Current challenges in Software License Management - and solutions

www.agilis-sw.com
Santa Clara, California, USA

Current challenges in software license
management - and solutions

Copyright © Agilis Software LLC 2010 Slide 1

About Agilis Software
• 8-year-old California company focused on developing and marketing license
management solutions
• A clean-sheet approach to software licensing:
– Internet, WANs, VPNs, firewalls, proxy servers are ubiquitous
– Reliable network connectivity cannot be assumed
– Selected standards for deployability, portability and interoperability (HTTP, RDBMS,
XML, Web Services, J2EE, ANSI C/C++, Java)
– Watchwords: developer/end-user ease-of-use, flexibility, extensibility, scalability,
openness, cost of operations/support, license lifecycle management
• Worldwide customer base:
– Customers include leading software / hardware vendors in Finance, Defense,
Networking, Semiconductor and other industries.
• Customer deployments in the most demanding environments:
– US and other defense forces, leading international financial institutions, US federal
security agencies, ...


Agilis’s license management solutions

EasyLicenser is an easy-to-use, Standalone license management
flexible software license manager solution suitable for:
- Standalone desktop applications
- Multi-threaded server applications

Orion is a flexible, secure and Network licensing solution suitable
powerful Internet-generation for:
network licensing platform - Internet-based product activation
- Internet/intranet-based floating
licensing

Acropolis is an on-demand Managed licensing solution for:
managed service for hosted Orion- - Eliminating hosted license
based licensing server hardware, software,
operations and support costs

Acropolis Integration Manager is Automation of license lifecycle
an on-demand licensing lifecycle management for applications
management service protected with Orion, EasyLicenser
and legacy key-based systems


Automating node-locking

Problem:
Manual node-locking is time-consuming, inconvenient and error-prone

Solutions:
• Product activation from a hosted license server
• Product activation on disconnected systems
• Deferred node-locking
• User self-service node-locking


Product Activation overview – with an
Internet connection
ISV or Email with the Product
- Customer Serial Number
- Address
reseller
- Products Protected desktop,
- ..... server application
Order Management
System

1. ISV/reseller receives an order and configures the
License license in the hosted Orion server under a unique
configuration Product Serial Number.
Internet
2. The Product Serial Number is sent to the user.
Orion 3. The user installs the application, and is prompted
License to enter the Product Serial Number.
Repository License check
Database
Orion Server 4. The licensing software contacts the Orion server
to check the license is available, and obtains the
license limits.
Product X
- Trial domain 5. The license limits, and the target system locking
- Email address #1 parameters, are encrypted in a local Activation
- Email address #2 Record.
- ……….
- Production domain 6. Each time the application runs it interrogates the
- Product Serial #9876 local Activation Record to obtain the license
- Product Serial #8465 limits and check the locking parameters.
- ………..
Product Y
- .... Copyright © Agilis Software LLC 2010 Slide 5

Key benefits of Orion-based product
activation
• Many license models: trial, subscription, feature-based, usage-
based (metered or debiting)…
• Automatic activation on connected systems, with ‘Fuzzy
Fingerprinting’ extensible node-locking
• Also track maintenance/support subscriptions
• Secure licensing via resellers / partners
• Secure user self-service license relocation, with User Briefcase
• Option for data upload/download at activation time e.g. user
registration
• Licenses can be revocable
• Email alerts, and built-in reporting
• Also supports activation from a redistributed server
• Also supports floating licensing (hosted or redistributed server)


Activation on disconnected systems
Problem:
You can’t assume that all users will have a network connection from their
system

Solutions:

As applicable, use any of the following:

‘Sneakernet’, or user self-service activation via file exchange
Licensing via proxy servers
Key pre-generation
Dongle-based licensing


Product Activation with no Internet
connection – self-service ‘sneakernet’

- Customer
- Address
ISV or Reseller
- Products User’s desktop /
- ..... server system
Order Management
System

Internet
1. The licensing software cannot connect to the
server, so it encrypts the Product Serial Number
and locking parameters in the Fingerprint File.
2. The user is instructed to save this file onto a
Orion Server transportable medium, and upload it at any
Internet terminal.
Product X 3. The Orion server accepts the file, and returns the
- Trial domain Activation Record, which the user places on the
- Email address #1 target system.
- Email address #2
- ………. 4. Same outcome as for a connected system.
- Production domain  Fully automated from the ISV’s
- Product Serial #9876 perspective
- Product Serial #8465  Autonomous and on-demand for the user
- ………..  Secure
Product Y
- ....
 Batch mode available

Product Activation with no Internet
connection – isolated corporate networks

- Customer
- Address
Vendor or
- Products Reseller
- .....
Order Management
System

Internet

DMZ
Orion Server

Product X
- Trial domain
- Email address #1 Any HTTP Proxy Server Automated activation / relocation
- Email address #2 in non-authenticated or of licenses, using Orion’s direct
- ………. basic-authenticated client-side support for forward
- Production domain mode HTTP proxy servers
- Product Serial #9876 or and the
- Product Serial #8465 Orion License Proxy Orion License Proxy Server
- ……….. Server
Product Y

Node-locking without requiring return of
the fingerprint file: key pre-generation
- Customer
- Address
ISV or Reseller
- Products
- .....
Order Management
System

User’s desktop /
server system

1. The locking parameters are already known by
whatever means e.g. system serial number.
Orion Server
2. The activation record file is generated using the
Agilis key-generation utility
Product X
- Trial domain 3. The activation record is delivered to the end-user
- Email address #1 by email, snail-mail or hand-carrying, and
- Email address #2 installed on the system.
- ……….
- Production domain
- Product Serial #9876
- ………..
Product Y

Dongle-based licensing is also an
option
- Customer
- Address
ISV or Reseller
- Products
- .....
Order Management
System

User’s desktop /
server system

1. A suitable hardware component with a unique,
readable signature is used as the dongle (e.g. a
Orion Server USB Ethernet module)
2. The activation record file locked to this signature
Product X is generated using the Agilis key-generation
- Trial domain utility
- Email address #1
- Email address #2 3. The activation record and the hardware
- ………. component enable the application to run on any
- Production domain system where both are installed.
- ………..
Product Y

Deferred node-locking with
EasyLicenser
Approach – defer setting the locking parameters until the time the license key is
installed, when they are automatically read and recorded.

Pros
• No user action required other than installing the key
• No opportunities for human error
• One key can support several users
• No network connection required from the users’ systems.
• Can lock to several system parameters
• Also supports deferred-time-limited licenses e.g. trial licensing.

Cons
• Security issue: one key can be used many times within its ‘shelf life’.
• Upgrades require that a new key be issued and installed.


Product Activation For Enterprise Environments

Problem:
Enterprise customers with many licenses may not want to manage and
track a unique Product Serial Number per license

Solution:
Enterprise licensing – ‘n’ licenses are managed in a pool under one Product
Serial Number.
• Identical to PSN-based-product activation, except licensing parameters
are defined at the pool level
• Identical offline activation / deactivation mechanisms
• A username may nevertheless be optionally specified for auditing /
reporting
• Enterprise pool can be on a hosted or redistributed Orion server


Securing licenses on virtual systems
Problem:
Conventional node-locking system hardware parameters (MAC address,
disk ID) can change for legitimate users.

Solution:
Lock to invariant software parameters of a unique session.

“We allow our customers to install our application on a virtual machine; in this
case we lock to both the machine’s logical host name and the user’s log-in
name in addition to multiple hardware parameters, thus keeping our license
secure and at the same time allowing them to run on a virtual system where
some of the hardware parameters may legitimately change”.
Matt Wise, Director of IT, Blueprint Systems

2. For maximum security – employ leased licensing, where each license is
periodically revalidated against the license server.


Supporting node-locked and floating
licensing
Problem:
Your smaller users may be happy with node-locked licensing, but what if your
enterprise customers request floating licensing?
Solution:
Just deploy floating licensing from either a hosted or redistributed Orion
Server as preferred.
A hosted Server for floating licensing has the following advantages:
• No license server for your customers to install, manage or update
• You have access to all licensing activity data
• All customers' license pools managed from one server, with each
pool's license limits set individually
• Licenses are revocable by you as the vendor

“If we see deployment issues with a NumeriX-hosted server, we have the option of offering floating
licensing from a redistributed server. We can also offer node-locked licensing from this redistributed
server in future. Furthermore, since Orion supports Internet-based product activation and floating
licensing with the same client library and a single application integration, we didn’t have to ask
Engineering to make changes to our application when we added licensing from a redistributed server”.
- Saeed Siddiqui, Vice President of QA, NumeriX


Automating operations / transitioning
from older licensing tools
Problem:
License administration is manual, time-consuming and inconvenient for our users. How
can we automate licensing operations …and what can we do to simplify operations for
our legacy products without having to re-engineer all of them?

Solution:
Agilis’s AIM On-demand License Lifecycle Management Service.

AIM:
• Automates the license management lifecycle
• Is rapidly configurable for new products.
• Eliminates infrastructure and operations costs for you and your customers
• Supports user self-service node-locking
• Consolidates disparate underlying licensing tools under one management
system for internal, reseller and enterprise-customer personnel
• Improves your end-users’ experience


For further details

www.agilis-sw.com

URL: www.agilis-sw.com

Email: sales@agilis-sw.com

Tel.: (408) 404 8480 extension 611


Current challenges in Software License Management - and solutions

More Related Content

What's hot

Similar to Current challenges in Software License Management - and solutions

Recently uploaded

Current challenges in Software License Management - and solutions