Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
10
Helpful
3
Replies

Is there any mechanism for preventing Cisco Virtual Appliances from being cloned or exported as OVF/OVA ??

Go to solution
Amir.csco
Level 1
Level 1

‎01-26-2015 11:44 PM - edited ‎03-10-2019 10:23 PM

I am very confused why Cisco has no mechanism for preventing its virtual appliances from being cloned or copied, for example i can install ACS 5.6 , buy license and deploy it, then i can export the virtual appliance as and OVA file and deploy it somewhere else in other license without need to buy another license, after deploying OVA file i can even change IP address, Default Gateway, NTP server or any parameters that i want but license is steel valid...

why on earth this is happening ?? 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jan.nielsen
Level 7
Level 7
In response to Amir.csco

‎01-29-2015 07:27 AM

Not a bug, this is the way ACS works now, it's up to your ethical standards whether you break this system of "trust" that Cisco has implemented. This is actually how most Cisco products worked back in the day, and some products are returning to this model (ASA APEX ex.)

View solution in original post

3 Replies 3

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎01-26-2015 11:53 PM

Hello Amir,

ACS used to tie the license to the MAC address of the machine but I believe Cisco removed that in version 5.1 or 5.2 as users were facing with issues if the MAC changed on a virtual machine. 

Other Cisco products, such as the ASA, Call Manger, and even ISE are a lot more restrictive when it comes to licensing. However, Cisco in general has many products that are licensed on the "honor system" where you are responsible for reporting and paying for everything that you are using. 

Also, I suppose Cisco could audit any companies out there and figure out what the company is using vs what it actually paid for :)

I hope this helps!

 

Thank you for rating helpful posts!

Go to solution
Amir.csco
Level 1
Level 1
In response to nspasov

‎01-27-2015 10:20 AM

Thank you Neno for your attention and response

but its really strange and confusing, im looking for a way that i can restrict ACS and prevent this from happening because i think this is some kind of bug,

you said that CUCM and ISE don't  have this issue and they come with more restrictions, is there any documentations or references that describe about these restrictions  

0 Helpful

Go to solution
jan.nielsen
Level 7
Level 7
In response to Amir.csco

‎01-29-2015 07:27 AM

Not a bug, this is the way ACS works now, it's up to your ethical standards whether you break this system of "trust" that Cisco has implemented. This is actually how most Cisco products worked back in the day, and some products are returning to this model (ASA APEX ex.)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents