IOS - licensing
Cisco's licensing scheme for IOS and other products and software has evolved over the years.
Traditional licensing scheme
Ever since Cisco was founded there has been an IOS image for each model, but there’s a different IOS image for the different versions of each model.
For example, the Cisco 1800 series integrated services router has the following models:
- 1801,1802,1803 and 1805.
- 1811 and 1812.
- 1861 and 1861E
You might think that there is one IOS image just for the “1800 series” but this is not the case. There are 4 different IOS image. The 1801, 1802, 1803 and 1805 share a IOS image, so do the 1811 and 1812. For the 1841 there’s a separate IOS image and the 1861 and 1861E also share an IOS image.
To make things worse, there are also different IOS images for the different feature sets. Depending on the features you require you have to pay for a certain IOS image. For example if you want to run a VPN you might require the “security features” or if you want to use your router for voice over IP you might need the “voice features”.
Universal IOS image
To avoid the complexity of this scheme, Cisco now ships devices using a universal image that has all feature sets included. We still have different IOS images depending on the model and version, but no longer different IOS images with feature sets. Instead of all these different IOS images there’s just one.
Once you purchase a device, or download an IOS image, you will have to unlock the appropriate and desired features by activating the appropriate license, and using the provided Product Authorization Key (PAK).
Cisco introduced a "Smart Licensing" system to manage and track the use of Cisco software products. This licensing approach was a shift from the traditional PAK-based licensing system to a more flexible and centralized system.
Here's a summary of Cisco's Smart Licensing mechanism and policies:
Centralized Management: With Smart Licensing, all licenses are centralized in a Cisco Smart Account, making it easier for organizations to view, manage, and report on their Cisco licenses.
Flexibility: Traditional licenses were tied to specific devices. With Smart Licensing, licenses are not node-locked. This allows licenses to be used on any device, provided the user has the required entitlements.
- Permanent Licenses: Once activated, these licenses do not expire.
- Term Licenses: These licenses are valid for a specific duration, typically 3, 5, or 7 years. After expiration, renewal is required.
- Evaluation Licenses: These are temporary licenses, usually valid for 90 days. They provide a way to try a feature before purchasing a permanent or term license.
Cisco Smart Software Manager (CSSM): This is the online portal where organizations can manage and monitor their Cisco Smart Licenses. Users can allocate, return, renew, and transfer licenses across devices.
Direct and Indirect Communication:
- Direct: Devices with internet access can communicate directly with Cisco's licensing servers to report license consumption and get updates.
- Indirect: For devices without internet access or in restricted environments, they can communicate with an on-premises server called the "Cisco Smart Software Manager satellite". This satellite periodically synchronizes with Cisco's central servers.
Out-of-Compliance: If a device or software consumes more licenses than entitled, it goes into an "out-of-compliance" state. Cisco typically provides a grace period to rectify this situation, after which some features might be restricted or operate with limited functionality until the licensing is corrected.
Privacy: Cisco has stated that the Smart Licensing communications are designed to only send licensing-related data and not any user-specific or application-specific data.
Transition: For customers transitioning from traditional PAK-based licensing to Smart Licensing, Cisco has provided tools and processes to convert and migrate those licenses.
Virtual Accounts: Within a Smart Account, organizations can create Virtual Accounts to segment and organize licenses for different departments, projects, or geographies.
It's important to note that while Smart Licensing provides many benefits in terms of flexibility and centralized management, it was also met with concerns and criticism by some, especially those who felt it provided vendors like Cisco more control over customer infrastructure.