This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Wolfgang
Authority
Authority
‎2020-10-20 12:24 AM
Jump to solution

license maestro

Hello Checkmates,

how about licensing of the individual appliances in a Maestro environment.

Do I have to follow How to apply a license on a Maestro Security Gateway - Offline Procedure for every appliance, this is a manual process ?

How about the contract files, should it be added too and how about if a new subscription starts ?

How about later added appliances if there a different subscription dates ?

If one of the aplliances has no subscription for a specific blade but other has, are these blades deactivated on this appliance and not enforcing these security features?

( we had this problem because of a problem in Check Points license center )

Thanks

Wolfgang

0 Kudos
1 Solution

Accepted Solutions
Maarten_Sjouw
Champion
Champion
‎2020-10-20 01:11 AM
Jump to solution

You have to apply each license to each and every appliance, on top of that when you have a faulty license on a box, it is also stored on the SMO, so you need to remove every license that you need to delete with the g_cplic del <key> command, otherwise it will be back within 10 minutes.

For contractfiles I would expect the same goes there, also when a subscription is extended. On top of that when you use VSX and you want to use any of the blades, the VS0 need access to the internet to check on the contracts.

When you have an appliances that is not following the rules, for instance when you have VSX and 1 of the appliances has 2 licenses on it, one with and one without the VSX balde  added, you cannot install any policy to that security group untill you resolve this issue, same for a license with any HA reference will not allow installation untill it is removed.

When one appliance has no license for a specific blade, to my knowledge it will just not work on that appliance.

Regards, Maarten

View solution in original post

3 Replies
Maarten_Sjouw
Champion
Champion
‎2020-10-20 01:11 AM
Jump to solution

You have to apply each license to each and every appliance, on top of that when you have a faulty license on a box, it is also stored on the SMO, so you need to remove every license that you need to delete with the g_cplic del <key> command, otherwise it will be back within 10 minutes.

For contractfiles I would expect the same goes there, also when a subscription is extended. On top of that when you use VSX and you want to use any of the blades, the VS0 need access to the internet to check on the contracts.

When you have an appliances that is not following the rules, for instance when you have VSX and 1 of the appliances has 2 licenses on it, one with and one without the VSX balde  added, you cannot install any policy to that security group untill you resolve this issue, same for a license with any HA reference will not allow installation untill it is removed.

When one appliance has no license for a specific blade, to my knowledge it will just not work on that appliance.

Regards, Maarten
Gojira
Collaborator
Collaborator
‎2023-03-10 03:58 AM
In response to Maarten_Sjouw
Jump to solution

Thanks for this.. Was banging my head against the wall seeing the license return every minute!!

0 Kudos
Sven_Glock
Advisor
‎2023-03-28 01:45 AM
Jump to solution

In my environment fetching licenses after configuring a proxy is working sometimes, but somehow it is now working always.

Especially when adding new sgms to an existing security group with VSX I already had some strange behavior when automatic pull is not working as expected. 
The new sgm stuck in pulling vsx config or trapped in some kind of boot loop.

So my recommendation is to add license manually.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
 
Upcoming Maestro Events

    CheckMates Events