FDM-Managed Device Licensing Types
Smart License Types
The following table explains the licenses available for FDM-managed devices.
Your purchase of an FDM-managed device automatically includes a base license. All additional licenses are optional.
|
License |
Duration |
Granted Capabilities |
|---|---|---|
|
License (automatically included) |
Perpetual |
All features not covered by the subscription term licenses. You must also specify whether to Allow export-controlled functionality on the products registered with this token. You can select this option only if your country meets export-control standards. This option controls your use of advanced encryption and the features that require advanced encryption. |
|
Term-based |
Intrusion detection and prevention-Intrusion policies analyze network traffic for intrusions and exploits and, optionally, drop offending packets. File control-File policies detect and, optionally, block users from uploading (sending) or downloading (receiving) files of specific types. AMP for Firepower, which requires a Malware license, allows you to inspect and block files that contain malware. You must have the license to use any type of File policy. Security Intelligence filtering-Drop selected traffic before the traffic is subjected to analysis by access control rules. Dynamic feeds allow you to drop connections based on the latest intelligence immediately. |
|
|
Malware |
Term-based |
File policies that check for malware, which use Cisco Advanced Malware Protection (AMP) with AMP for Firepower (network-based Advanced Malware Protection) and Cisco Threat Grid. File policies can detect and block malware in files transmitted over your network. |
|
URL License |
Term-based |
Category and reputation-based URL filtering. You can perform URL filtering on individual URLs without this license. |
|
Term-based or perpetual based on the license type |
Remote access VPN configuration. Your essentials license must allow export-controlled functionality to configure RA VPN. You select whether you meet export requirements when you register the device. Firepower Device Manager can use any valid AnyConnect license. The available features do not differ based on the license type. If you have not already purchased one, see Licensing Requirements for Remote Access VPN. Also, see the Cisco AnyConnect Ordering Guide, http://www.cisco.com/c/dam/en/us/products/collateral/security/anyconnect-og.pdf. |