Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
RE: [ISSForum] Microsoft SQL Licensing question.
From: Soda, Marcantonio (Marcantonio.Sodancogroup.com)
Date: Thu Jan 15 2004 - 09:29:21 CST
I was told by Tech Support that you only needed 1, for the App server. This
doesn't seem correct to me, especially since there are users in the DB for
the Event Collector and Fusion. However, I don't know much about MSSQL.
Is there a way to check the number of licenses used for SQL?
From: Wassim Nakadi [mailto:wnakadiact.com.lb]
Sent: Thursday, January 15, 2004 2:30 AM
To: Robert Craig; issforumiss.net
Subject: RE: [ISSForum] Microsoft SQL Licensing question.
I haven't seen any document from ISS on this matter but i am very interested
to know about the licensing of sql server for siteprotector.
From: Robert Craig [mailto:rjcnetsec.net]
Sent: Tuesday, January 13, 2004 6:37 PM
Subject: [ISSForum] Microsoft SQL Licensing question.
I am hoping someone from ISS would be able to answer which Microsoft SQL
licensing method is required to support SiteProtector with approx. 800
sensors? I've re-read the licensing FAQ (see below) and am not sure if
'mulitplexing' applies to the number of sensors. Obviously, getting the
processor license eliminates the probelm of CALs, but I'll be installing SQL
Enterprise on 3 machines running quad processors and at approx. $20K per
processor (12x$20K=$240K), that may be prohibitive for my client.
I'd like to be able to get one Server License (for the Enterprise Database)
and 7 Device CALs ( for the 5 Event Collectors, 1 SFM, and 1 Application
Server), and be properly licensed. But again, does 'multiplexing' apply to
the machines that the SiteProtector Console is installed on? If I have 5
remote users using the Console software, do I need a SQL Device CAL for
each? Also, would I need a Device CAL for each sensor? This would also be
cost prohibitive for us (800x$150=$120K).
From the 'multiplexing' example below, does a sensor "use its [SQL Server]
data, services or functionality"? The sensor are in contact with the event
collectors and the application servers sensor controller service, but I
don't see how they would use the SQL data or services, but 'functionality'
could be argued.
Anyway, thoughts, real-world examples, ISS guidance, would be a great help.
SQL Server is currently available under three licensing options:
Processor license. Requires a single license for each CPU in the computer
running SQL Server. This license includes unlimited client device access.
Server plus device client access license (CAL). Requires a license for the
computer running the Microsoft server product, as well as CALs for each
Server plus user client access license (CAL). Requires a license for the
computer running the Microsoft server product, as well as CALs for each
SQL SERVER 2000 PROCESSOR LICENSING
Microsoft offers a processor-based licensing model to help alleviate
complexity. Processor licenses can be used for any type of application (not
limited to Web-based scenarios).
Processor License - A Processor license is required for each processor
installed on each server running SQL Server or any of its components (for
example, Analysis Services). It includes access for an unlimited number of
users or devices to connect from either inside or outside the firewall.
Customers do not need to purchase additional Server Licenses or client
access licenses (CALs).
Processor licenses are available in both Enterprise and Standard Editions
and offer tremendous simplicity.
SQL SERVER 2000 SERVER PLUS CAL LICENSING
In addition to Processor licenses, SQL Server 2000 offers separate Server
licenses (in both Standard and Enterprise Editions) in conjunction with per
device or per user client access licenses (CALs). Server plus CAL licenses
are useful to customers using SQL Server in non-Web-based scenarios.
Server License - A Server license (for either Standard or Enterprise
edition) is required for every server on which that edition of SQL Server
software or any of its components (for example, Analysis Services) is
Device CAL - A SQL Server Device CAL is required in order for a device (for
example, a PC, workstation, terminal, PDA, mobile phone, and so on) to
access or use the services or functionality of either edition of Microsoft
SQL Server. The Server plus device CAL model will likely be the more
cost-effective choice if there are multiple users per device (for example,
in a call center). Please see multiplexing section to ensure every device is
licensed properly. The only exception is communication exclusively between
User CAL - A SQL Server User CAL is required in order for a user (employee,
customer, partner, and so on) to access or utilize the services or
functionality of either edition of Microsoft SQL Server. The Server plus
user CAL model will likely be more cost effective if there are multiple
devices per user (for example, a user who has a desktop PC, laptop, PDA, and
A CAL is not software; it is a legal document granting a device or user
access to server software. A single device CAL grants access to multiple
servers for one device (CAL must be same version as latest version of any of
the servers). A single user CAL grants access to multiple servers for one
user (CAL must be same version as latest version of any of the servers). The
following illustrates a scenario requiring two SQL Server licenses and three
CALs deployed in the per device mode:
MULTIPLEXING: USE OF MIDDLEWARE, TRANSACTION SERVERS, AND MULTI-TIERED
Sometimes organizations develop network scenarios that use various forms of
hardware and/or software that reduce the number of devices or users that
directly access or utilize the software on a particular server, often called
multiplexing or pooling hardware or software. For example, say a client PC
is using a server application that calls the Microsoft Transaction Server
(MTS) component of Microsoft Windows® 2000 Server on one server, which in
turn pulls data from a Microsoft SQL Server database on another server. In
this case, the only direct connection to Microsoft SQL Server is coming from
the server running MTS. The client PC has a direct connection to the server
running MTS, but also has an indirect connection to SQL Server because it is
ultimately retrieving and using the SQL Server data through MTS. Use of such
multiplexing or pooling hardware and/or software does not reduce the number
of CALs required in order to access or utilize SQL Server software. A CAL is
required for each distinct device or user to the multiplexing or pooling
software or hardware front end. If, in the above example, 50 PCs were
connected to the MTS server, 50 SQL Server Device CALs would be required.
This is true no matter how many tiers of hardware or software exist between
the SQL Server and the client devices that ultimately use its data, services
Robert J. Craig, CISM, CISSP
Senior Security Engineer
13525 Dulles Technology Drive
Herndon, VA 20171
(703) 832-4505 fax
Your Network Security Solution.
This electronic message contains information from NETSEC or its affiliates,
which may be confidential, proprietary or otherwise protected from
disclosure. The information is intended to be used solely by the
recipient(s) named above for the purposes intended by the originator. If you
are not an intended recipient, be aware that any review, disclosure,
copying, distribution or use of this transmission or its contents is
prohibited. If you have received this transmission in error, please notify
us immediately by telephone at (703) 561-0420, or by electronic mail at
ISSForum mailing list
TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo