Posted: August 21, 2012 Filed under: Avaya Blog Post | Tags: Avaya, EXPERT, maintenance, modems, SAL, secure access link, support, TTR, while you were sleeping
The following was originally posted on the Avaya site here and then again at the CIO Collaboration site here.
Dee boo Dee Dah Do …. Eeeeee-Oooooo-Eeeeeee … GHGHGHGHGHGHGHGHGHGH …..
When was the last time you heard the sound of a modem connecting? My first foray into modems was in high school, but was short lived as by the time I was in college, we had high-speed Ethernet in our dorm rooms and I could never go back to dial-up. The protocols used by these modems were last updated in 1999, 13 years ago. According to the 2010 United States Census, only 4.3% of households use dial-up access.
I bring this up to ask: Are you still using modems to service your Avaya hardware and software? Sure, modems are reliable and many IT departments feel safe being able to simply unplug their modem and know that they’ve closed a potential security hole. However, your Avaya solution is a 21st century technology; shouldn’t you be using 21st century technology to maintain it?
Avaya launched its Secure Access Link (SAL) in 2009, allowing customer and partners a secure but fast remote access solution. At the most basic level, SAL provides a remarkably secure method for authenticated Avaya Support Engineers and/or partners to access your deployed Avaya products. Beyond just a secure pipe between your enterprise and ours, it also has a good deal of value-add features that many come to rely on. In fact, in the years since Avaya rolled this out, the results have been quite remarkable (link):
- 21% faster resolution on Major outages
- 50%+ faster TTR on tier 4 engagements
- 74% fewer outages for solutions using EXPERT Systems SM, which requires SAL
Our customer base has over 125,000 devices connected via SAL at over 12,000 customer sites. This includes over 1,000 devices at 100 sites for the US Government.
The first thing a security expert needs to understand about SAL is that we use an egress-based connectivity model, which means all network communications take place over a single outbound HTTPS port from your centralized SAL Gateway server. In order to access a customer’s system, all Avaya engineers must be trained on the product in question and provide two-factor authentication before gaining access. As I wrote in a previous post, video is a great way to explain things, so below is a six minute video that fully explains this model:
Beyond just remote connectivity, SAL also provides a set of rich features to allow Avaya to provide you with a greater level of service (1):
- Inventory management of what Avaya solutions you have and their versions
- Automated diagnostics and resolution through Avaya EXPERT Systems
- Advanced troubleshooting scripts and tools to restore service and identify root cause faster
- Enables value-add services such as Operations Intelligent Suite (OIS),While You Were Sleeping reports, and more.
For those additionally security-conscious customers, a SAL policy server can be added to the solution, allowing you incredibly detailed control over access. For example, I met with a large US retailer recently and in order to meet certain regulatory recommendations, when Avaya wants access to their Communication Manager, Avaya has to call them, a series of calls are made to track the right person down (even worse on a weekend) and then once permission was granted, yet another person has to manually connect a modem to the server in question. With the SAL Policy Server, Avaya was able to integrate with the customer’s own policy server so that when a connection request is made, a set of IT employees is emailed for their permission, and once granted, the connection is automatically allowed. This deployment model is expected to dramatically reduce the time to resolution (TTR) for their issues.
For more on the Policy Server, we have put together the following video that covers additional Policy Server topics such as levels of access, white and black lists and time-of-day restrictions:
So, in the words of Jerry Maguire: “Help us help you”. Contact your Avaya Account Manager or your Avaya authorized partner and ask about deploying SAL in your environment. The software is free and self-installable on just about any server running Red Hat Enterprise Linux.
More on SAL:
(1) The features available vary amongst Avaya products.