In a FortiNAC Control Manager environment, each appliance has its own license key that works in combination with the license on the FortiNAC Control Manager. Licensed features, such as device profiler, integration suite, guest manager, and endpoint compliance, can be enabled for all managed appliances by including the feature in the license key for the FortiNAC Control Manager.
Features and concurrent license count are updated on FortiNAC appliances as they are added to the Server List in the Dashboard panel. For appliances in High Availability pairs, only the Primary Server is updated when added to the Server List. The Manager updates the Secondary Server upon the next failover of that High Availability pair.
If the FortiNAC Control Manager goes off line or is unreachable by the managed FortiNAC appliances, all services will continue to function using the previously shared licenses.
FortiNAC Control Manager removes Features and concurrent license count from FortiNAC appliances as they are removed from the Server List. At which point, the BASE License key is in effect for those appliances.
License counts are shared across all managed FortiNAC appliances, but the maximum number of licenses is controlled by the FortiNAC Control Manager.
For example, if the total number of concurrent connection licenses on the FortiNAC Control Manager is 1000, any of the managed appliances can use licenses from that pool, until all 1000 have been consumed. Appliance A may use 200 and Appliance B may use 150, leaving 650 available. Dashboards for all appliances, including the FortiNAC Control Manager, would display the following:
- Total Licenses: 1000
- Licenses In Use: 350
- Licenses Available: 650
Total licenses available and total licenses used are counted by the FortiNAC Control Manager and are displayed on the dashboard of all appliances.
Any number of licenses can be used on any managed appliance as long as total for all combined does not exceed the 1000 licenses configured on the FortiNAC Control Manager. This affects concurrent connection licenses.
In a multi-FortiNAC Server environment, a host that is connected to both wired and wireless FortiNAC Servers will use two licenses.
If the FortiNAC Control Manager goes down, individual FortiNAC Servers will continue to use the license counts.
When users and their corresponding hosts move from one part of the network to another the FortiNAC appliance managing their network access may change. For example, if the switches on the first floor are managed by FortiNAC Appliance A and the switches on the second floor are managed by FortiNAC Appliance B, then network access control changes from Appliance A to Appliance B when a laptop is moved from the first floor to the second floor.
Hosts consume licenses when they are connected to the network. When a host is moved the license is released when the host disconnects. The same host consumes a license the next time it connects to the network regardless of where it connects.
When devices are moved from one part of the network to another the FortiNAC appliance managing their network access may change. If moving the device causes it to be managed by a different FortiNAC appliance, one license is released on the original appliance when the device disconnects from the network and then a new license is used when the device reconnects to the network. The device is included in the databases of both appliances but only consumes one license because it only has one connection.