What is a Software License? How is it different from an Entitlement? What different types of Software Licenses are there? Welcome to the second installment of our Software License Management series where we will be exploring the basic taxonomy of Software Licensing and what it means to you, the consumer. So, let us get started on this journey together by first establishing a common understanding of basic license terms and definitions.
For the sake of consistency and to promote a convergence of terms, we will be leveraging ISO/IEC 19770, which represents the current standard for IT Asset Management, to normalize our terms and definitions.
What is Software Licensing?
Quite simply, Software Licensing is the delegation of rights to use software from the owner/developer of the software, to you the consumer. It gives you the right, as long as an agreement remains in place, to use this software or software enabled functionality. Licenses may provide for a wide range of software usage, including:
- An entire Operating System
- An application
- A feature of an application
- A software enabled capability (such as the activation of a hardware resource).
Software licenses may have a variety of different terms associated with them: length of time, number of users, number of employees, location, etc.
What is the Difference Between an Asset, Entitlement, and Software License?
It is not uncommon for the terms of asset, entitlement, and license to be confused with each other or used interchangeably. Instead, think of them as a hierarchy; a software license is a type of entitlement, which is a type of asset.
Licensing Technologies for Software Licenses
The Licensing Technology determines the method by which licenses are deployed or associated with asset installations. This is the method used by the vendor to associate license rights with a specific software installation. Enforcement of license rights may or may not be part of the License Technology in use.
This is the simplest form of License Technology and does not include the ability to enforce license compliance outside of contractual legal agreements. This is to allow for software license auditors to determine if you are in compliance.
While this approach is greatly appreciated by the installer, as it requires no operational cost or effort for managing licenses, it also provides almost zero visibility towards understanding your license ownership or usage. Not only are you most susceptible to an audit in this situation, you are also likely to over-buy licenses you don’t need.
While your Operations team would prefer this approach, it becomes a nightmare for your procurement personnel.
Lock and Key/Strict Enforcement Licenses
This is the technology that probably comes to mind when considering software licenses and was used heavily between 2000 and 2015. In a lock and key approach, you cannot activate a license unless you have a device specific (node-locked) or universal (golden) key for activating the software. No key means no usage. While this approach typically prevents you from getting into an audit situation, it does not improve license overbuying and, in fact, may even make it worse. In addition, this lock and key approach forces your Operations team to touch every single product installation to ensure the licenses are installed or available in order to prevent critical capabilities from turning off. Subscription models exacerbate this further by forcing this license touch every time the subscription renews.
While this is good news for your Procurement team in preventing audits, it makes your Operations team pull their hair out trying to keep up.
Report-In Usage Licenses
This approach can be thought of as a hybrid between a Right-to-Use and Strict Enforcement. Essentially, deployment personnel activate whatever licenses they need without the use of a key. The software product will then ‘call-home’ or register itself to a central tracking point which essentially serves as a real-time unofficial audit. This approach has become increasingly popular with vendors over the past 3-5 years and can be seen in Microsoft’s Volume Licensing or Cisco’s Smart Licensing strategies. While this approach does prevent audit situations, it does not expose software overuse so it can be resolved before problems arise. In addition, it also removes most (though not all) of the strict enforcement burden from the Operations team.
The downside, of course, is that it requires a communications path for the license “report-in” to occur. That means either an on-premises license server or access over the internet to the vendors cloud hosted license infrastructure.
One of the biggest advantages of a XaaS (as a Service) model is it effectively eliminates the need to manage licenses directly. While the Software Licenses still exist, they are typically tied very closely to the Subscription Management. The XaaS provider keeps track of all your software license ownership and usage for you. This is simplest when the software provider/vendor hosts the service for you as well but can also be seen in Partner/Provider Hosted services.
The overall industry trend is a move away from either Right to Use or Strict Enforcement technologies and towards Report-In and Direct Licensing technologies. This is being driven by the continued market emphasis on software and virtualization over purpose-built hardware. There is also a widely held opinion by industry players that Strict Enforcement and RTU approaches will inhibit growth and adoption.
While the above list is not utterly comprehensive, it does include the most common license technologies in use today. Especially during these times of rapid licensing change, the same vendor product may support one or more of these techniques at a time. The Cisco ISR4000 series router is a particular example that not only supports multiple options above, but in some cases supports multiple licensing technologies at the same time, depending on IOS version.
As this series continues, we will next explore Software Buying Models and their relationship to the License Technologies described above. Feel free to ask questions as we go along and we will be happy to work answers into future postings.
In a few weeks, I will introduce you further to the ISO/IEC 19770 standards as well as some other interesting standards starting to show up in the Software Asset Management and Hardware Asset management space.