NAC End-System License calculations

  • 0
  • 2
  • Question
  • Updated 3 years ago
  • Answered
I was at a customer site that was running an old version of NAC (4.3.x) coupled with NetSight 5.1 (I was there to upgrade them to 6.2).  NAC is set up to only authenticate wireless users.

Their current NAC licensing is for 500 end-systems.  Upon opening NetSight, I got a license violation stating that they were over their limit (by a lot! - almost 1000 over their licensing).

The customer emphatically states that there is no way that many users authenticated via NAC in a 24 hour period.  

My understanding is that a NAC license is used only when a user successfully authenticates to the network.  A user that has a mobile device that is set to auto-join wireless networks, and receives an Unregistered profile would not/should not count against the end-system license.

I've found some language in the NAC 6.2 User Manual that backs up my understanding, but I'm looking for someone that can catagorically state that only devices that are authenticated - having gone through the web portal and been approved, use a license.

Any other documentation of how the End-System licenses are used would be helpful.
Photo of Bill Handler

Bill Handler

  • 1,224 Points 1k badge 2x thumb

Posted 3 years ago

  • 0
  • 2
Photo of Eric Stinson

Eric Stinson, Employee

  • 240 Points 100 badge 2x thumb
Official Response
Hi Bill,

NAC counts all unique authentications (Based on MAC Address) in a 24 hour period.  It counts any end-system that attempts to authenticate to the network as it is processing the authentication request and controlling that user's access to the network.

Thanks,
-Eric