Endpoint Protection

Hello,

I write this message because I have to install a SEP manager and SEP client and my client ask me a question about license.

My client wants to know if it is possible to get back a license for a SEP client when we remove SEP on a computer client with Windows 7 Operating Systems.

Best Regards,

Brice

Yes when you will be remove unused sep client system for SEPM console,it will free sepm license.

TO answer your question simply it is a yes, but it will happen only when the client entry is deleted from the SEPM and its no longer communicating to SEPM. This process happens by default after 30 days. interval. 

 Likewise when a client is not communicating for the set number of X days, that license will also be released.

The number of SEP license used on a SEPM equals the number of active SEP hardware ID that the SEPM has. SEPM assigns one hardware ID per computer. I you uninstall SEP client from a machine, the license used by that client will be freed when the entry of that client is deleted from SEPM (manually or automatically after 30 days).

However, if you reinstall the OS on this PC (whcih was already reporting to SEPM) and then install a new SEP client on it, a new SEP hardware ID will becreated on the machine and hence a new entry will be created for that machine in SEPM. In such cases, it is better to manually delete the old entry of this machine from SEPM.

When you delete it in the SEPM, it frees up a license.

Hello,

Thank you for all your answers :) !!

Best regards,

Brice

You're welcome.

Just wanted to add a bit more information about license.

As I said early, the license will be freed (from old clients upon deletion) and reused by SEPM (for new client) internally in the network.

However, Symantec cloud-based servers do not currently implement any level of license re-use or scavenging of licenses from decommissioned clients. This means that although the SEPM may correctly report no "over-deployment" of the license, the cloud-based systems hosted by Symantec will still register an over-deployment, and will not provision the new client with a CAT.

So, when a client connects to the reputation database, the license count is pinned with that hardware ID. Hence if you have 10 license and 10 clients with SEP, all these client will occupy the license that you have on the cloud. Hence if you uninstall SEP from one of these clients and install it on a new computer, the cloud will see the new one as 11th computer (thought the SEPM will be resuing the 10th license for the new computer). This prevents the 11th computer from being able to submit reputation data to the Symantec Reputation database. However the client will be able to check the reputation database to fetch information on files.

Reference: Client Authentication Tokens, License Counts and Submitting content to Symantec's Cloud-based Reputation Service

Please mark Solved, if your question has been answered.

Hello,

Thank you for your message. You have helped me a lot, it's really cool :) Thanks for all your time !!

Have a nice day,

Best regards,

Brice

I'm glad that I was helpful.

So you can be targeted and then infected with a new type of Trojan but because of an incorret cloud license issue it will not submit reputation data about itself to Symantec and go unreported?