Lex,
A license is a 'right to use' that you purchase. And some products choose to hard-enforce that and if you have x licenses, with the x+1-th user that will be blocked. ClearPass does not hard-enforce the license, but will notify if you exceed the license that you purchased, 'soft enforcement'. In fact it will tell you that you are violating the legal licensing terms.
This is a choice, btw one that I 'fought for' in the past, as for a product like network authentication, the risk to lock users out of the network with a strict enforcement is not a risk that you should be willing to accept as the potential damage may outcount the financial interests by magnitudes. The mentioned admin lock-out is something that happened in previous versions of ClearPass.
With this, you have as a customer the flexibility to 'grow as you go' and once you reach your license limit, you can purchase additional licenses, but while that process runs you can simply resume your normal operations. It also allows you that if you have an event once a year, that you are not forced to buy licenses for that very exception when you would go over licensing, as long as it can be considered fair use in the spirit of the license agreement (this by the way is my personal opinion, for an official statement reach out to your local Aruba sales team). If your business is operating event networks, this may lay different.
This means the way of license enforcement is a kind of trust that Aruba has in the customers that they purchase their fair license count. It does not mean that with a 100 user license you run a 500 user network, while you technically CAN you are not allowed to and there MAY be legal actions once Aruba finds out as you have a legal (license) contract and are violating the conditions.
It's just another way of looking at it, and personally I feel that licensing should help customers to achieve their goals rather than limit it.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Oct 01, 2021 04:39 AM
From: Lex Krijnen
Subject: What happens if the ClearPass Access License is overrun?
Hi cjoseph,
Thanks for your quick reply.
Thats good to hear, but then i'm wondering, what is the limitation of the 100 access licenses if i can allow more than 100 simultaneously endpoints to connect?
------------------------------
Lex
Original Message:
Sent: Oct 01, 2021 04:20 AM
From: Colin Joseph
Subject: What happens if the ClearPass Access License is overrun?
It does not reject the authentication. You just get a warning in the web interface.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
Original Message:
Sent: Oct 01, 2021 02:53 AM
From: Lex Krijnen
Subject: What happens if the ClearPass Access License is overrun?
Hi all,
I have a simple question; What happens if the activated Access Licenses in ClearPass get overrun?
E.g. we have 100 Access Licenses for our PoC, what happens if the 101st endpoint tries to authenticate using ClearPass? Does it get rejected because no more access license is available? Or does it go along with authentication and displays a warning in the webinterface?
Thanks in advance!
------------------------------
Lex
------------------------------