Orion Network Licensing Platform – Frequently-Asked Questions
The Orion network licensing platform is at the core of all Agilis solution offerings:
- Orion OEM licenses for medium/large ISVs and cloud service providers, as well as vendors of embedded systems and hardware/software integrated systems.
- The Acropolis hosted license service, which includes an Orion OEM license.
- The technology underlying the Nephele hosted monthly subscription service that is offered to small/medium ISVs and cloud service providers. Orion is included with Nephele and most of its features are available as part of the Nephele service.
Orion is an Internet protocol based network licensing platform whose purpose is to securely and non-intrusively offer a comprehensive range of licensing models for a wide range of software and firmware applications. The following diagram illustrates the Orion system topology:
Orion consists of:
- A license server that is capable of running on any Java-capable platform, and can be accessed over any Internet-protocol network ranging from local area networks to the Internet.
- A set of language and platform specific client libraries that you integrate with your application. The client libraries communicate with the license server in order to validate and obtain licenses, and also operate autonomously for offline license checking. Language support includes Java on all Java-enabled platforms, and C/C++ for a wide range of operating system platforms on a wide range of machine architectures.
- A browser-based administration user interface that is used to manage the license server as well as licenses hosted under it. Administration functions are also available via application program interfaces (APIs) and command line tools.
- A set of language-specific software development toolkits (SDKs) that include documentation including application development and deployment guides, API reference guides and demo applications to facilitate rapid integration of your application with the Orion client library.
- Software revenue protection from piracy. ISVs that distribute installed software and don’t use an effective and secure software licensing technology lose anywhere from 10-90% of revenue due to software piracy. ISV’s that do use software licensing technology that does not include auditing capabilities also experience revenue leakage.
- Additional recurring revenue through effective monetization of hardware and software, even when copy protection is not a concern. Additional recurring revenue can be realized and previously-inaccessible customer segments can be captured with virtually any software, firmware or cloud service product through the use of software licensing technology that enables advanced features and controls their licensing policies to realize sophisticated pricing models. Embedded system vendors can additionally accomplish economies of manufacturing scale by streamlining production to a single assembly line.
- Future revenue through visibility and insight into product usage. Orion’s capabilities enable financial audits, early alerts on conditions that may impact sales and business operations, and insights into software utilization for planning product functionality and defining future business models.
The Orion network licensing platform is the foundation for all of Agilis’ licensing solutions. Orion is marketed directly to OEM customers as Orion. In addition:
- As an Orion OEM customer, you may opt to let Agilis host and operate your Orion server by purchasing an additional subscription to the Acropolis hosted licensing solution.
- Subject to a few restrictions, you may instead subscribe to the affordable, all-inclusive monthly-subscription Nephele cloud-based licensing service. Nephele includes Orion.
EasyLicenser was intended to be a low-cost legacy license key technology, and has functionality limitations inherent in license key based technologies. Since Orion can do everything that EasyLicenser can do, only better, and since we now offer a low-cost option for purchasing Orion via the Nephele cloud-based licensing service, new customers would find it made more sense to use Orion instead, had we continued to offer EasyLicenser to new customers.
We continue to provide first class support for EasyLicenser for our current EasyLicenser customers, because we understand that switching licensing solutions can be disruptive. At the same time, we do provide our current customers with the option to migrate to Nephele or an Orion OEM license. All necessary information on EasyLicenser, including download links and knowledgebase articles, are available for our current EasyLicenser customers at our support portal.
Orion is a versatile platform that can benefit any software vendor, cloud service provider, hardware / software system vendor, or embedded system vendor. That being said, and as described under Unique differentiators, Orion is especially suited for you if you are one of:
- Enterprise software vendor: Orion’s licensing capabilities support the needs of today’s enterprise software environments and pricing models more effectively than older licensing technologies.
- Embedded systems vendor: Orion’s platform reach in addition to its licensing capabilities can better address your unique embedded operating system environments and pricing models.
- Hardware / software systems vendor: Orion’s platform reach in addition to its licensing capabilities can better enable you to monetize your appliances.
- Cloud service provider: Orion’s scalable Internet deployment capabilities are ideally suited to enable you to monetize your cloud services more effectively than the simple subscription models you would otherwise manually implement.
And if you are a startup or small-business ISV, regardless of whether your licensing requirements are simple or sophisticated, our Orion-based affordable Nephele monthly subscription service is available to help you manage cash flow and risk capital outlay while providing you with a seamless growth path as your business grows.
Orion may be an unsuitable technology if your requirements fall in any of the following categories:
- You wish to license-protect document content, for example CAD designs and other intellectual property, and you are not the developer of the document content viewer software. For this, you will need to develop or purchase digital rights management technology.
- You wish to license-protect third-party applications for which you have binary code but you don’t have the source code. Since Orion requires programmatic integration at the API level, the applications cannot be integrated with Orion.
- You are looking for a point-and-click out-of-the-box licensing solution that can be deployed instantly with zero programming and a zero learning curve. We do provide high-level client library APIs that facilitate application integration in as little as a few hours and provide a high degree of encapsulation of license integration know-how; however this still requires minimal integration by a software engineer.
From a business perspective, Orion may not be a suitable fit if you are budget-constrained but you don’t qualify for the Nephele subscription service.
Notwithstanding its breadth and depth of capabilities, Orion has been designed to do simple things well, with minimal integration and configuration, and with added advantages. For example, Orion can be used effectively for basic product activation and simple floating licensing. And in the few scenarios where ISVs actually require or prefer traditional “license keys”, Orion can be used to generate what look like “license keys”.
Comprehensiveness in addressing key pain points, opening new opportunities for monetization, and providing the ability to grow with your requirements and company size put Orion ahead of its competition.
- Lost sales due to intrusiveness to the end customer. There have been well-publicized cases of commodity software vendors dropping licensing technology and never considering its use again because its intrusiveness to end customers backfired and adversely impacted sales to a greater extent than revenue loss due to piracy. In particular, customers should not be unduly restricted from effortlessly and autonomously moving their licenses among machines, particularly when using multiple devices or upgrading hardware, nor should they be required to go through complex procedures to obtain a new license after a minor hardware repair.
- Lost revenue due to ineffective copy protection. Many licensing systems, particularly legacy and home-grown “license key” based systems, are easy to hack. In many instances, the hacks are publicized over the Internet. The more secure solutions typically require expensive and inflexible hardware dongles.
- Increased operations costs due to lack of manageability for the vendor. Home-grown license key based systems typically limit their functionality to encryption and runtime validation – features such as automatic node locking, managing licenses in a database and providing simple order fulfillment, tracking, auditing and reporting facilities are typically not developed. Commercial license key based systems that do provide these capabilities are nonetheless not quite geared up for scenarios such as securely processing returns or helping customers relocate their licenses or recover them from crashed machines.
- Increased operations costs to enterprise customers due to lack of visibility into licensed usage within an enterprise. An enterprise that wishes to enforce compliance of licensed usage of a vendor’s product typically resorts to expensive manual procedures and often purchases an additional, manually-maintained, software asset tracking system to assist them with this task. This information should really be automatically maintained in an easily-accessible format in the license database itself.
- Capture otherwise-inaccessible customer segments through the use of multiple pricing models, each tailored to a unique market segment. Simple example: suppose you market high-end tax preparation software to large accounting firms. Because of your single pricing option, your customer segment is limited. By augmenting your licensing model with subscription licensing and utility pricing, you can now market the same software with multiple pricing options: (a) a fixed perpetual license for large accounting firms, (b) a monthly subscription license for small-business accountants that will use it year round, and (c) a usage-based license for tax preparers who mostly use it during tax season.
- Capture revenue from value-added features through the use of value-weighted feature licensing. Example: suppose you market enterprise software consisting of base software and a number of modules of varying value. Instead issuing a standard floating license, you can issue a composite license consisting of a master floating license combined with weighted floating licenses for individual components such that the weight of a checkout for a component reflects its value (so an enterprise customer would need to purchase more points for it for the same number of users).
- Capture additional revenue from cloud services by offering multiple pricing and licensing options and controlling the degree to which subscriptions can be shared among users. For example, you no longer have to sell a minimum-user count license, and you can price your service based on a combination of utility pricing and features and subscriptions.
- Capture additional revenue from value-added features of embedded systems and hardware/software systems, through the use of feature licensing marketed as subscriptions. For example, you can price the base system according to a fixed price and charge subscription fees for enhanced features – your assembly line manufactures a single product, yielding economies of scale at the same time.
- Define future revenue models based on insights gained into current usage of products. For example, if your licensing system tracks usage and licensing history of components of your high-end software, you can run analytics reports on your product usage in order to fine-tune your pricing model, for example to identify the smaller subset of features that can be packaged for offering to a long-tail customer segment at a lower price point.
At a general level, Orion adds security, non-intrusiveness, operational efficiency and sophistication to the capabilities that are normally expected of a high-end licensing solution. Here are a few examples.
- Product activation
Orion’s product activation capabilities allow for offline activation in addition to online activation; self-service relocation of licenses (no call center required) even in offline mode; the ability to have licenses securely returned; leased activation for revocability; and activation of complex licensing policies. There are many other benefits as well – for full details on Orion product activation, please see the licensing topic on product activation.
- Floating licensing
When using Orion for traditional floating licensing, a single Orion server instance can be used to control multiple floating license pools over a wide area network, and a single Orion server license can be issued to realize complex license configuration policies. Application don’t have to be restricted to acquiring a license at the time of startup and releasing the license upon application termination, and it is not necessary to resort to non-secure “license borrowing” gimmicks for the purpose of obtaining temporary licenses for prolonged offline usage (aka. “commuter licensing”).
- Auditing and reporting
Orion captures licensing, administration and system events on an audit trail that is online and accessible from a browser via search screens. An exhaustive set of historical and analytics reports may be run on the audit trail. The audit trail may also be downloaded and imported into any third party analytics tool for more complex analysis.
- License security and flexibility
Orion provides a higher level of security from common attacks. Search the FAQ with the keyword “Security” for full details.
The Orion product activation system’s automatic node locking mechanism utilizes a proprietary extensible fuzzy fingerprinting algorithm, which gives you the option to control the degree of tradeoff between node locking security and flexibility for the end customer:
- Maximum security: you can require that all the built-in node locking parameters, including any you may add, must match in order for the offline license to function.
- Maximum flexibility: you can require that any one of the built-in node locking parameters or your own matches in order for the offline license to function in a machine that has some hardware and / or operating system upgrades, without requiring the end customer to obtain a new license from you.
- Rapid application integration for Java and .NET applications
For Java and .NET environments, Orion includes functionally complete high-level client libraries that facilitate one-line-of-code integration in a matter of hours. The libraries encapsulate licensing integration know-how for the full range of licensing functionality such as operating in connected or disconnected environments, implementing product activation, implementing user registration forms and other data capture, etc., so you don’t have to undergo a learning curve or write extra code. The libraries include default dialog boxes and registry implementations for storage of license activation records, so you don’t have to code for this functionality and at the same time you have the option to override the default implementations with your own.
- Secure native Java client libraries, for Java applications
Many vendors natively support C/C++ but provide second class support for Java via “JNI” (JNI is a Java technology that enables Java applications to call C/C++ APIs). The problem with this approach is that (a) Java is supported only on those platforms for which the C/C++ libraries are provided by the vendor, rather than all Java-enabled platforms, and (b) JNI is less secure from client library spoofing attacks.
Orion’s Java client library, on the other hand, is implemented in native Java, and therefore runs on any Java enabled platform. Furthermore, it is obfuscated with a highly sophisticated flow-control obfuscation technology to prevent reverse engineering, and it includes a digital signature mechanism for tamper detection of the library and your integration code.
- Seamless licensing through resellers and distributors
Typically, when products are marketed via reseller and distributor channels, the vendor has little visibility into the effectiveness of the channels, other than manual reports that are run periodically as part of reporting requirements.
Orion enables you to host resellers and distributors’ license pools and delegate day-to-day licensing operations to their respective administrators, yet provide you with immediate visibility into their licensing activities. This eliminates the need for manual reporting procedures and enables you to take early action on channel performance issues.
Orion enables you to go where it was formerly not possible to do so, with important business implications. Here are just a few examples:
- Internet-hosted floating licensing. You can offer your enterprise customers floating licenses over the Internet, even from behind firewalls and over slow / unreliable networks. This capability yields two important benefits:
- Reduced operations cost. It completely eliminates the operational logistics to you of redistributing a license server to your end customer environment, providing support for such redistributed server installations, and distributing floating license keys to your enterprise end customers. It also eliminates the operational logistics to your enterprise end customers of installing and operating a license server, installing floating license keys, etc. At the same time, you can delegate day-to-day administration of the floating license pools to the respective end customers’ administrators and control their privileges.
- Visibility into your product usage. Your end customers’ licensing activities are recorded in a central audit trail that you can use to run business intelligence reports and conduct audits. Reports may be run across all your customers’ licenses in order to obtain a bigger picture of your product usage, for example to discern trends, identify product feature usage for product planning purposes, and facilitate sales forecasting.
- Enterprise license pools. For enterprise customers that purchase a pool of fixed (as opposed to floating) licenses, you can make the pool available to their administrator and let the administrator manage their licenses within the overall constraints of the pool parameters in self-service mode. The administrator may choose to allow any user within the enterprise to activate their license, or register specific users that are authorized to activate a license. The end users obtain their license through automatic, non-intrusive product activation when they can connect to the license server, and through self-service offline product activation when disconnected. End users can also return and / or relocate their licenses in a secure and non-intrusive manner. In either case, it is not necessary for your operations team to register one license per end user in the enterprise – you define a single pool-level license. You can accomplish this regardless of whether you host the license over the Internet or redistribute the Orion server to your end customer. All this is possible because of Orion’s underlying anonymous-user product activation and license relocation features. Two important benefits result from this capability:
- Reduced operations cost. Operations costs are lowered for you because your operations team issues a single license for the entire pool. Your end customer also benefits from the lowered operations cost associated with issuing individual licenses, because their end users can autonomously obtain and return individual licenses in a non-intrusive manner. When you offer enterprise pool licensing over the Internet, both you and your enterprise customer benefit from elimination of the overhead of redistributing and supporting a license server installation.
- Improved enterprise customer experience. The end users of the enterprise are not inconvenienced by software licensing consideration (they don’t see “license keys”, and they can move licenses among machines without having to go to their administrator), and the enterprise administrator is likewise not burdened with the administrative overhead of having to register a license for each and every end user or to reshuffle the allocation of licenses unless and to the extent that such control is desired.
- Scalable, multi-modal licensing over the Internet and wide area networks. The Orion server’s communication protocol is based on HTTP, and supports communication through firewalls, HTTP proxy servers and DMZs (demilitarized zones). The protocol is stateless, as license state is securely persisted at both ends: unlike all competing floating license servers, there are no heartbeats between the application and the license server when functioning as a floating license server, and both the application and license server are not required to be simultaneously running for the purpose of keeping each other honest. The license server is architected for scalability from the ground up, and can support millions of concurrently active licenses per license database on average hardware. The same license server can simultaneously support multiple license models such as named-user licensing and floating licensing. Individual licenses can be locked to remote machines for minimum time periods if desired, to reduce sharing of licenses. Taken together, this enables you to achieve the following improvements to your business models and processes:
- Effective monetization of cloud services through licensing technology. As a cloud service provider, you can monetize your services more effectively, because (a) you can utilize commercial licensing technology that scales with your user population, (b) you can reach new customer segments by offering alternate pricing models such as utility pricing and software rentals, and by not having to define minimum-user-limit subscriptions (a quirk that is ordinarily driven by the inability to control sharing of user licenses in small-business environments), and (c) you can charge differently based on the value of the remote device that is used to access your cloud service (for example, a tablet could be be charged differently from a smartphone, and a Mac or PC can be charged differently from a Chromebook).
- Licensing of cloud services to both individual users and enterprise customers from the same service. As a cloud service provider, you no longer have to support two distributions of your product: a cloud service for individual users, and a redistributed product for your enterprise customers (made worse when you also redistribute a floating license server with your product).
- Reduced cost of operations for global enterprise licensing. When your global enterprise customer requires that you redistribute the Orion server to their premises rather than access it over the Internet, you customer does not have to host an Orion server instance on each separate local area network, and you do not have to issue multiple sets of floating licenses. A single central license server installed at your enterprise customer’s primary data center can manage licenses globally or on a per-site basis, and your enterprise customer’s administrator can autonomously manage and adjust sub-pools of licenses for individual sites or user groups without your involvement.
- Comprehensive embedded system platform support. Orion has available an ANSI C/C++ based “porting SDK” for its C/C++ client library for rapid portability to a wide range of platforms, including embedded system platforms, that fall outside the already-comprehensive list of standard C/C++ platforms that are supported out-of-the-box. Under the porting program, the Orion client library has been successfully ported to esoteric platforms such as VxWorks, raw flash memory hardware, and embedded Linux in a very short amount of time and for a modest fee.
- Unified solution with single application integration. A single application integration with the Orion client library is sufficient to accommodate a wide range of licensing models such as floating licensing and product activation. That is, it is not necessary to perform a separate integration (and issue a separate product edition) for individual licensing models. The benefits to you as an ISV that sells your product with multiple pricing models are:
- Reduced engineering cost and complexity resulting from a single source code base.
- Reduced deployment and operations cost and complexity resulting from a single binary distribution. The licensing mode for the common binary is driven by the license and its configuration parameters, so for example an end customer who purchases a single-user license can update to a floating license simply by purchasing and obtaining a new license without having to download and reinstall a new product version.
- Sophisticated real-time alerts and monitors. The Orion server can be configured with a set of rules that you define in order to have designated individuals or systems receive alerts in real time for licensing and administration events of interest on object of interest. If the built-in email alerts are insufficient, you have to define and install custom event handler plug-ins into the Orion server. The benefits of the event alerter and monitoring capabilities are far-reaching. Here are just a few examples:
- Proactive sales opportunity management. Your sales representatives (in addition to your customers themselves) can receive early-warning alerts for expiring licenses, as well as licenses approaching concurrent-license limits, both in real time and according to a monitoring schedule that you define.
- Outbound back office integration with CRM, ERP and billing systems. Events occurring in the license server in response to daily usage can push pertinent data to back office systems. For example, a manual addition of a license to the server can synchronize a CRM system’s record of user licenses, or a billing system can record hourly rental metered usage for the purposes of computing a utility bill, or your CRM system can receive user registration information from your customers as they activate their licenses.
- Security early warning alerts. An administrator can be alerted to failed authentication attempts and other security breaches in real time.
- Complex license configurations. Complex pricing models are realized without having to code for them: at the time of license generation, you can directly configure the complex licensing policy under a single license, and at the time of license activation, the single license is activated. The Orion server manages the complexity and atomicity of the entire set of licenses, whether these are a combination of named user licenses and / or multiple floating licenses, each with individual licensing policies.
- Futureproof. In addition to packing capabilities such as the above that are often beyond those that may initially be required but could be useful over time, extensibility is in Orion’s DNA: license record structures are extensible, Orion’s server functionality is extensible via server-side plug-ins, and Orion’s high-level client library is extensible.
- Growth-friendly pricing for startup and small business ISVs (with Nephele subscription service). An ISV startup with an unproven business model and limited funding can begin with a Nephele starter subscription on a monthly subscription basis with no minimum commitment term, seamlessly grow through the various Nephele subscription tiers while retaining the benefits of monthly subscription, and then transition to an annual subscription Orion OEM license after sales have matured. Throughout the entire lifecycle, there is no change to the application or back office integration with Orion, or disruption to operations personnel or to existing customers.
Any application for which you own the source code and can integrate with an external API in one of our supported programming language and platform environments (Java, multiplatform C/C++ and ActiveX) can be license-enabled with Orion. The following is only a small sample:
- Desktop applications – consumer, enterprise, connected, disconnected
- Server applications – multithreaded, multi-process, clustered, enterprise, cloud services
- Hardware / software appliances
- Embedded systems running real time embedded operating systems or even firmware having no operating system at all
- Desktop application plug-ins and modules
- Server application plug-ins and modules
- Cloud service applications
- Cloud-based mobile applications running on tablets and smartphones
- Applications that are implemented in programming languages that cannot call out to Java or C/C++, as well as C/C++ applications for platforms that we don’t support or for which a custom port of the Orion client library is not an option (for example a 16-bit platform). See for our list of supported programming languages and platforms.
- Mobile applications that are standalone or for which complex device-level standalone licensing is required. Note, however, that cloud-based mobile applications can be license-enabled through the cloud server.
- Third party applications for which you do not own intellectual property rights to the source code for integration purposes. In particular, binary applications for which source code is unavailability cannot be license enabled with Orion. Provided you have the rights to distribute the binaries, you can build an “application launcher” wrapper application that you integrate with Orion; however, the licensing will not be secure.
- Passive document content, or active document content that cannot call out to one of the available Orion client libraries. You can license enable Microsoft Office documents via VBA macros.
Yes. Orion enables you to do node locking, machine authentication and user authentication by proxy from a server. So your server application can impose licensing policies on devices that connect to it even though the devices themselves have not been integrated with any licensing technology.
Orion supports all of the following licensing and pricing models, including complex permutations and configurations of the models across model type and individual license IDs. License models that are unique to Orion and unavailable in competing products are highlighted in italics.
- Per-user license. This is the traditional “product activation” license model. A “user” can be a server. Orion’s product activation capabilities include the ability to enable the user to securely and autonomously return (deactivate) and / or relocate their licenses, and the ability to do so with no network connectivity to the license server.
- Floating anonymous-user concurrent-user-limit based license. This is the traditional “floating license”.
- Floating named-user license. These are identified and registered licenses that users can move with them instead of being permanently tied to specific machines. Unlike floating anonymous-user licenses, these are registered in the license server through administrative action.
- Enterprise license pools - both named and anonymous. These are licenses that are allotted to an enterprise end customer as a single pool entity, and autonomously managed and allotted among internal users by the end customer’s administrator.
- Weighted floating license. This is the traditional “floating license”, except that different weights can be assigned to different types of users or devices, to more accurately model their value.
- Absolute time limited licenses with warning thresholds and grace periods. These are conventional time limited licenses that expire at a specified date.
- Relative time limited licenses with warning thresholds and grace periods. These are licenses that support delayed activation – their expiration date is determined at the time of first activation rather than at the time they are created.
- Quota limited licenses with warning thresholds and grace periods. These are licenses that define limits on the amount of usage according to criteria defined by you.
- Leased licenses with duration control. This enables you to control the license lease duration (independent of expiration date), enabling functionality such as automatic subscription licensing with revocability, and controlling the degree of sharing of licenses among end users.
- Complex license configurations that are combinations of the above, for multiple entities. This means, for example, that you can implement complex pricing models such as a master license with multiple sub-licenses with individual concurrent-user limits and other licensing policies, distributed and consumed as one unit.
Agilis can host the Orion server as part of the Acropolis license hosting service. Alternatively, you can host the Orion server at your data center on average hardware running any Java-enabled operating system, for example Windows or Linux. You may also redistribute the Orion server to your enterprise end customers, who may similarly install it on average-capacity hardware running any Java-enabled operating system. For certain categories of server applications, you can even embed the Orion server directly into your application.
The Orion client library is available for the following programming languages:
- Java, on all Java-enabled platforms supporting the Java 1.5 or later runtime.
- C/C++, on 32-bit and 64-bit of Windows-Intel, Linux-Intel (3 different types of distributions), Mac OS X universal binary (Intel, PowerPC), Solaris (Intel and SPARC).
- .NET languages (C#, Visual Basic .NET, etc.) on Windows-Intel, via ActiveX unmanaged DLL.
- Any programming language capable of calling out to one of the above languages (for example, Ruby, Python, Perl, etc.)
The conventional floating license model enables an ISV to sell a product based on a concurrent user limit as an alternative to selling the product based on seat licenses. The ISV distributes a floating license server that is installed at an end customer’s premises, and provides licenses for the server that constrain the limit on the number of instances of active applications that run on the end customer’s network. Whenever an instance of the protected application is started, it checks out a floating license from the license server, which maintains an in-memory reference count of active requests. While the application is running, it periodically issues heartbeats to the license server in order to let the license server know that it is still running and in order for the application to be assured the license server has not been disconnected to bypass license checks. At the time of orderly application termination, the application checks in the floating license. In the event of an application crash, the license server frees the application’s license upon detection of missed hearbeats. When an application wishes to check out a license for offline use, it does so by proxy – a “borrower” application performs the checkout on behalf of the application.
Conventional floating license systems have a long list of functionality limitations, deployability issues and security vulnerabilities. Among others, the license lifetime is limited to application execution time which is not necessarily what is required; there is no concept of named user licensing; it is trivial to oversubscribe floating licenses, particularly for “borrowed” licenses; it can realistically be deployed only in LAN environments owing to the chatty stateful protocol and the inability to operate in WAN / VPN environments without significant configuration; it does not scale; it is not a high-availability system; an application that is to be sold with both per-seat licensing and floating licensing requires two separate integrations resulting in two separate binary distributions; and several others.
Several floating licensing systems based on the above model and architecture are commercially available. ISV’s rarely develop their own. Orion is an example of a commercial solution that adopts a radically different approach to floating licensing in order to overcome the above limitations and provide additional capabilities. It is important to note, however, that Orion can be used in degenerate mode to provide the above familiar simplistic floating licensing capability.
The word “floating” translates into the ability to move licenses among machines at a relatively high frequency. This is as opposed to product activation of perpetual or relatively long duration licenses. It also means the absence of an explicit manual step to activate or deactivate licenses – the act of running an application automatically triggers the acquisition of a license (but only as needed – the license may be locally cached in persistent store), and inaction for a configured timeout automatically triggers its release (but a manual immediate-release mechanism is also available). The license can continue to be retained while the application is not running.
The term can apply to automatic anonymous users that don’t require pre-registration by an administrator. It can also apply to explicitly-registered named users. A valid floating named user can always acquire a license because it is preregistered, whereas a floating anonymous user can acquire a license only if one is available in the pool.
Orion’s floating licensing capabilities provides several benefits including:
- Deployability to WAN’s, VPN’s and hosted Internet environments, in addition to traditional LANs. This capability translates into reduced deployment and operations costs for enterprise licensing, since floating license pools can be hosted. It also enables floating licensing for cloud-based services.
- Floating named-user license model: where pre-registered named users can move their license among machines relatively frequently.
- Tunable degree of float: the ability to decouple the license lifetime from application execution time and provide a superior end customer experience, for example for commuter licensing.
- High availability, scalability and licensing security resulting from an architecture that is based on relational database technology and a stateless communication protocol that does not involve heartbeats between application installations and the license server. This enables high-volume floating licensing for cloud-based services.
- Elimination of the need for a “license borrowing” mechanism for prolonged offline license usage: the license is merely acquired and cached for the desired extended duration.
- Support for “weighted” floating licensing, where different categories of users check out a number of points from the pool that reflect their value – for example a checkout for a user in an administrator role may consume 10 times as many points as a guest user. This enables additional monetization options involving selling a number of points reflecting total value that may be divvied up by the customer according to requirements.
- Support for complex licensing configurations: you can issue a single license that defines a complex configuration of multiple inter-dependent or independent floating licenses (as well as fixed licenses, if desired), and your application can perform a single checkout on the entire complex configuration.
- Single application integration for product activation and floating licensing: if you sell to individual end customers as well as enterprise customers, you do not need to perform two separate integrations with two separate licensing technologies. A single API integration enables you to distribute a single binary for both customer segments – the specific license identifier and parameters will dynamically control the licensing mode for a specific installation.
Yes – with automatically-available scalability, security and deployability benefits.
The Orion client library has the capability of communicating through HTTP proxy servers. For your enterprise customers, you also have the option of distributing the Orion server for use as a zero-configuration license proxy server that can be installed in a DMZ and mediate licensing traffic between your application installation and your hosted Orion server.
Floating licensing requires network connectivity at the time of activation and deactivation, since these are relatively frequent operations compared with product activation – therefore, typically offline activation and deactivation might not be feasible. The Orion client library does provide an “overdraft” mechanism that allows continued operation for a limited time in the event that a network connection is unavailable for a few hours.
The redistributed Orion server is itself license protected with Agilis’ licensing technologies, to define tamper-proof license parameters, protect from oversubscription, define end customer administration constraints based on the degree of trust, among others.
Old way: you use our EasyLicenser license manager product to generate Orion license keys which you distribute to your end customer administrator, who installs the key on their local Orion server installation. As part of this process, you may need to obtain node locking information from your customer for the machine on which they will be running the Orion server. Returning and relocating licenses is based on trust.
New way: you use your Acropolis-hosted Orion server to manage automatic product activation of your redistributed Orion servers. Using the Orion administration UI or a back office integration, you can define a redistributed Orion server license on your Acropolis-hosted Orion server and provide your end customer administrator with the license identifier. Your end customer administrator uses the Orion administration UI or equivalent tool to activate their license. Subsequently, the administrator may autonomously relocate their license, update their license, recover their license from a failed machine, and realize most of the benefits of standard Orion product activation. Your operations team is not impacted by these actions.
Your back office system can programmatically communicate with Orion’s administration API’s to add or update license pools in a number of ways including SOAP or REST based Web Services APIs, Java APIs, CGI or command line scripts.
Your administrator can run the following types of reports using the Orion server’s administration UI or the equivalent administration API or command line tools:
- Operational reports:
These are reports on the current state of the system – for example, what are the currently checked-out users in a license pool what are the license pools, which machine originated a specific checked-out license, etc. - Historical reports:
These are reports on the history of events pertaining to licenses – for example, when was a license pool created and by whom, what checkouts occurred over time for a given machine, etc. The reports are run against the Orion server’s audit trail, which tracks all licensing and other events occurring over time. - Analytic reports:
These are aggregate reports on the audit trail that are run to obtain analytic information. Orion supports 1 (count), 2 (count by entity / over time) and 3 (count by entity and over time) dimensional analytic reports.
When using the administration UI, you can view a report output on the screen or download it in one of several file formats including CSV.
The Orion server has a “concurrent user sampler” job that runs at configured schedule intervals and samples all or selected license pools for their concurrent-user high watermarks. The samples are recorded in Orion’s audit trail. By running a historical report on the audit trail using the Orion administration UI or its underlying API or command line tool, concurrent user sample trends can be plotted over time for individual pools.
The above-mentioned concurrent user sampler raises alerts on pools that are approaching capacity limits, as a side effect. Orion’s event alerter can be configured to alert administrators of the event in response to this alert.
Instead of / in addition to redistributing the Orion server to your enterprise customers, you can host the Orion server yourselves, or let Agilis host Orion as part of the Acropolis license hosting service. If you are subscribing to Nephele, the license server hosting is included as part of the Nephele service. In either case you are hosting the floating license pools and you don’t need to distribute the Orion server to your end customers.
With an OEM Orion license, you can manage millions of floating licenses from a single Orion service database on average hardware – and Orion can simultaneously host multiple service databases.
With a Nephele license, the capacity limit is based on the Nephele subscription plan that you purchase. See the different Nephele Licensing Tiers for details.
Internet-based product activation is a replacement for traditional “license key” based systems and is now commonly used in the software industry.
Product activation is a system that is based on license identifiers, also referred to as key codes or product serial numbers. In response to fulfilling an order, or making a distribution-media copy as part of the physical distribution-medium manufacturing process, an ISV creates a unique key code. The key code is registered in a license server that is hosted by the ISV. When an end user installs the product, the key code is provided to the program. Either at the time of installation or upon first licensed use, the application contacts the hosted server over the Internet to communicate its keycode and introspected machine identification information to the server. The server first verifies that the key code is not already in use for a different machine, and if not, grants the activation request by recording the machine identifier in the server and returning an encrypted string, variously referred to as key, key string or product key, which the application stores in the registry. Subsequently, whenever the application is run, it looks up the key string in the registry, decodes it and verifies it is valid and for the machine on which the application is running. In the event that Internet connectivity is not available at the time of activation, the user has the option to complete the activation over the phone or using a web browser: the application produces a code that the end user is instructed to call in or provide to a self-service page, and receives the product key in response.
The primary value of product activation over legacy license key based systems is automation of the node locking process for the purpose of simplifying the logistics of product media distribution and order fulfillment. This is about the extent of the benefit of product activation with most commercial systems. As described below, Orion extends the benefits of product activation in a number of areas that provide the benefits of reduced operations cost and added security through entire licensing lifecycle, in addition to enabling capabilities such as revocable licensing that are not possible with legacy key based systems.
Several product activation systems are commercially available, with the basic capability described above. ISV’s rarely develop their own. Some systems provide mechanisms that enable end users to return their license and reacquire it on a new machine in self-service mode. Some systems enable end users to obtain their licenses in offline mode via phone or web browser. Few product activation systems provide capabilities such as leased licensing, the ability to exchange large amounts of licensing information between the license server and the application, or the ability to implement revocable licensing. Orion is an example of a commercial solution that provides extended capabilities, as described below.
Orion’s capabilities, over and above automatic node locking and offline activation, include:
- Secure, self-service license return / recovery / relocation by end users: your end customer can autonomously and effortlessly return their license or move their license from one machine to another, including recovering licenses from failed or lost machines, without having to contact your operations staff. This is true even when the end user is obtaining a license while disconnected from the Internet.
- Leased, revocable licensing: you can require your licensed installation to periodically (and automatically) renew their license lease. In the event that you wish to update license parameters (for example to add a feature) or revoke the license, you can revoke the license on the server. In either case, the updated license policy automatically takes effect upon the next license lease.
- Enterprise product activation: for enterprises that purchase a pool of licenses, individual end user licenses don’t have to be pre-registered – instead, under a master authorization, end users may activate licenses from the pool.
- Arbitrary data exchange between end customer environment and license server: over and above licensing related information transmission, information may be pushed to the end customer environment, which may push back information to the license server. This may be at the time of activation, deactivation, or anywhere in between. This is useful, for example, to push promotions to end customers, or push user registration forms and capture entered data.
- Secure and flexible node locking: Orion’s node locking system enables locking on multiple hardware and operating system parameters such that the degree of strictness of node locking parameter match is controllable by you – you can either require highly secure node locking, or permit highly flexible node locking that functions even if some of the hardware and / or operating system components have changed.
- Single application integration for product activation and floating licensing: if you sell to individual end customers as well as enterprise customers, you do not need to perform two separate integrations with two separate licensing technologies. A single API integration enables you to distribute a single binary for both customer segments – the specific license identifier and parameters will dynamically control the licensing mode for a specific installation.
In essence, yes, and with added benefits. There are however two fundamental differences, both of which stem from Orion’s philosophy and can (against our recommendation) be overridden with a little customization by you:
- The auto-generated license activation record is long, and can range anywhere from a few hundred bytes to tens of kilobytes depending on the volume of information content. When performing offline activation, this information cannot be relayed over the phone and manually typed in – the offline activation is necessarily file based. This is due to the extensive licensing content that is stored in the activation record and gives Orion its high level of licensing capabilities. Even if the content could be shrunk to a smaller size, manually communicating and typing in anything more than a few characters is error-prone and therefore increases the cost of operations.
- Similarly, the auto-generated fingerprint used for obtaining an offline license can be long (especially when our machine fingerprinting technology is used for node locking) and necessitates a file-based transfer.
Therefore telephone and IVR based offline activation mechanisms are not supported out-of-the-box, unlike some competing solutions.
The following diagram illustrates the typical product activation system topology with Orion:
Please view the Orion product activation video here.
The Orion client library has the capability of communicating through HTTP proxy servers. For your enterprise customers, you also have the option of distributing the Orion server to operate as a zero-configuration license proxy server that can be installed in a DMZ and mediate licensing traffic between your application installation and your hosted Orion server.
In the event your application is not permitted even this level of secure communication, your end customer may use a web browser that does have external connectivity to perform activations and deactivations in offline mode. Failing this option, your end customer may as a last resort exchange files with your operations staff to complete the activation transactions.
Your end customer activates their license by specifying their license identifier in a dialog box or configuration file and running a “activate license” command (which may be a UI button). There is no need for them to send you machine parameter information. It is also not required for the activation to be part of your product installation process.
Similarly, your end customer deactivates their license (for example, to autonomously move it to another machine) by running a “deactivate license” command, which doesn’t have to be accompanied by an uninstallation of your product.
When no Internet connection is available to the application, your end user can, with appropriate integration, exchange files with a browser connected to your Orion server in order to perform their activation / deactivation without involving your operations staff.
The same as for individual end users, with the difference that instead of specifying a license identifier per installation, your enterprise end customer references a common license pool identification.
Your enterprise end customer administrator sets up a common license pool identifier for their pool of enterprise end users that has been set up for them by your back office staff or system.
Your back office staff’s involvement can range from zero involvement to involvement by exception. If your back office systems are integrated with Orion for order fulfillment and your end customers autonomously activate and deactivate their licenses online or with a browser, your operations staff are not involved at all. If your back office staff manually registers and updates licenses, they are involved at the time of order fulfillment only. To the extent that your end customers do not have Internet connectivity from their applications and they do not have the option to perform offline activation and deactivation with a browser, your back office staff will manually process the offline activation and deactivation requests.
You have the option to build your own offline activation mechanism user interface and / or mechanism.
Your back office system or staff updates the license parameters on the license server, and (if necessary) notifies the end user that their license is updated. Upon the next automatic or manual push-button reactivation, your end customer has the updated license.
With the appropriate application integration, your end customer can effortlessly move their licenses autonomously among their machines. Typically, your end customer installs your software on multiple machines but activates their license on one machine. To move their license, the user performs a one-click deactivation of their license on the active machine, after which they can perform a one-click activation of their license on the new machine.
The license transfer events are recorded in the license server’s audit trail.
You can configure the licenses in the server to define a minimum activation period before which an attempted license deactivation will fail.
In conjunction with leased licensing, and with appropriate application integration, your end customer can run your application on a new machine and “hijack” the license from the previous machine. If in fact the machine had not crashed, its license will nevertheless stop functioning.
Alternatively, the administrator, who may be your administrator or your enterprise customer’s administrator, may (if granted the appropriate privilege) free the license on the server so that the end customer can reactivate it on another machine.
With appropriate application integration, and in conjunction with leased licensing, you can simply disable the license on the server, which will cause the next lease renewal to fail and disable the application installation.
Your back office system can programmatically communicate with Orion’s administration API’s to add or update user licenses in a number of ways including SOAP or REST based Web Services APIs, Java APIs, CGI or command line scripts.
Your administrator can run the following types of reports using the Orion server’s administration UI or the equivalent administration API or command line tools:
- Operational reports:
These are reports on the current state of the system – for example, which licenses have/ have not been activated, which licenses are expired, etc. - Historical reports:
These are reports on the history of events pertaining to licenses – for example, when was a license created and by whom, from what machine was a license activated, the history of activation and deactivations of a specific license, etc. The reports are run against the Orion server’s audit trail, which tracks all licensing and other events occurring over time. - Analytic reports:
These are aggregate reports on the audit trail that are run to obtain analytic information. Orion supports 1 (count), 2 (count by entity / over time) and 3 (count by entity and over time) dimensional analytic reports.
When using the administration UI, you can view a report output on the screen or download it in one of several file formats including CSV.
Two capabilities in the Orion server support this requirement:
- License-expiration daemon: this is a background job that runs on a schedule specified by your administrator and monitors all or specific sets of customer licenses specified by your administrator for time-limited or metered licenses that are about to expire or have expired according to default thresholds, or thresholds explicitly specified by your administrators. Alerts are raised in response to qualifying user licenses and are communicated in a number of ways, the default communication channel being email.
- Your administrator can run reports to obtain lists of user licenses that meet specified search criteria, including expired and expiring licenses. The reports may be run from the Orion server’s administration user interface and downloaded, or it may be run using the equivalent administration API or command line tool.
You can host the Orion server yourselves, or let Agilis host Orion as part of the Acropolis license hosting service. If you are subscribing to Nephele, the license server hosting is included as part of the Nephele service.
In the event that you sell to large enterprises that insist on hosting Orion at their premises for some reason, you have the option to redistributed the Orion server under an OEM license for the purpose of enterprise product activation, in a manner similar to the floating licensing scenario. In this scenario, you will also need to distribute the enterprise pool license to your customer’s administrator.
With an OEM Orion license, you can manage millions of licenses from a single Orion service database on average hardware – and Orion can simultaneously host multiple service databases.
With a Nephele license, the capacity limit is based on the Nephele subscription plan that you purchase. See Nephele’s Licensing Tiers for details.
Orion provides defenses against the following common licensing security attacks, to name a few:
- Copying a license activation record from one machine to another in order to bypass copy protection.
- Rolling back the system clock in order to reuse expired time-limited licenses.
- Rolling back license state data in order to reuse expired quota-limited licenses.
- Becoming an Agilis customer and manufacturing free licenses for products whose vendors are themselves Agilis customers.
- Eavesdropping on the communication between an Orion client and license server, decoding license parameters and then spoofing the license server with one’s own server that unconditionally grants licenses.
- Recording the encrypted communication of a successful license request and grant between an Orion client and license server, and then playing back the communication against the license server so as to obtain a valid license for an unauthorized copy of the same application.
- Misrepresenting that a license is lost due to a crashed or lost machine in order to obtain additional licenses.
- Replacing the licensing client library with a spoofed library that unconditionally passes license checks.
- Hacking the application binary code to bypass license checks.
- Unauthorized license server access over the Internet for license poaching.
For complete details, please see more information on Orion’s security protection {COMINGSOON}.
As an evaluator or subscribing customer, you can download the appropriate platform-specific Orion client SDK from the technical support portal. The SDK includes the Orion client library itself, together with an application development guide, an API reference, application notes, and source and binary code for demo applications that illustrate how to utilize Orion functionality in order to achieve common licensing scenarios.
The fastest way to perform an integration is to adapt the source code from the appropriate demo application to your own application integration. Depending on the complexity of your licensing requirements and your choice of API, the actual process of application integration can be expected to range from as little as an hour, to days or weeks. Most of the time will be spent in defining requirements and determining the licensing schema and work flow.
The Java and .NET client libraries provide two levels of functionality:
- A high level client library that enables one-to-two lines of code application integration of complex licensing functionality including product activation, floating licensing and offline activation. The library encapsulates all license integration know-how and includes all the necessary built-in dialog boxes and registry storage. You have the option to override the built-in user interfaces and storage mechanisms with your own.
- A core client library that requires more work but provides maximum flexibility. When using the core library, you are responsible for file IO and dialog boxes if needed.
The core library is inherently non-interactive, non-blocking and multithreadsafe, and can be used with server applications. The Java high-level client is non-blocking, and can be parameterized to be non-interactive and multithreadsafe so that it too can be used with server applications.
A C/C++ application is integrated with the respective core C/C++ Orion client library. On Windows, the C/C++ application is able to use the high level .NET / ActiveX client library.
Orion provides the following options for programmatic inbound integration of back office systems with the Orion server (ie. for back office systems to call into the Orion server):
- A direct Java administration API, suitable for access from a servlet that you write to receive HTTP POSTs from external systems. The administration API supports license setup and update operations as well as running operational reports, auditing and analytic reports.
- A set of command line tool wrappers around the direct Java administration API for command-line administration of the server. The command line tools are CGI-friendly and shell-scripting-friendly.
- A SOAP based Web Services API for remote integration from any system or environment capable of issuing SOAP messages. Wrapper Java API and command line tools are also available as a convenience. The API mirrors the direct Java administration API in functionality.
- Similarly, a REST based Web Services API for remote integration from any system or environment capable of issuing HTTP POSTs. Wrapper Java API and command line tools are also available as a convenience.
Orion provides the following options for outbound integration of the Orion server with back office systems (ie. for the Orion server to call out into back office systems):
- A custom event handler plug-in architecture. You can develop custom plug-in’s that are invoked in response to events according to Orion’s event alerter configuration rules. The custom plug-in’s can implement arbitrary server-side functionality, for example to send messages to a CRM system in response to user license activations or license-expiration warning conditions.
The Orion server includes a browser-based administration user interface that can be used from anywhere over the Internet where there is connectivity to the license server. The administrator user interface provides two categories of functionality:
- System management: manage the license server system itself, including configuring licensing-oriented host access control rules, configuring and managing background administration jobs such as automatic backups, audit trail space management, polling for data samples and early warning conditions, etc.
- License management: manage the actual licenses and license pools.
Because the license administration functionality is surfaced via a Java administration API, you also have the option to develop your own custom administration user interface.
For standard deployment scenarios, the Orion server is installed through a single-step unzip of a zip file. No server configuration is required except for registering Orion as an operating system service, and possibly configuring the Java memory for supporting large user license populations.
The default Orion server management parameters are designed for lights-out 24×7 operations from the moment the license server is installed. For example, license database backups are preconfigured to automatically run daily, the audit trail runs daily and maintains a 30-day audit trail log, etc. An administrator takes manual steps only in the event that the defaults need to be changed, or explicit event alerter rules need to be defined, or specific object groups need to be specified for polling or cleanup, etc.
Orion can run and scale well on an average hardware configuration. For extremely demanding performance and capacity requirements, for example if Orion is hosting millions of extremely active licenses for cloud application environments, the memory and CPU core requirements will of course be higher than usual, but not exorbitant.
For the monthly-subscription Nephele cloud service, the Orion license fee is included in the Nephele subscription fee, and is based on the concurrent-user-license limit plan that you select. See the Nephele home page for details.
For the Orion OEM license, we use a value-based annual subscription pricing model. Value is measured in the annual revenue from software and hardware products and services that directly or indirectly benefit from license protected with Orion. An annual subscription fee is based on revenue tiers – you report the revenue tier into which your annual revenue falls, and we quote you the corresponding annual license fee for the renewal term. The minimum revenue tier is also influenced by the overall revenue of your company, and may be higher than the actual protected products revenue tier if you are a very large company having annual revenue far exceeding your protected revenues.
Our Orion OEM pricing is similar to our leading competitor but is significantly higher than lower-end solutions. Our Nephele subscription licensing solution, while offering substantially all of Orion’s functionality, is priced competitively with or below all but the lowest-end license key based systems.
If the business case warrants it, we’re open to a perpetual license or alternate custom pricing models, provided the fee is adjusted based on actual usage at some level, and has a correlation with value that is measurable through a verifiable metric. However, this is exceedingly rare and only under special circumstances (for example when Orion is used for a purpose other than protecting revenue).
We are interested in serving OEM customers that can benefit from our unique differentiators – in such scenarios, an apples-to-apples comparison is not possible and we cannot accommodate a price match. In a commodity-licensing context where your licensing requirements are very basic, you may consider our low-cost Nephele subscription licensing service if it matches your parameters and you qualify.
If the business case warrants it, we are open to offering substantial first-year subscription discounts as an incentive for transitioning to Orion. This is over and above the complimentary technical services we will provide you to implement an incremental customer transition strategy that mitigates risk due to any technical or organizational factor.
If the Nephele monthly subscription service does not apply to your situation, we can nevertheless accommodate a custom payment schedule on a case-by-case basis;; bear in mind, however, that a payment schedule will be somewhat more expensive overall than paying the annual license fee up front.
Provided you limit the use of Orion for its intended purpose (ie., for license management) and you do not use Orion’s extensibility capabilities as a conduit for storage of your own encrypted user-level data, you are not required to obtain an export permit merely by virtue of integrating your product with Orion.
The encryption software used by Orion is not subject to export control laws per U.S. Department of Commerce Bureau of Industry and Security’s Export Administration Regulations publication “Commerce Control List Category 5 – Information Security” published March 5, 2003. Per the applicable ECCN 5D992, Orion is exempt because of its use of encryption exclusively for the purpose of software copy protection. A license is currently required for export to Sudan, Syria and North Korea, and special steps are required for export to Cuba, Iraq and Rwanda. This list may change over time. There are no restrictions, licenses or special procedures required for you to export Agilis’s products to any other country. For further details, please see http://www.access.gpo.gov/bis/ear/ear_data.html and also see the complete description of export regulations at http://www.bis.doc.gov.
The process for an Orion evaluation and purchase of an OEM license is as follows:
- You can submit a request to have an Agilis sales representative contact you to walk you through the process, or (if you’re ready to move forward) submit a pricing quotation / evaluation request form that will enable us to provide you with a quotation and / or obtain clarifications.
- If Orion appears to be a fit from a functionality, budgetary and timing perspective, we will set up an Acropolis service for you for evaluation purposes, and we will provide you with access to our support portal, which will provide you with the download links to the appropriate Orion client SDKs. In the event that it appears that Nephele is a more suitable fit, we will direct you to the Nephele self-service evaluation web page.
During the evaluation period, we offer a complimentary web presentation specific to your requirements, in addition to being available to answer your questions. In parallel, we will provide you with a copy of our standard license agreement and pricing quotation, so that finer business-level and legal details can be identified and addressed in advance.
The complimentary evaluation period is ordinarily 30 days. Should your requirements be complex and require a considerably longer evaluation period, you may purchase a developer license. - Upon satisfactory conclusion of the evaluation, we will move forward with the signed agreement and delivery / setup of our licenses to you. A complimentary review of your licensing architecture is available to you should you choose it. Any custom porting, custom development or other professional services are also initiated at this time.
Following purchase and until you are in production with your application and back office integration, we will periodically follow up with you so as to ensure you have a successful experience with Orion.
Business case permitting, we do offer all of the above as a supplement to a standard Orion OEM license on a time and materials basis. Note however that:
- Orion is sufficiently adequately documented and our standard technical support is sufficient to enable you to perform your own integration and internal training. We are always available to answer technical questions and provide integration tips.
- For all custom porting and custom development activities that involve developing derivative works of Orion, Agilis retains exclusive intellectual property rights to the derivative works as well as Orion itself.
Acropolis license hosting service – frequently-asked questions
Acropolis is hosted licensing solution offered by Agilis that includes the Orion network licensing platform. Therefore, it is important to understand what Orion is and what it does. You may refer to the Orion home page and the Orion frequently-asked questions sections for detailed information on Orion.
Acropolis is an Agilis-hosted Orion licensing service in the cloud for Orion OEM customers. It is for you if you require a hosted Orion license server but you don’t wish to incur the operational and / or capital overhead of physically installing and operating an Orion server installation.
Acropolis supports Orion’s product activation and Internet-based floating licensing capabilities on both connected and disconnected systems.In addition to hosting all the necessary hardware, operating system and license server at a Tier 1 data center, an Acropolis subscription includes services for managing license server uptime, setting up and managing license databases and services, and maintaining your license with Agilis. Browser-based user interfaces are provided for self-service license entitlement, auditing and reporting over the Internet. You can also automate license generation, reporting and administration from your back-office systems via REST and SOAP based Web Services and other APIs and command line integration tools. Optional operations and integration professional services are also available.
Acropolis is about two key value propositions: (a) virtually eliminating risk of license server down time (and hence business down time), and (b) controlling the infrastructure and operations costs associated with operating a hosted license server.
- Eliminate risk of license server downtime: Agilis is accountable for ensuring the uptime of the Acropolis-hosted Orion license server, as well as for maintaining backups and ensuring data integrity of your license databases.
- Control operations cost: Acropolis eliminates the need for you to allocate operations personnel to configure and operate the license server for optimum performance and high availability.
- Eliminate infrastructure cost: Acropolis eliminate the cost of purchasing, setting up and operating the associated hardware, operating system and license server infrastructure, and
- Accelerate application / back office integration: your developers can be productive and focus on application and back office integration immediately – they do not need to be concerned with installing and configuring the Orion license server, or with monitoring the server and managing its uptime.
The value associated with downtime risk is hard to quantify but can be extraordinarily high when you factor in the impact of downtime on customer retention and your brand image. The value associated with infrastructure and operations cost is the savings in staffing operations personnel, which is a fixed cost. The value associated with having fewer moving parts for your developers to impede getting started with integration is an added bonus.
All hosted licensing capabilities that are supported by Orion are possible when Orion is hosted under Acropolis. In particular, hosted product activation, hosted floating licensing, hosted enterprise pools and all variations and permutations are supported in both online and offline mode.
You would not consider Acropolis if any of the following applies:
- You only need to redistribute the Orion server to your end customer sites and you license your Orion servers in legacy mode (using EasyLicenser’s license generation mechanisms for licensing the Orion servers themselves). The redistributed Orion servers will in any case be autonomously managed by your end customers’ administrators for their end users’ license pools. If you license protected your redistributed Orion servers with Orion, an Acropolis subscription is mandatory. See the Orion product page for an explanation of how the redistributed Orion server is license protected.
- You already have a data center and a capable system administration staff with available resources to operate the Orion license server.
- For any reason, you do not wish / are not allowed to have your end customers communicate with any server other than your own.
- You have unusual capacity and performance requirements that are ordinarily not met with a Linux-based hosted machine.
You would opt for an Acropolis solution instead of an Orion OEM solution if any of the following applies:
- You need to redistribute the Orion server to your end customer sites and you license your redistribued Orion servers with Orion. Your Acropolis hosting service would be used for the redistributed Orion server license protection. Note that in most real world scenarios, redistributing a license server is not necessary – a hosted Orion server can manage floating and enterprise license pools for multiple end customers over the Internet even in secure network environments.
- You do not have a data center or a capable system administration staff with available resources to operate the Orion license server.
No, Acropolis is specifically intended for hosting an Orion server, for Orion-protected applications. Any application that is integrated with a third party licensing system does not interact with an Orion server. However, if you leverage an Orion server for “tunneling” the distribution of legacy license keys through Orion licenses for operational efficiency, then it may make sense – this will, however, entail integration of your license delivery mechanism with Orion.
The data centers are located in the US. Export control laws are per those that apply to Orion. Specifically:
The encryption software used by Orion is not subject to export control laws per U.S. Department of Commerce Bureau of Industry and Security’s Export Administration Regulations publication “Commerce Control List Category 5 – Information Security” published March 5, 2003. Per the applicable ECCN 5D992, Orion is exempt because of its use of encryption exclusively for the purpose of software copy protection. A license is currently required for export to Sudan, Syria and North Korea, and special steps are required for export to Cuba, Iraq and Rwanda. This list may change over time. There are no restrictions, licenses or special procedures required for you to export Agilis’s products to any other country. For further details, please click here and also see the complete description of export regulations.
Your administrator is still responsible for administering your customer licenses and the associated license configurations. Agilis only handles the operational aspects and ensures uptime of the license server and your license service database.
As part of the core and premium services, your administrators may:
- Login to the Orion server with product administration privileges and manage your license pools and licenses as well as view your audit trail.
- Login to the Orion server with system administration privileges and manage your system job schedules such as backup frequency and retention periods, audit trail purge frequency and retention periods, define event alerter rules, subject to capacity and throughput limits and constraints that we configure.
As part of the dedicated services, your administrators also have full root access to the Linux server machine hosting the Orion server, and may upload backup files, restore files from backups, install custom Orion server plug-ins, and are subject to more lax constraints and limits.
Absolutely – that is one of the key benefits of subscribing to the Acropolis service. As part of the Acropolis service, you are entitled to an elevated response time priority for uptime issues. Regardless, it is a priority for us to ensure that the server is available 24×7 – and on the rare occasions when we do recycle the server for software updates, it is for very short periods over the weekend.
Agilis utilizes a monitoring system in order to receive an early warning on license server downtime, so that more often than not we can preemptively detect and resolve the issue before you are aware of it. The license server uptime status is posted on the technical support portal page.
You would submit a service request ticket on our support page and / or call our technical support number 24 x 7, and we will respond within a stipulated period in accordance with the SLA in effect, providing you with an update on what to expect next and when, and / or provide workarounds if any, or report that the issue has been resolved.
In the event of a prolonged outage (for example, in the event of natural disasters or other uncontrollable factors, whether at your end or ours), we will at your request provide you with the resources to host Orion with the latest backup of your license database.
The Acropolis-hosted Orion server is configured to create daily backups by default, and backups are retained for a 30-day retention period by default. Your administrator can override defaults subject to constraints that we configure. In the event of corruption for any reason whatsoever, Agilis will restore your database to the last available backup.
Acropolis is hosted at a secure Tier 1 data center that is equipped with redundant hardware and power supplies, RAID disks and Internet backbone connections, appropriate firewalls and network security systems designed to protect from denial-of-service and other attacks. A monitoring service is used to ensure 24 x 7 uptime.
The Acropolis core and premium hosting service tiers use a single Orion server instance. To date, ever since Acropolis was launched in early 2007, unscheduled Orion server downtime under Acropolis has been exceedingly rare and has never lasted more than an hour. Scheduled downtime has occurred less than a few times a year, primarily for the purpose of upgrading the Orion server software version, and has never lasted more than 15 minutes on a weekend. You can expect an uptime of at least 99.84%, corresponding to a maximum down time of 1 hr per month.
That being said, Orion is capable of being configured for failover, although we have not found a reason to do so. Configuration for failover is however an option under the Acropolis dedicated hosting service tier.
The hosting options for Acropolis are available in three packages: medium-capacity core management services that are adequate for the large majority of ISVs, high-capacity premium management services that address the requirements of ISVs with large and complex sales and distribution models, and dedicated management services for ISVs with customization requirements. The core and premium management services are hosted in a multi-tenant Orion server. The dedicated service is assigned a dedicated Orion server and machine. The pricing is incorporated into the Acropolis OEM License fee.
View this matrix to see the specific services and features that are available for each hosting package.
Core Services |
Premium Services |
Dedicated Services |
|
Dedicated server |
|
|
x |
Multitenant server |
x |
x |
|
Unlimited capacity1 |
|
|
x |
High capacity2 |
|
x |
x |
Medium capacity3 |
x |
x |
x |
Hosted product-activation licensing (named and anonymous) |
x |
x |
x |
Hosted concurrent-user (aka. “floating”) licensing |
x |
x |
x |
Hosted enterprise license pools (named and anonymous) |
x |
x |
x |
Hosting of branded / custom administration user interfaces4 |
|
|
x |
Support reseller / distributor sales models |
|
x |
x |
Failover configurations4 |
|
|
x |
Custom Orion server plug-ins4 |
|
|
x |
Yes, as of April 2013. Note that prior to April 2013, Acropolis and Orion were offered as distinctly-priced solutions, and an Orion license subscription was a prerequisite for an Acropolis subscription. Since it made no sense to separately purchase an Acropolis hosting subscription, Acropolis has been redefined (and correspondingly repriced) to include an Orion subscription. There is no net impact on the license subscription fees paid as a consequence of the redefinition.
You can upgrade your Acropolis subscription, including to a dedicated server package, at any time. You can also downgrade your subscription provided your usage fits within the parameters of the downgraded package. Setup fees apply, and the subscription fees for the hosting component of your license are pro-rated, with a credit applied for the unused part of the subscription fee previously in effect. If you purchased an Orion OEM license, you can upgrade to an Acropolis license at any time following the initial Orion OEM license purchase. For example, suppose you purchase an Orion OEM license today and you decide to host your own Orion server. A year later, you may upgrade to an Acropolis subscription starting with a core hosting service tier, and migrate your Orion service database to Acropolis. Six months later, you may decide to upgrade from the core hosting service tier to the premium hosting service tier due to an unanticipated increase in capacity requirements.
You will need a dedicated-server Acropolis subscription if you have any of the following requirements:
- You wish to develop and install custom Orion server plug-in’s such as custom event alerters.
- You wish to configure multiple Orion server installations for failover / disaster recovery.
- You wish to support a distributor sales model, or for any other reason require multiple Orion service instances.
- You wish to brand your service with your own logo and user interface (note: branding and user interface customization are performed as part of Agilis’ implementation professional services for a fee).
Data is owned by you. You may selectively export and download your data at any time while your subscription is in effect. Should you decide to downgrade your Acropolis subscription to an Orion OEM solution and host the Orion license server yourselves, we will provide you with access to your database, which can effortlessly be migrated to your Orion server installation. Of course, you will still need an Orion OEM license in order to host the Orion server.
Prospective Orion and Acropolis customers
When you evaluate Orion as a prospective customer, we set up an Acropolis service for you as part of the evaluation process. Therefore you are able to evaluate Acropolis at the same time that you are evaluating Orion. After the evaluation period, should you decide to move forward, you will have the option to purchase either an Orion OEM license or Acropolis subscription. If the latter, you will have the option to select the Acropolis hosting service tier at that time. Should you choose instead to purchase just an Orion OEM license and host Orion yourselves, you will have the option to download from your Acropolis subscription a backup of your database that you may have populated during the evaluation before we disconnect your Acropolis service.
Existing Orion OEM customers
If you are an existing Orion OEM customer and you wish to upgrade to Acropolis, we can set up an Acropolis service for you for a quick sanity-check evaluation prior to purchase, both to verify that your application can in fact communicate with a license server and service other than your hosted server, and to satisfy you that the Acropolis service does what it’s supposed to.
At the time of purchase, we will assign you an Acropolis service level and quote you an incremental annual subscription fee and one-time setup fee that depends on the state of your current hosted system, and we will prorate the annual subscription fee so that the renewal date coincides with the Orion OEM license subscription renewal date.
There are a few technical prerequisites for your existing application to be able to connect to the Acropolis-hosted service:
- The license server URL specification needs to be parameterizable – you would provide the Acropolis URL parameter value to your existing customer installations.
- Especially if you are subscribing to the core or premium hosting service tier, the Orion service name needs to be parameterizable – you would supply the service name assigned to your account to your existing customer installations. This could be an issue since many applications hard-code the default service name – if so, you will need to issue an update to your software product and incorporate the parameterization / new hard coding of the service name in your application.
Hard coding of the new service name will not lock you into the Acropolis, but hard-coding of the Acropolis URL will.
Nephele Cloud-based Subscription Licensing Services – Frequently-Asked Questions
Nephele is in essence ecommerce-enabled Acropolis offered as a monthly subscription. Therefore, it is important to understand what Orion is and what it does (refer to the Orion home page and the Orion frequently-asked questions sections), as well as what Acropolis is (refer to the Acropolis home page and the Acropolis frequently-asked questions.
Nephele is in essence the the equivalent of the Orion license server product + Acropolis hosted licensing service, offered as a monthly subscription cloud service with self-service and email-based technical support and subject to a few qualification requirements and limitations in functionality and services.
Nephele’s key value proposition is affordability, convenience and management of risk capital if you are a startup or small company ISV or cloud service provider and you are in the process of validating or building market share for your product or cloud service for which you wish to utilize software licensing technology. Nephele provides these benefits without requiring you to compromise on licensing capabilities or otherwise impairing your company and market share growth.
Nephele enables you to start with as little as US$195/month, with no minimum commitment. As your revenue grows and your licensing capacity requirements grow, you can successively upgrade to larger-capacity monthly plans without disruption, and when your company has matured you can effortlessly migrate to a standard OEM Orion license.
Nephele is intended for you if you are a startup or small-business ISV and you want to manage capital risk and control cost for licensing technology while building market share for your products. The specific business qualifications are:
- You are a private company with annual revenue under US$10m.
- You are a software or cloud service ISV.
- You license your product such that your eventual end user or end-point device counts as one user license, even if you market server products or devices (ie. you don’t license protect an entire server with a single user license).
- Your protected product or service is priced below US$25,000 perpetual / US$500 monthly, or equivalent.
- You have a sufficiently technically-savvy development team capable of integrating your product with a third party API. Note that we do provide a self-service support portal as well as technical support services via a ticketing system.
For the most part, the full range of Orion functionality and platform support are available to Nephele customers. Just the following Orion capabilities are currently not available with Nephele:
- Support for .NET applications.
- Fuzzy machine fingerprinting libraries for flexible multiple-parameter node locking.
- Support for redistributing Orion license server installations to your enterprise end customers. Note however that Nephele enables you to host floating licenses over the Internet.
- Support for outbound back office integration from the Orion server to external systems. Note that inbound backoffice integration is supported via REST based Web Services APIs.
- Availability of the Orion license proxy server for use as a forward proxy server for client-side high network availability and access from secure networks. Note however that the Orion client libraries provide direct support for industry-standard HTTP proxy servers.
View the comprehensive list here.
The functionality restrictions are primarily due to technical factors, and will largely be removed over time.
Availability of the following services require a standard Orion OEM license ie. they are not available under Nephele:
- Technical support under an Service Level Agreement with guaranteed response times.
- Custom porting services for non-standard C/C++ platforms.
- Custom development, training, integration and other professional services.
- Live phone support.
Not at all – it only means that your installed applications (or web browser, if performing offline activations) connect to Nephele over the Internet for activation and deactivation of licenses. It so happens that Nephele is a perfect fit for license-enabling cloud services owing to its Internet-centricity and scalability and good citizenship in a cloud-based ecosystem.
If you’re a small company, you may find it to your advantage to subscribe to Nephele. But if you prefer you can certainly purchase a standard Orion OEM license instead.
No – you can issue licenses of any duration, with any features and quota limits – so long as you’re aware that your end customer installation won’t be able to talk to the Nephele service after your subscription is terminated.
No – you can issue licenses of any duration, with any features and quota limits – so long as you’re aware that your end customer installation won’t be able to talk to the Nephele service after your subscription is terminated. This does mean that you can issue perpetual non-leased licenses while your Nephele subscription is in effect, and the licenses will continue to function after you cancel your subscription.
The data centers are located in the US. Export control laws are per those that apply to Orion. Specifically:
The encryption software used by Orion is not subject to export control laws per U.S. Department of Commerce Bureau of Industry and Security’s Export Administration Regulations publication “Commerce Control List Category 5 – Information Security” published March 5, 2003. Per the applicable ECCN 5D992, Orion is exempt because of its use of encryption exclusively for the purpose of software copy protection. A license is currently required for export to Sudan, Syria and North Korea, and special steps are required for export to Cuba, Iraq and Rwanda. This list may change over time. There are no restrictions, licenses or special procedures required for you to export Agilis’s products to any other country. For further details, please click here and also see the complete description of export regulations.
Your administrator is still responsible for administering your customer licenses and the associated license configurations. Agilis only handles the operational aspects and ensures uptime of the license server and your license service database.
As part of the Nephele service, your administrators may:
- Login to the Orion server with product administration privileges and manage your license pools and licenses as well as view your audit trail.
- Login to the Orion server with system administration privileges and manage your system job schedules such as backup frequency and retention periods, audit trail purge frequency and retention periods, define event alerter rules, subject to capacity and throughput limits and constraints that we configure.
Yes. Agilis utilizes a monitoring system in order to obtain an early warning on license server downtime, so that more often than not we can preemptively detect and resolve the issue before you are aware of it. The license server uptime status is posted on the technical support portal page.
You would login to our support portal and check the posted status of the license server, optionally adding your email address to a notification list. In the event that you are the first to detect the down condition (ie. it wasn’t preemptively detected and resolved by us), you may submit a service request ticket on our support page.
Although the Nephele support agreement does not stipulate a guaranteed response time, it is a priority for us to ensure that the server is available 24×7 – and on the rare occasions when we do recycle the server for software updates, it is for very short periods over the weekend.
The Nephele-hosted Orion server is configured to create daily backups by default, and backups are retained for a 15-day retention period by default. Your administrator can override defaults subject to constraints that we configure. In the event of corruption for any reason whatsoever, Agilis will restore your database to the last available backup.
Like Acropolis, Nephele is hosted at a secure Tier 1 data center that is equipped with redundant hardware and power supplies, RAID disks and Internet backbone connections, appropriate firewalls and network security systems designed to protect from denial-of-service and other attacks. A monitoring service ensures 24 x 7 uptime.
Nephele uses a single multi-tenant Orion server instance per cluster of ISV accounts. Based on our experience to date with the Acropolis hosting service, we anticipate the uptime to be in excess of 99.84% without the need for a failover configuration.
That being said, Orion is capable of being configured for automatic failover; this an option under the dedicated hosting service tier as part of an Acropolis license.
Nephele is a monthly subscription with a starter tier priced at US$195/month that is intended for new product introductions by startups, and three higher-capacity tiers priced at US$995, US$1,995 and US$4,995 per month, for products offered by startups and small business that are in the various stages of market adoption prior to achieving maturity. Note that this is limited-time promotional pricing.
The objective behind introducing Nephele is to address the cash flow constraints of startups and small-business ISVs and at the same time provide a seamless growth path as products go through the various phases of market validation, early adoption and mainstream adoption.
As a startup, you integrate your application and back office systems once with Orion, and you set up your distribution systems once. Thereafter, as you grow, the only change you make is to upgrade your subscription plan. In particular, you do not have to make any initial compromises on the quality and functionality of your licensing solution for financial reasons and then revisit your licensing strategy after your products gain traction in the marketplace. At the same time, your capital risk is controlled in the event that a product that you offer does not gain market traction.
We don’t have a specific date; however, the promotion is for a limited time after which the fees will be higher.
By subscribing now, you can lock in the promotional subscription rate for the service tier that you are currently signed up for as well as all tiers above it ie. your promotional subscription fees are grandfathered so long as your subscription is uninterrupted.
You will be notified and your services will automatically be upgraded and fees adjusted at no extra charge.
As long as your subscription continues uninterrupted, the subscription rates for your current subscription tier as well as all tiers above it are grandfathered.
Currently we’re not set up for annual payments for Nephele subscriptions. Note however, that you can purchase an annual OEM Orion license.
Provided you meet the qualification criteria and you do not require features that are unavailable under Nephele, and your application is parameterized for service name and license server URL, this may be an option as an alternative to discontinuing use of Orion based licensing altogether due to cost (for example, if your product has not yet gained sufficient market traction). The mechanics of the transition would be:
- At the time of renewal of the annual Orion subscription, you would choose to not renew.
- You would sign up for the appropriate Nephele subscription tier. If your product is already in production, you would select the option to skip the 30-day trial.
- For a nominal fee, we would migrate your license database to the Nephele Orion server.
Data is owned by you. You may selectively export and download your data at any time while your subscription is in effect. Should you decide to cancel your Nephele service and host Orion yourselves, we will provide you with access to your database, which can effortlessly be migrated to your Orion server installation. Of course, you will still need an Orion OEM license in order to host the Orion server.
All you need to do is to sign up for an evaluation. The sign-up page explains the process. Essentially, you have a thirty day trial period that begins upon signup, after which you begin the subscription for the package that you selected. Immediately upon signup, you will receive instructions for accessing and logging in to your Orion server, together with login information for a support portal that provides you with download links to the Orion client libraries. The support portal includes a constantly-updated knowledgebase with helpful information for development and operations, as well as a ticketing system for submitting and managing problem reports, service requests and technical inquiries.