Cisco’s Smart Licensing has sparked ongoing debate—impacting how businesses manage hardware, software, and licensing policies. As Cisco shifts gears, users are left navigating a complex landscape of compliance, entitlement, and transferability. What does this mean for your network, your costs, and even your data security?
In this post, we’ll break down the key changes, examine their real-world implications, and provide actionable insights to help you stay ahead of the curve.
Cisco's Smart Licensing has gone back to its pre-Smart Licensing state. This seems like another attempt to separate Cisco’s hardware from its software. Right now, they’re verifying the entitlement to use the software.
Think about it: Can a Cisco switch work without IOS? Nope. Without a way to configure the hardware, it’s pretty much useless. This shows that software essential for a device to function should always be transferable.
Supreme Court Justice Stevens once said, "The whole point of the first sale doctrine is that once the copyright owner places a copyrighted item in the stream of commerce by selling it, he has exhausted his exclusive statutory right to control its distribution."
Cisco argues that the first sale doctrine doesn’t apply because of Vernor v. Autodesk. But let’s think about this: Is the software on a Cisco switch more like the software in a kitchen appliance or more like Microsoft Office, which needs a license activation key before installation? A microwave does nothing without software to run it. Boxed software is different. For example, we can’t just drop a copy of Cisco’s IOS on another OEM’s box and expect it to work. The two bundled together are the product, and we can buy different bundles based on the features we need.
Smart Licensing and the Smart Licensing Using Policy (SLP) were introduced primarily to benefit Cisco's shareholders. Since Chuck Robbins became CEO in 2015, he has focused on transitioning Cisco from a hardware-centric to a software-centric company, aiming to increase the company's valuation significantly. Under his leadership, initiatives such as DNA, Cisco Prime, and Cisco ONE have been launched. However, implementing smart licensing has led to considerable time and financial costs for all parties involved.
According to Cisco, Smart Licensing was “reinventing licensing” and “transforming how we think about Cisco.” If you add it all up, Cisco’s goal was to “reinvent and transform how we think about Cisco licensing.” Do you need any reinventing or transformations around their licensing? What if we just left it as a perpetual license because, without the software, the device isn’t functional?
Beginning with IOS XE version 16.9, all hardware was suddenly required to “phone home” or check in with a Cisco cloud license validation/entitlement system known as Cisco Smart Software Manager or CSSM. If entitlement wasn’t validated, the new version of software would eventually disable the device.
The market's agreement with Smart Licensing likely went unnoticed by many legal departments of Cisco’s customers. According to their Terms of Use V5, Smart Licensing collected and stored extensive software license usage information, including product ID numbers, serial numbers, unique virtual device identifiers, equipment models, license and hardware versions, host names, IP addresses, system contacts, installed memory, installed flash, boot versions, chassis series, MAC addresses, slot IDs, card types, and card families.
At the bottom of the Terms of Use, it states that Cisco, being a global company, may need to transfer personal information both within and outside of the United States under their Privacy Statement. By using Smart Licensing, users consented to the transfer, processing, and storage of such information outside their country of residence, where data protection standards may differ. This raises concerns about which countries are involved and the global differences in data protection laws.
The Smart Licensing Using Policy (SLP) is in effect starting with IOS XE 17.3.2. At 17.3.2, we’re back to what it was like before 16.9 with a new “requirement” to report license usage to the Smart Account at some point. The “requirement” is more of a suggestion here.
Understanding the critical differences between the Smart Licensing Using Policy (SLP) and the previous Smart Licensing system is essential for adapting to the latest requirements and benefits.
It's important to know which platforms and images are affected by the Smart Licensing Using Policy (SLP) to ensure proper compliance and management.
Understanding the frequency and conditions under which reporting is required is essential for maintaining compliance with Cisco's licensing policies. Cisco’s Smart Licensing framework also distinguishes between enforcement types and export statuses, which define specific reporting requirements.
For perpetual licenses, reporting is required within 90 days if software use changes. If there is no change, no report is ever needed. This ensures that software usage is accurately tracked without imposing unnecessary reporting burdens on users.
Subscription licenses and reporting are mandatory within 90 days of any change in software use. The licensing framework now includes three defining components: License Type, Enforcement Type, and Export Status. These components determine the reporting requirements and time frames, ensuring compliance and proper license management.
Perpetual licenses are the traditional model, where a one-time purchase grants ongoing use. On the other hand, subscription licenses require periodic renewal and incur additional recurring costs. This model aligns with the shift towards software-as-a-service (SaaS) and provides flexibility in licensing options.
Licenses can be categorized as Not Enforced or Enforced. Not Enforced licenses do not require authorization or registration before use, offering ease of deployment. Enforced licenses, however, require approval, and an authorization code must be installed on the target device to enable the specified features. This ensures controlled access and compliance.
For the most part, this is a win for the market. However, Smart Accounts aren’t obsolete yet, but I suspect they will be, as reporting and the time required to manage this effort don’t add much, if any, value to the end user.
The required information to “reconcile” is:
The SLP Status output of the sho lic all command provides a comprehensive Smart Licensing Status. This output details the License Type, Enforcement Type, and Export Status for all installed software, alongside tables summarizing policy requirements and usage reporting time frames.
The system's internal timer reports daily errors in the run log related to Call Home and reporting, and currently, there is no way to permanently disable this feature. Here are key points to consider:
Recent updates also highlight critical vulnerabilities in the Cisco Smart Licensing Utility, specifically:
Action Required: Cisco has released software updates to address these vulnerabilities. It is crucial for users to:
If you discover an alternative method to disable Smart Agents, we’d love to hear from you! We’re committed to keeping this blog updated with the latest and most effective solutions.
Cisco’s Smart Licensing has reverted to a pre-Smart Licensing state, reigniting discussions about the balance between hardware and software integration. Central to this conversation are the implications of the first sale doctrine and the critical role IOS plays in Cisco switches.
While Smart Licensing and the Smart Licensing Using Policy (SLP) were designed to streamline operations, they’ve introduced complexities, from increased costs to concerns over data protection and system vulnerabilities. Addressing these challenges requires a proactive approach to ensure compliance, security, and efficiency.
Ready to optimize your network management? Contact Edgeium today to learn how we can help you navigate Cisco’s Smart Licensing policies and improve your organization’s network efficiency