CADP Licensing Model
CipherTrust Application Data Protection (CADP) is part of the CipherTrust Flex Connector Advanced license. It can be used with CipherTrust Manager Enterprise Edition or Trial License. CADP secures data within applications and services using its Java, C, and .NET Core development libraries.
CADP is licensed per deployed instance and is available in two variants: Centrally Managed APIs and Traditional APIs. For more information, refer to the client documentation.
Trial License
Centrally Managed APIs
Provides fully-functional CADP for 90 days with a pre-installed trial license. After the trial expires, CADP continues to operate normally; however, new client registrations on CipherTrust Manager will no longer be permitted.
This license is the default one shipped with CipherTrust Manager.
Traditional APIs
There is no support for trial licenses.
CipherTrust Manager Enterprise Edition
Centrally Managed APIs
Licenses with CipherTrust Manager Enterprise Edition is limited to the number of licenses purchased. Each client registration consumes one license.
While there is no limit to the number of configured applications on the CipherTrust Manager, registering clients beyond the procured license count results in the error: License not yet installed for feature CADP.
Traditional APIs
Licenses with CipherTrust Manager Enterprise Edition are limited to the number of licenses purchased.
Activating CADP Licenses
After you have purchased CipherTrust Flex Connector Advanced license entitlement, it must be converted to a CADP-specific license file for use with CipherTrust Manager. To do this, take your entitlement and EID to the Sentinel EMS License Portal and select CADP under Variant. Details about your EID and available licenses are available on the License Portal.
After the CADP license is activated, its state becomes Active on the Features tab of the Licensing page of the CipherTrust Manager GUI. The license is displayed with the feature named CADP.
License Enforcement for CADP
Centrally Managed APIs
Activated Connector Licenses: When CADP licenses are activated and uploaded to CipherTrust Manager, you can register clients under the applications up to the license capacity. There is no restriction on the number of applications configured on CipherTrust Manager. EVery time a CADP client is registered with an application, one license is consumed. Licenses are shared across domains, for example, if five licenses are procured, a total five clients can be registered across all domains.
License Capacity Reached: As all licenses are in use, no more clients can be registered. Users can either buy more licenses, wait for revoked clients to be removed, or deregister clients manually.
License Expired: The CipherTrust Manager GUI displays a red banner, at the top, to inform the administrator that licenses have expired. No new clients can be registered and the following error is returned:
Insufficient Add-On licenses, limit has Reached.
In this scenario, registered clients will be allowed to continue until their natural end. There is no grace period when the license expires.
Traditional APIs
License enforcement is not available for traditional APIs.
Releasing Centrally Managed CADP Licenses
Licenses can be released automatically by CipherTrust Manager or manually:
Auto release: When CipherTrust Manager deletes revoked clients, the corresponding CADP licenses are automatically released.
Manual release: Deregister clients from the application.
Caution
Manually deleting clients is an irreversible operation and is not recommended. If you need to free up licenses, consider procuring additional CADP licenses instead of deleting existing clients.
