This is more of a “NOTE TO SELF”. I have a licensing brain block so I have to track these tidbits….
When firewalls have LOCAL licenses.
FIREWALLXXX has two licenses generated:
1) FIREWALLXXX has a local gateway license that obviously let’s it do firewall stuff
2) FIREWALLXXX has a management portion with 3 features
FIREWALLXXX license on CMAXXX/DOMAINXXX
——————————————–
# cplic print -D
1.2.3.4 never CPVP-SNX-5-NGX CPSB-SWB CPSB-ADNC-M CK-00-1C-7F-XX-XX-XX
———————————————
1) CPVP-SNX-5-NGX : Manage SSL VPN for 5 users – we can ignore not used
2) CPSB-SWB: Turns the archaic SNX-NGX license into a blade license – we can ignore
3) CPSB-ADNC-M : Allows the management station to administrate a ACTIVE-ACTIVE load balanced cluster – we can ignore not used
Summary: As long as a management station has the DMN-U license it can manage most functions of a firewall.
DreezSecurityBlog 