This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

License expiration - what happens

I have read multiple threads about license expiration and googled on the fact what would happen when a license expires, but I cannot find a clear answer.

One of our customers is using an ASG220 with Full Guard bundle. The subcriptions / license is due to expire in two weeks. They are about to order a license renewal, but you never know how long it takes for the reseller to get a new license.

So I am looking for an answer to the question: What will happen if all subscriptions expires?

Does the ASG 220 still work with the current configuration, but it cannot download any new updates from Up2Date or does the box completely stop?!?!

I hope that somebody can give me a clear answer.


This thread was automatically locked due to age.
Parents
  • Scott, your licensing info is a bit out of date.  It's no longer possible for a reseller to issue a temporary license when a license expires.  We will advance up to two one-month extensions without receiving payment, but will not go beyond that.  Of the clients for whom we've done that, only one still owes us for the one-month extensions several months later.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I know this is an old thread, and sorry for bringing it up again, but when the license expires are you still able to log into the appliance? I've no issue with the services stopping when the license expire (although dropping VPN's is questionable give any other hardware device that uses VPN's doesn't need to be renewed to keep them up - but I accept that's the way this one works.)

  • Indeed you may get notices and the reseller, but the back Sophos process takes ages to go through and it can impact the service as a result

  • I'm sorry Max, but I don't understand the issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Sophos are really slow at getting the new licences through, even with a months notice!

  • I can't remember the last time a renewal license key didn't appear in our inbox within 24 hours after we'd placed an order for one of our clients.  I understand that Sophos does things differently in the EMEA region than in the Americas region, but I don't know the details.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I agree here,  I have had problems even with my sophos reseller portal not showing all the devices correctly and email notifications to the client are not always bullet proof.

     

    Another comment I would add is that SOPHOS seems to be the only commercial subscription based security appliance I have run into that kills the VPN connection.  So I would disagree that VPN is NOT a part of a standard firewall.  The majority of firewalls are routers,  and a router is a industry standard to have VPN (especially IPSEC) functionality.   (Sonicwall, WatchGaurd, FortiGate allow you to use VPN IPSEC functions with no license)     

     

    I have deployed a multi WAN client with Sophos UTMs and we stopped installing them after realizing we would loose VPN function after the initial 3 year license.  Since we migrated to sophos software based endpoint filtering too we only wanted basic router functions.  So now we are pulling all the sophos and putting the old sonicwalls back in place for the small remote offices.  Sad and disappointing on sophos part.

     

    Alternate would be to pickup some Ubiquiti EdgeMAX or USG routers for small offices,  Mikrotik work well for this purpose too.  Just depends on what kind of management you would like to do.

  • The added VPN functionality is part of the enhanced routing facility within the UTM licencing model, not the basic.

    A bit like you dont get Layer3 routing on a Cisco catalyst capable device unless you pay for the enchanced licence.

    Not granted the software doesnt stop working on a cisco if you dont take out the TAC support for the next year, but that risk of running non supported equipment (ie no updates) in business seems too much in from my point of view.

    But it's good to have choices, if the Ubiquiti stuff meats your needs then fine, but there's only so much it scales to. Same for Cisco vs HPE vs Dell vs Juniper etc for switching/routing. You need to be aware of the pluses and pitfalls for each device and the licencing that goes along with it.

  • I just learned this as well, the hard way. We lost VPN and even WiFi because WiFi is licensed as "Wireless Protection." Yes, WiFi, as in antennas sticking out of our box are now decorative and we had to a get an AP. I am sorry but VPN and WAN link balancing should be the standard as well.

    Oh how neat, thanks Sophos!

    Security Made Simple....really simple.

  • Does anybody have a link or info on the different kind of licenses and the difference in the costs?

    eg what happens if you only require VPN and nothing else?

  • You will have to contact your sales rep and you will need at least Network Protection.

    Here is what you will be left with after the license expires:

     

  • A minimum of an SG 115 with Network Protection is needed for VPN/RED/IPS. Over a period of six years, this is less expensive than a RED 50 with warranty extensions for a remote office.

    Other than that type of general commentary, you won't see any resellers posting information about prices here.  Anyone with a question about pricing and purchasing recommendations needs to be talking with their reseller.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • A minimum of an SG 115 with Network Protection is needed for VPN/RED/IPS. Over a period of six years, this is less expensive than a RED 50 with warranty extensions for a remote office.

    Other than that type of general commentary, you won't see any resellers posting information about prices here.  Anyone with a question about pricing and purchasing recommendations needs to be talking with their reseller.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data