By Vincent Brasseur
Managing Client Access Licenses (CAL), staying compliant and optimized is not an easy task. There are three main challenges that any organization will typically face: the complexity of the license purchasing options, the complexity of the related product use rights provided by Microsoft, and the lack of accurate discovery and inventory tools.
Client Access Licenses (CAL) can be purchased individually from Microsoft or in bundles called the CAL Suites. Each individual CAL is tied to a specific version of the server service. A CAL purchased for Windows Server 2008 not carrying upgrade rights cannot be used to access a Windows Server 2012 server. However, downgrade rights are always provided: a client, user or device assigned to a CAL for a specific server product release, can always access servers that carry a lesser release of the same software product. Not all server accesses require a CAL—for instance, with Exchange Server 2013, CALs are not required unless the server access is directly or indirectly authenticated by using Active Directory. For Windows server, a user anonymously accessing a Web Server hosted on the server does not need a CAL.
CAL Suites offer the benefits of significant discount compared to individual purchases and ease of management—a single license is managed compared to a group of licenses. Additional product use rights are also provided. Once a user or device based CAL Suite is purchased, it is considered as a unique license than cannot be spread across multiple users or devices. CAL Suites are not tied to a specific server product release as they contain multiple CALs tied to products that have their own lifecycle; across all CALs within a CAL suite the related server products may or may not carry the same release number. As a result, CAL Suites are not attached to specific releases of the server products and are only sold with Software Assurance (SA). If Software Assurance is not renewed at some point in time, the product use rights for the CAL Suite product will cover the latest releases of the server products available at the end of the SA coverage period.
There are two CAL Suites: Core and Enterprise. The Core CAL Suite provides many of the base CAL licenses while the Enterprise CAL Suite has most of the Additive CALs, but not all of them. For example, SQL Server CALs must be licensed separately.
(*) includes Data Loss Prevention and Exchange Online Protection
(**) Exchange Online Archiving for Exchange Server includes Data Loss Prevention and Exchange Online Protection. These are services included in the Enterprise CAL Suite since April 2013.
All the services provided with the Enterprise CAL Suite, Data Loss Prevention and Exchange Online Protection, as well as Exchange Online Archiving, are delivered with Software Assurance coverage. Stepping up from the Core CAL Suite to the Enterprise CAL Suite is possible. In a Microsoft Enterprise Agreement (EA), the CAL suites can be delivered as part of two desktop offerings: Professional Desktop Full Platform and Enterprise Desktop.
One of the challenges with CAL licenses is measuring usage. As no client software products exactly match the CAL license, desktop or laptop inventory tools do not typically provide reliable information on CAL consumption. An organization standardizing on one type of CAL—either user or device, relying on a single core CAL suite, or the EA enrollments above, may be able to calculate consumption based on their overall number or users and devices. Many organizations do not fall into this ideal scenario, however, and often own multiple combinations of the CALs mentioned above. Additionally, not all users and devices need all CALs, so optimizations are always possible by making choices between the two metrics—user or device, a Core CAL or an Enterprise CAL Suite, or specific unique CAL licenses based on usage. In these cases, assigning CALs to users or devices is required. Note that User and Device CALs can only be reassigned to new users or devices every 90 days.
There are additional complexities tied to CAL license usage. For instance, Microsoft Exchange CALs are not tied to mailboxes—one user may have multiple mailboxes and require only one user CAL; multiple users accessing a single mailbox from different devices would each need a CAL. Not all users need a CAL—in Exchange 2013, Lync 2013 and SharePoint 2013, external users – business partners, contractors or customers – are included in the application server license. Another difficulty is multiplexing—as an example, if a SQL Server instance is licensed under a Server+CALs license, each user or device accessing the SQL Server instance, directly or indirectly, must be clearly identified and counted, depending on the CAL metric used (user or device). This may be very difficult when there is a frontend application using SQL Server.
Organizations must be able to assess their license compliance position for CAL licenses. This requires a software license management and optimization tool that can keep track of CAL allocations to users and devices.
If you missed part 1 of this blog series, click here.
For information on best practices for software asset management, view our on-demand webinar: Flexera Software Customers Share Software License Management Best Practices.