|
Posted by Sunny on December 16, 2007, 10:50 am
If you were Registered and logged in, you could reply and use other advanced thread options
>> Will wrote:
>>> If you have a multihomed interface with five IPs on it, will Checkpoint
>>> count that as five client licenses or one?
>> None
>>> In other words, is Checkpoint counting unique Mac addresses, or unique
>>> IPs?
>> Neither.
>>
>> It counts protected hosts, i.e. hosts behind internal interfaces.
>
> I think we are playing semantical games. What I meant by "client" is "a
> host behind an internal interface."
>
> So the question was how does Checkpoint determine the presence of a host
> behind an internal interface? Is it counting the number of IPs on the
> internal interface, or is counting the number of unique Mac addresses?
I suppose the semantics depend on what you mean by "multihomed
interface" and "number of IPs on the internal interface".
If a host behind an internal interface generates traffic through the
gateway, it's IP address is counted against the license. MAC addresses
aren't counted because all hosts behind internal interfaces are counted,
not just those on attached networks.
>> The command "fw lichosts" lists hosts which have been conuted against the
>> license.
>
> This command spits out what looks like a logfile that goes back years.
> It's a lot of manual work to determine what the current licensed hosts are
> from that.
fw lichosts displays one line for each host counted against the license.
The timestamp records the first time traffic from that host was seen.
I'm not aware of another way to obtain licensed hosts details.
Sunny
>
> There is no mention of Mac addresses in the information that comes to the
> screen, so you would guess that Checkpoint is counting IPs only.
>
| 
XML site map