Avaya to Push SAL 2.x Upgrades for SHA-2 Compliance

    By: Steph Lanzarotti on Aug 16, 2016

    Effective Oct. 3, 2016, Avaya will begin executing a remote agent push of the SHA-2 software to all customers with Secure Access Link (SAL) 2.0-2.3 gateways. Avaya is doing this to address the SHA-2 security issue described in PSN004539u and to avoid a potential loss of all remote access to your Avaya solution. Customers that have already upgraded to SAL 2.5.2+ will not receive this remote agent push. Customers with SAL 1.x gateways and Secure Services Gateways (SSG) will still need to perform upgrades to the latest release of SAL prior to the Oct. 1, 2016, end of support date or they will lose all remote connectivity when Avaya shifts to SHA-2 security certificates.

    While Avaya originally communicated the need to upgrade SAL Gateways to be SHA-2 compliant in July 2015, thousands of SAL Gateways have still not been upgraded. In response, Avaya has devised this “push” method, which cannot upgrade the whole SAL Gateway but can ‘’push” a new agent to the SAL gateway for SHA-2 compliance. Once the agent is pushed to a SAL Gateway, that gateway cannot be updated or upgraded until the release of SAL Gateway 3.0 (targeted in fiscal year 2017). The best practice continues to be to perform a standard upgrade of SAL Gateways using the Upgrading Secure Access Link (SAL) Gateway for SHA-2 Security Compliance Playbook. However, this push method is necessary in order to ensure that all SAL Gateways are upgraded and operational when the shift to SHA-2 is made in late December 2016. Read the SAL Gateway Remote Agent Push PSN004788u for detailed information on the remote agent push to customers.

    If you are confident that you will perform the manual SHA-2 upgrade to your SAL 2.0 – 2.3 Gateway(s) by Oct. 1, 2016, you may opt-out of the remote agent push by completing the Avaya SHA 2 automated SAL Gateway Upgrade Opt Out Form and emailing it to optoutsha2push@avaya.com no later than Sept. 30, 2016. If you would prefer to have this remote agent push prior to Oct. 1, 2016, please fill out the Avaya SHA 2 automated SAL Gateway Upgrade Early Adopter Form and email it to earlyadopters@avaya.com prior to Sept. 9, 2016.

    If you do not take action and choose to not accept the Avaya remote agent push, your system will lose all remote connectivity when Avaya shifts to SHA-2 certificates, including remote access by Avaya Support engineers, alarm monitoring and resolution by Avaya EXPERT SystemsSM, and diagnostic capabilities like the Configuration Validation Tool.

    Additional information is available by visiting Upgrade to the Latest Version of SAL to Avoid Service Disruption on the Avaya Support Website. If you cannot find an answer to your question, please send an email to SHA2Compliance@avaya.com.

    Released: August 16, 2016, 6:27 am
    Keywords: Announcements | Avaya | SAL | SAL Gateway



    Copyright © 2017. The International Avaya User Group. All Rights Reserved

    All material, files, logos and trademarks within this site are properties of their respective organizations.


    Terms of Service - Privacy Policy - Contact