Professional Documents
Culture Documents
System (LMS)
Reshape.Security
Embrace Cyber Resilience
Agenda
Back Up: LMS Interaction Process
License Management
Cloud-based License Solution
Management Solution (physical and virtualized)
Hillstone Networks
Deployment Scenarios
Management • Public cloud
• Private cloud with internet access
Public Network
Authentication Process
Server 1. Customer orders the license of a VNFs and gets
the license file from Hillstone
Authentication Communication 2. Customer creates an instance of VNFs, imports
and verifies the license online
3. The instance of VNFs can be deleted, re-created or
migrated without impact to license status
vWAF
Benefits
• No management device or configuration needed
• Instant authorization and authentication
• License is independent of the virtual appliance
5 | See. Understand. Act. © 2022 Hillstone Networks | All rights reserved.
Public Network Authentication Process
Verification process
1. Import license, configure public network
Public Network LMS Server authentication, reboot virtual appliance
2. Verification is successful contingent on valid license
3. Verification fails, request continues; reboots 7 days
later
Connect
2 Piracy judgment process
Regular Heartbeat 1. Series number is already in use and import series
1 Verify
number authentication fails
2. 16 hours later, authentication of the virtual appliance
is categorized as piracy; restarts 7 days later
vWAF
Migration and Reinstallation
• Start new instance of a virtual product and import
current license
• The obsolete instance must be shutdown within 8
hours
6 | See. Understand. Act. © 2022 Hillstone Networks | All rights reserved.
Solution 2: Private Network License Management
Deployment Scenarios
• Private cloud without internet access
• Private cloud has large-scale virtualized product
deployments and needs dedicated license
License Authorization
management solution
Authentication Process
Manage • Customer orders LMS device/vLMS and licenses of
LMS VNFs
• Import licenses of VNFs
Admin • Configures LMS server for each instance of VNFs
Verify, distribute, recycle, manage • Instances connects to LMS
• LMS distributes, configures and manages all
licenses
• Adds licenses of VNFs as necessary
vWAF
Benefits
• Quick delivery and instant authentication
• Massive deployment by batch import/ export
• Flexible license distribution and management
• Ease of use and configuration
7 | See. Understand. Act. © 2022 Hillstone Networks | All rights reserved.
Private Network Authentication Process
Distribution process
1. LMS imports the license of a virtual product
2. LMS configures distribution policy
Authorization Management System 3. The instance of virtual product connects LMS
4. LMS queries useable authorization and assigns it
5. The instance of virtual product keeps session
heartbeat with LMS
Regular Heartbeat
Piracy judgment process
Connect 1. An instance of virtual product using piracy SN
2 connects LMS
1 Distribute 2. LMS makes a determination within 8 hours
vWAF 3. The instance of piracy restarts
Recycling process
1. Mark manually on management page on LMS
2. The instance of the virtual product goes offline for 7
days; the authorization is marked as idle by system
Advantages:
Public Network
Server p Resolve upgrade issue of devices that cannot access the Internet
p Convenient management of multiple signature databases
Download Database File p Convenient to upgrade the signature databases of intranet devices in
batches
p View signature database information for easy troubleshooting
Administrator
p Secure connection (over HTTPS)
Import Database File
License Management
System
(LMS)
vWAF
14 | See. Understand. Act. © 2022 Hillstone Networks | All rights reserved.
Pay-as-you-go (PAYG) Licensing
Specification LMS-30
Networks Interfaces 4 GE
vWAF LMS
1. Register
• Configure and
connect to LMS 2. Choose authorization
• After the
connection fails,
the distribution is 3. Respond and distribute
repeated in 120-
179s. 4. Delivery success
5. Record
vWAF LMS
• Configure and 1. Register
connect to LMS
• After the connection
2. Configure delivery policy
fails, the distribution
is repeated in 120- 3. Deliver authorization
179s.
6. Record
5. Confirm response
7. Issue restart according to judgment
vWAF
LMS
• Configure and 1. Verify
connect to LMS
• After the connection 2. Determine the validity of authorization
fails, the distribution
is repeated in 10-59s.
3. Verification fails
5. Restart and delete
authorization 4. Respond
3. Verification succeeds
5. Work normally 4. Respond
vWAF LMS
• Reconfigure the connection 1. Heartbeat
to the LMS
• Restart 2. Heartbeat is normal
• Every 8 hours after the first
connection
3. Respond
vWAF
LMS
• Reconfigure the 1. Verify, heartbeat
connection to the
LMS 2. Cloning judgment, no cloning
• Restart
• Every 8 hours after 3. No clone response
the first connection
vWAF
LMS
3. Reboot and 1. Choose to
delete the 2. Issue recycling instruction recycle • Manual
authorization authorization configuration
• Match the auto
• Execute LMS recycling policy
instruction 4. Delete success response 5. Record
• Disconnected
LMS timeout
6. Issue the restart instruction
according to judgment