Upgrading and Repairing Networks urnxdfi.htm
Appendix D
Software License Metering
Unless you've been living in a cave for the past couple of years, it's
not news to you that you need to own a license for all the software you
use for home or business. Over the past few years, it has become steadily
less acceptable to pirate software, and more dangerous to do so.
First, there's an ethics question: the software companies survive by
making software good enough for people to buy it. No matter how much you
enjoy programming, there's a limit to how much you're willingÛor can affordÛto
do for free. Pirating software is not a statement against big software
companies; it's stealing someone else's work.
Second, pirated software is an excellent source of viruses. This is
less of an issue (but not unheard of) if you're pirating by passing a single
copy of an application around your organization without buying licenses
for everyone; however, if you download illegally-copied software from a
bulletin board service (BBS) catering to self-proclaimed "hackers,"
you're really risking your hard disk. Face it: the type of person who thinks
it's okay to copy someone else's work, and distribute it to anyone who
wants it, may also be the type of person who'd infect that work with a
virus before posting it on the bulletin board. Of course, if you pick up
an illegally copied program and it's virus-infected, you've got little
recourse with the original product manufacturer.
Third, an organization named the Software Publishers' Association can
impose fines or temporarily shut down your organization for even a single
software license violation. We'll discuss this organization and its role
and powers later in this chapter, but at the outset you should be aware
that this organization exists, and that that they can go after you even
for unlicensed shareware.
For these reasons, it's best to be conscientious when it comes to software
licensing. This chapter covers the following topics that should make your
task of keeping track of your organization's licenses a bit simpler:
What a license is
Different types of licenses
Available methods for tracking licenses
What the SPA is and does
What Is a License?
In its simplest form, a license is a proof of purchase. This
proof can take a variety of forms, such as the following:
Ô The envelope that the disks (or other component of the product) came
in that says something along the lines of, "When you break this seal
you are agreeing to the terms of the license agreement."
Ô The disks themselves
Ô The page in the manual titled "Licensing Information" or
other wording to that effect
Ô A paid receipt for the software (not a purchase order, which is simply
a proof of intent to purchase)
Not all licenses give you the same powers and privileges: they can authorize
the use of software by a machine, person, network, site, or company. The
following sections provide a general overview of the various license types,
but please note that licenses vary by manufacturer, and the specific license
for each product is the one to which you must adhere. Also, keep in mind
that not all software is available with all the following license types.
Check with specific vendors to see what's available.
User Licenses
A single-user license gives the person to whom the software is
licensed the right to use it on any machine, as long as he or she is the
only person to use that software. In other words, if your word processing
program carries a user license, then you can use that program on your home
machine, work machine, and a laptop you take on business tripsÛas long
as you're the only person using the software. A user license does
not give your friend the right to use your word processor on your home
machine while you're at work, or give one of your co-workers the right
to use the word processor on your machine while you're on the road.
Many licenses for common applications are user licenses, but be sure
to read the fine print on each license (discussed later in this chapter)
and check each manufacturer's policy before you start installing your software
on all your personal machines.
User licenses often are available as a block license in increments
of 25 or 50 users, particularly for network software such as an operating
system.
Usage Licenses
A usage license, also known as a workstation license,
authorizes anyone to use the software, as long as it is used on only one
machine at a time. On a network, a usage license usually authorizes a certain
number of concurrent users. Once you install software licensed to a workstation
on your work machine, for example, you cannot legally copy that software
onto your home machine, even to work at home with the same files and for
the same company as when you're at the office.
Usage licenses are increasingly popular, touted as a way to reduce costs
by paying for usage rather than for each person using the software. Some
packages on the market today let you choose between user licensing and
usage licensing.
Usage licenses are good for situations like shift work, where three
people might do the exact same job, but do it at different times of the
day. Usage licenses also are good for users who only use packages sporadically
during the day, because you can get double- or triple-duty out of one license.
For roving users who constantly use the same package throughout the day,
however, a usage license might not be very practical. Likewise, a usage
license is not a good idea for anyone who may use one machine one day,
but a different machine the next.
Network Licenses
Not surprisingly, a network license gives anyone on the same
network the right to use the software. The definition of a network in this
context is less flexible than some of the networks discussed elsewhere
in this book: in terms of software licensing, a network usually refers
to the machines connected to a single file serverÛalmost certainly it's
limited to a LAN rather than a WAN (see chapter 4, "Upgrading to a
WAN," if you need a refresher on the difference).
Unless you have only one network in your workplace, a network license
is not the same thing as a site license (described in the next section).
A network license is broader-reaching than a block license that is used
on a network (refer to the "User Licenses" section), because
a network license is not limited to a particular number of users; however,
all things being equal, a network license usually is more expensive.
Site Licenses
A site license is the next step up from a network license. Rather
than limiting you to using the software on a single network, a site license
permits anyone at your office's physical location to use the software.
This permission is limited to those in that building, however; users at
a branch office connected across a wide-area link are not included, and
you should check with the specific manufacturer to see if telecommuting
employees have rights to the software on the days when they dial into the
office from home. It's possible that you'll have to buy extra licenses
for them to use the same software on their home machines.
Enterprise Licenses
The broadest permission to use software is an enterprise license,
by which any member of your organization has the right to use the software.
(Enterprise, in this case, means the corporate enterprise rather
than a network connecting more than one kind of NOS.) The rights granted
by an enterprise license generally extend to dialup users, users across
WAN links, and so on. As you might expect, this type of license is quite
expensiveÛit's only cost-effective for very large organizations in which
many employees use the same software packages.
Hybrid Licenses
A license from a particular vendor might not always fit neatly into
one of these categories, and might even overlap more than one category.
For example, the license for MicroGrafx's Windows Draw! provides instructions
for setting up the software both on a single-user basis and on a network
(see fig. D.1).
Figure
D.1 A license agreement can encompass more than one kind of license.
License Tracking
Now that you've got a basic idea of the various kinds of licenses, how
can you make sure you're doing the right thing when it comes to licensing?
Well, if you've got more than a couple nodes on your network, you need
an organized system for tracking licensesÛthis can be either paper-based
or computer-based.
Manual Tracking
All right, you're a network administrator, and you're used to handling
computer software. Why would you manually track licenses when there are
automated systems that can do it for you?
One reason is that complexity might be brought about by a particular
network design. For example, if users store their applications locally,
but you have peer-to-peer connections in your network, then software metering
needs to be local as well. There's a flaw in the design of some metering
programs that won't release a license if the user doesn't exit an application
normally (for example, if there's a sudden power outage and the user's
computer shuts down). More metering programs are being designed to avoid
this problem, but the time required to meter all the applications on a
system still can be considerable. It might be easier to set up a less proactiveÛbut
less time-consumingÛmanual tracking procedure, like those described in
the following sections.
***
Manual tracking works best for small networksÛwhen you get bigger, it's
often easier to automate.
***
Physical Tracking
For networks in which each workstation has a fair amount of storage
space nearby, you can just assign each software package a number, and then
give each employee using that package a numbered copy. When the employee
receives the software, the business manager gets a signed receipt. The
business manager also needs a signed inventory from each employee, listing
the software loaded on his or her machine. The inventory form should look
something like the one shown in figure D.2.
Figure
D.2 A software for each machine makes it easier to track licenses and keep unauthorized software off the network.
***
Assigning the software by number rather than by name prevents the confusion
that can arise when two people with the same name are on the network, or
when Bob leaves and the new employee, Janet, inherits software named something
like "Bob's SmartSuite."
***
Thereafter, each employee is responsible for keeping track of his or
her work software and licensesÛif something happens to the software, then
it's up to that employee to replace it or at least to request a replacement
through the appropriate channels.
Although the physical method has real advantages for a small network
with a relatively stable population, it has some pretty serious disadvantages
as well. First, you might not want everyone on the network to have direct
access to disks. If you've installed a limited version of the software
on their system (for example, you've installed Windows without games),
then you certainly do not want them to circumvent your planning. Giving
people direct access to disks is also potentially dangerous in terms of
licensing and viruses. If an employee decides that he needs that software
on his home machine, he might violate the license agreement, and worse
yet, might infect the disks if there's a virus on the home system.
Second, many workstations don't really have the space to keep a bunch
of software boxes around. If they do have sufficient storage space,
is it secured with a lock? If another user does not have their own software
anymore (for whatever reason), he might be tempted to "borrow"
the software assigned to another person if that software is easily accessible.
In short, having everyone on the network keep track of their own software
is only a good idea if you have a small network with a highly computer-literate,
responsible staff, as well as plenty of storage space that can be locked.
If you can't meet these requirements, consider a more centralized form
of license control.
Paper Tracking
For those who want to keep track of their software licensing without
installing an automated system to do so, it may be practical to put one
person (perhaps the business manager, in cooperation with the network administrator
or software support types) in charge of license tracking. The network administrator
gets the software, the business manager gets the licenses, and the user
provides a statement of the software installed on the machine. If the user
brings in any outside utilities (such as shareware), he or she must account
for them and provide licensing information.
It's true that this method still relies to an extent on the honesty
and record-keeping abilities of the users on the network, but it has the
advantage of centralizing control and licensing accountability. It's also
a system capable of maintaining records of the software on each system
without metering each system.
Automatic Methods
For larger networks, where the bookkeeping involved is too much for
the business manager to track licensing manually, there's no shortage of
metering and monitoring programs on the market. McAfee, Frye, and 3Com
are just three of the big-name makers of such utilities, and there are
dozens of shareware metering programs available through the Internet or
online services such as CompuServe. The shareware metering programs usually
are cheaper and less powerful than off-the-shelf programs, but are just
right for some networks. Some NOSs (such as Microsoft's NT Server 3.51)
now come with monitoring capabilities.
Don't forget that shareware metering programs are subject to the same
licensing rules as software that you buy in a store. If it says "unregistered
copy" and you've had it on your system longer than the evaluation
period listed in the accompanying licensing information file (usually a
30-day period), then you're in violation of the license.
Metering versus Monitoring
In automatic license tracking, there are basically two approaches: metering
and monitoring. The essential difference is that metering prevents
violations, and monitoring, well, monitors themÛthat is, rather than ever
preventing use, monitoring software just watches and keeps track of the
number of users accessing a piece of software at any given time. Although
this isn't easily to diagram literally, figure D.3 illustrates the conceptual
difference between metering and monitoring, using a fictional software
package named DrawRight.
Figure
D.3 Metering prevents extra users from accessing licensed software; monitoring keeps track of the software usage.
How Metering Works
Properly executed, software metering only permits a certain number of
people to access a program. If the meter is set up for twenty simultaneous
users, then when the twenty-first person attempts to start the program,
he or she sees a message saying that the licenses for that program have
been used up, and that he or she should try again later.
If a user attempts to run a metered application when all the available
licenses are in use, the user sees a message.
Although the exact procedure varies from product to product, you set
up a meter in the following fashion:
1. Install the software on the machine where the program to be metered
resides. The software probably has to be in the same directory as the program.
2. Run the meter in administrative mode, and select the program or programs
to be metered.
3. Specify the number of instances of that program that are allowed
to run simultaneously. This number should be equal to or less than the
number of licenses you have purchased for the program.
4. Enable the logging feature (if available) so that you can see how
many times people try to access the file. This can help you determine if
and when you need more licenses.
5. Save and exit.
Again, the specifics vary by program, but that's the basic idea. What
you're doing is making the meter intervene between the user and the application,
so that the meter can regulate usage. The log keeps track of those accessing
the program, and also those attempting unsuccessfully to do so. If you
don't choose to have the access activity logged, the metering itself can
still occurÛyou just don't get any record of access activity.
How Monitoring Works
Software monitoring is more useful for seeing just how many licenses
you need before you buy them. Assume, for example, that you have a copy
of Word on the server, and you think that ten people are using it. You've
got ten licenses, so you're in the clear. When another user develops a
need for Word (perhaps someone who has always had an assistant type their
letters begins typing their own, for some reason), that's an eleventh person
who needs the software. Unfortunately, the network administrator and business
manager might not think to add this person to the list of people needing
licenses for the software, because the change in business practice seems
to only affect who's typing a letter. Monitoring software would notice
that sometimes the number of Word users now exceeds the number of valid
licenses, so you could investigate and find out that the eleventh person
has a legitimate use for it, then obtain another license.
Making Automated Tracking Useful
With anything automated, there's a serious temptation to buy it, install
it, and let it take care of itself. Automated license tracking systems
don't work that way. Although they represent an easier means of tracking
a large number of licenses than doing it by hand, the automated systems
do require some effort from you. They can't tell you anything if you don't
help a little.
Here are some tips to help you improve your software metering or monitoring
practices:
Ô Set it up as soon as possible. It's easy to get bogged down
with network updates and other distractions, but metering or monitoring
software won't do you any good if it sits on the shelf. Make time to set
it up as soon as possible for all the applications that are to be tracked.
Ô Make updates on a regular basis. This follows naturally from
the previous tip. It's tempting to say that you'll make all necessary licensing
changes as soon as they are required, but most people are too busy to be
sure that they'll have the time. It's easier to schedule updatesÛusers
to be added, licenses to be added, or new applications to be monitoredÛif
you plan to do them at a regular interval, like once a week.
Ô Back it up. The information garnered by your tracking system
is important. Make sure that it's part of your regular backup program,
so that if something happens to the hard disk that's being metered, you
don't lose all the data you've gathered.
Ô Don't keep the results to yourself.This information might do
you, the network administrator, some direct good, but often, you're not
the only one concerned about the results of the metering and monitoring
logs. You set up the tracking to accumulate certain information: make sure
that the information goes where it's supposed to.
Who Enforces Licensing?
This chapter has talked a lot about what a license is, and how to keep
up with your licensing obligations. You may be wondering, however, who
will care if you don't live up to these obligations. How will a manufacturer
ever find out?
Actually, the manufacturer does not have to find out. A non-profit organization
named the Software Publishers' Association (SPA) can take action
on behalf of the software manufacturer. Let's learn more about the SPA.
What Is the SPA?
The SPA is a non-profit private organization based in Washington, D.C.
(they're not an arm of the federal governmentÛthey just have offices in
the city). It was created in 1984, with 25 member companies, in order to
provide a voice to represent and protect the software publishing industry.
The SPA's anti-piracy campaign began in 1989. As of late 1995, its membership
numbered over 1200 companies. Member companies pay dues and authorize the
SPA to audit businesses on their behalf.
How Does the SPA Investigate a Violation?
Most of the SPA's actions begin with a tip on its hotline (currently
the hotline receives about 30 calls per day). The SPA evaluates the tip
in terms of its factual basis, the extent of the violation (unsurprisingly,
one extra copy of a shareware game, for example, is of less concern than
2500 unlicensed copies of Lotus 1-2-3), and the perceived motivations of
the person callingÛthat is, is the person calling out of genuine concern
about the violation, or is the call motivated by revenge? If the latter,
does the call seem legitimate? Much of this sort of evaluation is done
by instinct, rather than established criteria.
Once the SPA decides that a tip is worth looking into, it conducts its
own investigation to verify the alleged violation. If it cannot substantiate
the violation, the process ends there.
If the SPA collects enough information to file a lawsuit (the group
does not act unless it does collect enough), it contacts the company to
notify it of the identified violation, and informs the offending company
of the action it intends to take. In most cases, this action takes the
form of an audit, in which the SPA's auditors physically check the
software on each computer in the company against the proof of purchase
that the company provides. The best proof of purchase is an invoice or
paid purchase order, as that's probably the easiest thing for most companies
to lay hands on, but disks or manuals sometimes are accepted. On average,
the audit takes about four months (the exact time depends on the size of
the company and how cooperative it is), during which time the company can
operate normally except that its employees occasionally might have to deal
with auditors bumping them off of a machine to audit its contents. If the
violation is confirmed, then the company must pay a fine to the SPA in
the value of the unlicensed software, and the illegal copies are destroyed.
In serious cases, the SPA does not perform an audit but instead files
civil or criminal charges against the offending company. The SPA has permission
from all its members to audit companies on their behalf, but if a lawsuit
is necessary the member company must grant permission to the SPA to file
the lawsuit at that time. The fines can be up to $100,000 per civil violation,
and up to $250,000 (as well as up to 5 years in prison) per criminal violation.
Once again, the pirated software is destroyed so that the offender has
to buy legitimate copies as well as paying any fine that is levied.
In the most drastic scenario, the SPA can get a judge to issue a warrant
to perform a raid on a company (audits, remember, are announced
by letter before the auditors show up). In such a case, a federal marshal
accompanies the auditors to protect them (in case the offending company
has a bad reaction to the auditors' appearance) and to explain that they
are authorized to be there. This sounds dramatic, but once the initial
few exciting minutes are over, the raid proceeds like a normal audit.
Who Will the SPA Act For?
The SPA is not an organization of crusaders; it looks out for the interests
of its members. This means that if a tip reports a license violation concerning
software published by a company that is not a member of the SPA, then the
SPA will not take action on the basis of that particular violation.
If the violation is large enough to pursue, however, chances are good that
the offender is violating the license of a member company as well, so the
SPA may investigate anyway. If this turns out to be the case, then the
SPA conducts an audit on behalf of the non-member company as well as the
member company. Since all fines go to the SPA rather than to the company,
this doesn't change anything as far as fines are concerned.
What Else Does the SPA Do?
The SPA's function goes beyond punishing software licensing violations.
They also provide training, educational software, and videos (including
a rap video titled, "Don't Copy that Floppy") to explain why
you should keep up licensing, and to help you do it right. To fund these
activities, the SPA relies on the fines from licensing violators as well
as the dues paid by its member organizations.
Why is Licensing a Problem?
Why is an organization like the SPA necessary in the first place? The
answer has to do with the peculiar nature of software as intellectual
property. Copying has been around as long as originals have been around.
Books, cassettes, compact discs, and videotapes are common targets. However,
the market for the originals of these products (where originals are available
and relatively inexpensive) is less easily affected because of two characteristics
of the copies:
Ô They take some effort to make.
Ô Their quality normally is lower than that of the original, and gets
worse if subsequent generations of copies are made.
In other words, a printed work usually is more readable as a bound book
than as a sheaf of photocopies, and music or video usually sounds or looks
better on the original than on copies. Where they violate copyright laws,
illegally-made copies of books or videos are also hard to distribute on
a large scale without getting caught.
Software is a kettle of fish of a different color. No matter how many
generations you make of a binary file, it's still the same file. If you
load Microsoft Word on 50 machines, the application works as well on every
machine as it did on the first. That's true even without the original disksÛif
you copy the disks over and over, the quality of the copy does not deteriorate
with each generation.
Understandably, this creates some worry for software manufacturers.
It's no good to sell the world's best software if one person can buy it
and give it to all of his or her friends. This was less of a problem several
years ago, when hard disk space was still rare and expensive; back then,
people had to keep program disks around if they wanted to use complex programs,
since the hard disk didn't have enough space to store lots of applications.
As disk space has become more affordable, the scope of the problem has
increased.
For a time, some software vendors tried using key disks (you
needed a "startup" disk to run an application), and special codes
in the manual that were needed to start an application, but these protection
means were cumbersome, so consumer demand has sent them the way of the
dodo. Software vendors now are dependent on the ethics of consumers who
buy their software, and on organizations like the SPA, to make sure that
they are paid for their product.
Summary
This chapter described various types of software licenses, provided
information to help you identify your present licensing situation, and
explained some ways that you can make sure you're fulfilling your responsibilities
to software manufacturers. You also learned about the SPA, how it polices
software licensing, and what penalties exist for certain violations.
Armed with this knowledge, you should be prepared to keep track of your
network's licenses, and make compliance adjustments as necessary.
Wyszukiwarka
Podobne podstrony:
Cisco Press CCNP Routing Exam Certification Guide AppendixLinux IPCHAINS HOWTO Appendix Differences between ipchains and ipfwadmappendixbappendix aAppendix II (2)AppendixIIIAppendixLfunction stream filter appendappendixa (3)Cisco Broadband Operating System Appendix AappendixAAppendices01 IntroEnglish Skills with Readings 7e AppendixAppendix DAppendices04 MouseAppendixGappendix e20 Appendix B Fiber Optic Standardswięcej podobnych podstron