The Enhanced Access Security Gateway (EASG) package integrates with CMS to provide secure authentication and auditing for remote access to maintenance ports. EASG authentication uses a challenge-response algorithm based on a token-based private key-pair cryptographic authentication scheme. You can view logs that include successful and failed login attempts, errors, and exceptions.

Service engineers can use EASG to access customer products. EASG supports permission levels such as init, inads, and craft.

On the CMS server, a dedicated EASG product certificate is installed in the /etc/asg directory. Use this directory for all associated files. The certificate uniquely identifies major CMS releases to the Avaya EASG server.

CMS derives the product certificate from the Avaya IT Root Certificate Authority (CA) and intermediate CAs. The Avaya EASG server uses these CAs to generate a response. CMS verifies the response using the public key in the EASG product certificate through the EASG Common Red Hat Package Manager (RPM). The CMS deployment includes the product certificate, so you do not need to perform any additional certificate configuration tasks.