products. Even before you or your partner becomes aware of the problem, Avaya Engineer will contact with the business partner.
  • When you activate SAL GW, you can request “health check” to your systems via Avaya Support Portal. A series of commands are automatically run, to check the system operation is normal or not. The findings are shared with you in a report after health check finished.

Is Avaya SAL Gateway Secure?

  • All remote connection requests and commands used in the SSH session are logged.
  • A remote Avaya user can connect to the system without requiring to share any system user information. Avaya uses its own users with 2-factor authentication.
  • All communication is provided through TLS, end-to-end encrypted.
  • The remote engineer cannot establish another SSH connection from the server originally connected.
  • When you install Policy Server, it is asked your confirmation via mail before any Avaya engineer to connect to your system. The connection is not established until you confirm the remote connection through the Policy Server screen.

Conclusion

SAL is much more secure than all other remote connection methods.

Not only as a remote connection method, but also it is an added value for your data center in terms of continuity, monitoring system alarms and taking proactive actions before any incident occurred (Avaya EXPERTS system).

You can check the solution video from the link below;

https://www.avaya.com/en/videos/secure-access-link-video/0_nqkfpsdi/