A Traps license enforces the expiration date and maximum number of endpoints that you can manage (agent pool size) from the ESM Console. The license entitles you to manage the endpoint security policy, enable WildFire, and obtain support. Each database instance requires a valid Traps license.
When a Traps agent attempts to check in with the ESM Server for the first time, the ESM Server allocates the agent a license from a shared pool of licenses. All endpoints regardless of type—server, workstation, or VDI—receive a license from the shared license pool.
When the Traps agent is inactive and has not communicated with the ESM Server within the configurable license revocation period, the ESM Server automatically revokes a license from the Traps agent. If the Traps agent subsequently sends a heartbeat communication to the ESM Server and successfully connects, the ESM Server treats the agent as new and allocates the agent a new license from the pool of available licenses.
After a license for an agent (and the two-day grace period) expires, Traps protection is disabled.
To purchase licenses, contact your Palo Alto Networks Account Manager or reseller.
In earlier Traps releases, the ESM Console maintained separate license pools for each type of endpoint. To extend or allocate additional licenses to Traps agents running versions earlier than Traps 4.0, make sure you select the appropriate agent version when requesting new licenses from the Support portal.
You can manage licenses in the following ways:
- View license utilization—Use the License Capacity chart on the Dashboard to view the current utilization of all licenses across all workstations, servers, and VDIs.
- Add a Traps license—Use the SettingsLicense page to add support for additional features or users. See Add a Traps License Using the ESM Console . You can also add a license using the DB Configuration tool (see Add a Traps License Using the DB Configuration Tool ).
- Adjust the automatic license revocation period—The ESM Server automatically revokes a license from an agent after a period of inactivity. For Traps 4.0 and later releases, the default revocation period is 90 days. For older Traps agents, the default revocation period is seven days. To change the defaults, modify the License Revocation Period from the SettingsESMSettings page. For more information about ESM Server Settings, see Manage ESM Server Settings .
- Detach a license—To detach a license from an endpoint, you can Remove an Endpoint from the ESM Console . This action immediately frees up the license for use by another Traps agent and returns it to the available pool of licenses and removes the endpoint from the default view on the Health page.