Good morning,
I have a customer asking about the new license activation requirements starting with 2.5. They are an entity with very strict networking rules due to the sensitivity of their work. Only the minimum required communications are explicitly whitelisted and must be an explicit target (no “server outbound to all http” type rules). An example of an OS update is an outbound whitelist from their server IP to a single package mirror on 443/tcp only.
I have done some research already, but am not as certain in the answers as I’d like to be before going back to them. Here are two of the many references I looked at before making this post:
https://forum.checkmk.com/t/regarding-enterprise-licensing/56247
https://docs.checkmk.com/latest/en/license.html?lquery=offline#manualtrans_cee
They are asking about online license validation and which cloud server IPv4 address their site would need to connect to if they use the online method. I have not found that information in any of the posts or guides I have looked at.
They are aware of the offline method. They asked how frequently they’d need to do that process if they have to go that way. I believe they’d have to do it twice per year:
- upload a current usage snapshot when they request a renewal, so sales can validate they are going to be within service count
- after the renewal goes through, so that the site knows the new expiration date
If there is anything I can relay to them about the online server for their internal whitelisting, that’d be appreciated. Also, it’d be good to get confirmation on how often offline validation needs to be done, for our reference when answering customer questions in the future.
Thank you
