How NGFW appliance license binding works

Version 1

    With McAfee (Stonesoft) NGFW appliances the license binding is done automatically by the SMC (management server). The appliance licenses are bound to Proof of Serial (POS) code of the appliance and this information is hard-coded to appliance file system. POS code information is sent to management server during initial contact to allow management server to bind the license to correct node element.


    If license is not installed at the time of the initial contact, SMC administrator can use the Get DMI Info tool (right-click node element --> Tools --> Get DMI Info) to tell management server to try to fetch the POS information from the engine. Management server uses management connection to fetch the POS information and thus Get DMI Info tool can work only if there is TCP 4987 connectivity from management server to NGFW node, or TCP 8906 connectivity from NGFW node to management server in case of firewall using dynamic control address.