License details tab

This tab displays the current valid license of the appliance to which you are connected.

Buttons

Search for a new license This button is used for finding new licenses or for updating the date of the last check for a license.

NOTE
In this tab, the button allows searching for licenses for all firewalls in the high availability cluster.

Install the new license If the firewall has found a license through the button Search for a new license, the button Install the new license will be enabled. By clicking on it, a download will be launched. Confirm or cancel the download.

NOTE
In this tab, the button allows installing the license for the firewall indicated.

Collapse all This button allows collapsing all the features in the license.
Expand all This button allows expanding all the features in the license.

The table

Feature Indicates the features and options of each feature found on the firewall.
The features are: “Administration”, “Date”, “Flags”, “Global”, “Hardware”, “Limit”, “Network”, “Proxy”, “Service” and “VPN”. The options relating to the features are explained in detail in the next section.
In progress (current license) Indicates, for each license installed, which options have been enabled for each feature, or the expiry status. A symbol indicates whether a feature is enabled, and another symbol shows that an option has been disabled. Symbols and colors show the difference between an option that is close to expiry (less than 90 days to the expiry date), an expired option and a valid option.
New license This column appears only if a new license is available but has not yet been installed, and that a reboot would be necessary (in other words, this column will never appear if you have selected in the advanced properties of the General tab the option Install license after it has been downloaded  - automatic when possible (no reboot necessary). When a new license is available, this column will set out the new values in comparison with the values of the current license indicated in the column “In progress (current license)”. Symbols and colors indicate improvements or declines in value compared to the values of the current license. If the option has not changes, nothing will be indicated.

Administration

Manager Administration possible via the web interface. (Default value: 1).
Monitor Monitoring possible via Stormshield Network REAL-TIME MONITOR (Default value: 1).

Date

Antispam DNS blacklists (RBL) Deadline for updating DNSRBL spam databases
ClamAV antivirus Deadline for updating ClamAV antivirus databases
Express Warranty Deadline for the Express Warranty.
This makes it possible to shorten the client’s waiting time when the product is being repaired.
Industrial Deadline for the option that enables the analysis of industrial protocols.
License will be valid until Expiry date of the license.
Contextual protection signatures Deadline for updating contextual protection signatures (intrusion prevention engine).
Antispam: heuristic engine Deadline for updating the spam filter heuristic engine.
Sandboxing Breach Fighter Deadline for file analysis through sandboxing
Embedded URL databases Deadline for updating Stormshield Network’s URL filter databases.
Extended Web Control URL databases Deadline for updating Stormshield Network Extended Web Control URL filter databases.
Update Deadline for updating the appliance.
Advanced antivirus Deadline for updating advanced antivirus databases.
Vulnerability management Deadline for updating SEISMO vulnerabilities.
Warranty Deadline for the warranty.

Options

Custom contextual protection signatures Creates customized signatures for the intrusion prevention engine.
Express Warranty Express warranty that allows limiting the client’s waiting time during the repair of his product.
External directory (LDAP) Enables or disables the use of an LDAP directory (Default value: 1*)
High availability Allows defining an active and passive appliance in a high availability cluster. (Master/Slave/None).
Industrial Enables or disables the analysis of industrial protocols.
PKI Enables or disables the internal PKI. (Default value: 1)
Vulnerability management Enables or disables SEISMO. (Default value: 0)

Global

Comments Comments.
ID Unique identifier
Temporary Temporary license (as long as the appliance has not been registered). Default value: 1 (factory settings), 0 once the product has been registered.
Version Version of the license (checks the compatibility of the format for the license/version of the Firmware). The default value is 9.

Hardware

Cryptographic card Presence of an optional cryptographic card. (Default value: depends on the model).
External storage Presence of an SD card for log storage
Network interfaces Maximum number of physical interfaces. (Default value: depends on the model).
RAID Allows channeling date from one hard disk to another when one of them fails.

Limits

Connections Maximum number of connections passing through ASQ. (Default value: 0 (= unlimited)).
Network Maximum number of networks managed by ASQ. (Default value: 0 (= unlimited)).
Users Maximum number of users who can authenticate on the appliance. (Default value: 0 (= unlimited)).

Network

Dialup High Availability Enables or disables the possibility of using dialups to establish high availability links. (Default value: 1).
Interface routing Allows routing by interface. This option is enabled by default.

See the Menu: Configuration > Network > Interfaces / Advanced properties tab/ Bridge: routing by interface field (Default value: 1).

Dialup load balancing Enables or disables load-balancing on dialups. (Default value: 1).
QoS Enables or disables QoS. (Default value: 1).

Proxy

Antispam DNS blacklists (RBL) Enables or disables spam filtering via DNSRBL in the proxy. (Default value: 1).
ClamAV antivirus Enables or disables the ClamAV antivirus in the proxy. (Default value: 1).
FTP proxy Enables or disables the FTP proxy. (Default value: 1**).
HTTP proxy Enables or disables the http proxy (Default value: 1).
ICAP (URL) Enables or disables the ICAP ReqMod. (Default value: 1).
ICAP (Virus) Enables or disables the ICAP RespMod. (Default value: 1).
POP3 proxy Enables or disables the POP3 proxy. (Default value: 1).
SMTP proxy Enables or disables the SMTP proxy. (Default value: 1).
Sandboxing Breach Fighter Enables or disables file analysis through proxy-based sandboxing.
Antispam: heuristic engine Enables or disables the spam filter heuristic engine. (Default value: 0).
Embedded URL databases Enables or disables URL filtering via Stormshield Network’s database in the proxy. (Default value: 1).
Extended Web Control URL databases Enables or disables URL filtering via Stormshield Network Extended Web Control database in the proxy. (Default value: 0).
Advanced antivirus Enables or disables the Advanced antivirus in the proxy. (Default value: 0).

Services

Authentication Enables or disables the user authentication interface.
DHCP Enables or disables DHCP server/relay service (Default value: 1).
DNS Enables or disables DNS cache service. (Default value: 1).
Dynamic DNS Enables or disables the DynDNS client of the DNS update server.
Enrolment Enables or disables enrolment. (Default value: 1).
Internal LDAP database Enables or disables the internal LDAP database (Default value: 1).
NTP Enables or disables NTP synchronization (Default value: 1).
Public directory (LDAP) Enables or disables public access to the internal LDAP (Default value: 1*).
SNMP Enables or disables the SNMP agent. (Default value: 1*).

VPN

Anonymous IPsec VPN tunnels Enables or disables the possibility of setting up anonymous tunnels. (Default value: 1*).
PPTP Enables or disables PPTP tunnels. (Default value: 1*).
SSL VPN Enables or disables SSL VPN.
Strong Encryption Enables or disables support for strong algorithms for the encryption of IPsec tunnels. (Default value: 1*).
Number of IPsec VPN tunnels Maximum number of IPsec tunnels. (Default value: 0 (=unlimited)).

This tab works in the same way as the local license tab.