Forum Discussion

Dean_Gross's avatar
Dean_Gross
Silver Contributor
Feb 08, 2017
Solved

Licensing

I have several clients who have purchased thousands of EM+S licenses, but they did not purchase a license for everyon of their employees i.e., they did not purchase licenses for employees that seldom use a computer.

 

What is the appropriate way to use and license ATA in this scenario?

  • Ophir Polotsky's avatar
    Ophir Polotsky
    Mar 08, 2017

    ECALs (https://www.microsoft.com/en-us/Licensing/learn-more/brief-cal-suites.aspx) are licsense part of https://www.microsoft.com/en-us/licensing/licensing-programs/enterprise.aspxand ATA is included on those as well.

7 Replies

Sort By
  • Ophir Polotsky's avatar
    Ophir Polotsky
    Former Employee
    Mar 08, 2017

    Hi Dean,

     

    As mentioned by Peter, the ATA product does not have flexability with regards to number of licensed seats. The licensing requirment is to have a valid license for each human user in the active-directory domain that ATA is monitoring/protecting. If the organization have seperate domain for subset of the users, they can deploy ATA to only monitor those subset domains, however, from security point of view, this is not recommended as the recommended way is to deploy ATA on all domains in the forest.

    There is an option to purchase standalone licsense for the delta of the users that does not have EMS and/or ECAL licsense.

     

    Hope this answer your question,

     

    Ophir.

    • Dean_Gross's avatar
      Dean_Gross
      Silver Contributor
      Mar 08, 2017

      Thanks for confirming my understanding and fear. I'm familiar with the EMS licensing approach, what do you mean by an ECAL license?

      • Ophir Polotsky's avatar
        Ophir Polotsky
        Former Employee
        Mar 08, 2017

        ECALs (https://www.microsoft.com/en-us/Licensing/learn-more/brief-cal-suites.aspx) are licsense part of https://www.microsoft.com/en-us/licensing/licensing-programs/enterprise.aspxand ATA is included on those as well.

  • Klaus Reiter's avatar
    Klaus Reiter
    Copper Contributor
    Mar 05, 2017

    for all other user that have no EM+S you can purchase a

    Standalone license - Open L&SA

    https://www.microsoft.com/en-us/cloud-platform/advanced-threat-analytics-pricing

  • Sten Grønning's avatar
    Sten Grønning
    Copper Contributor
    Feb 14, 2017

    EMS+ is all about identity Security and NOT pc/computer centric. One licens pr user. 

    Dean_Gross wrote:

    I have several clients who have purchased thousands of EM+S licenses, but they did not purchase a license for everyon of their employees i.e., they did not purchase licenses for employees that seldom use a computer.

     

    What is the appropriate way to use and license ATA in this scenario?

     

    • Peter Holland's avatar
      Peter Holland
      Iron Contributor
      Mar 03, 2017

      Is that not an area where Advanced Threat Analytics doesn't quite fit though?

      There is no way to exclude a user from monitoring, ATA is either 'on' or not.

       

      Re-phrasing the question would be more - Does ATA under EM+S licensing license the organisation for ATA, or users. The product architecture doesn't provide any mechanism or methodology to restrict its operation based license availability, so unless the product is to be hobbled later to add that restriction, then surely any EM+S license activates a license for ATA for the whole organisation?

       

      Some difinitive response from Microsoft would be good on this.

       

       

Resources