Posts Tagged: ‘safelinx’

Licensing Update: Introducing CCX, External User Entitlements

23. September 2020 Posted by Uffe Sorensen

This year, HCL Digital Solutions has developed a modern per user licensing model for Domino – HCL Domino Complete Collaboration Business Edition (a.k.a. “CCB”). CCB has helped facilitate the momentum and growth in the Domino customer base and new user adoption and we’re proud to announce the completion of CCB licensing with the introduction of an eXternal user entitlement – the “CCX” Authorized User.   

CCB: Simplifying HCL Domino Licensing 

CCB is a key step in our journey to provide one license model for HCL Domino, eliminating the uncertainty of server capacity and sub-capacity (PVU) licensing. 

  • A simple “Per User everything model” – use any client and any protocol for any server capacity to run all applications – including enterprise e-mail (HCL Verse). 
  • Transparent license compliance management by simple user counting. 
  • Adding appropriate capabilities to the core Domino environment under CCB entitlements – like HCL SafeLinx 1.1 which is now entitled for all CCB users.  
  • We recently added a Guest user entitlement to permit web applications to run on CCB licensed servers – vastly improving the value of CCB. (This blog post contains updates to the announcement, “HCL Complete Collaboration (CCB) Guest Licensing” from July 29, 2020)

More capabilities will be provided using a simple “add-on” scheme for CCB licensing, which now includes: 

  • Domino Volt: Can be extended to all CCB users at renewal or new CCB license sale   
  • Sametime v11.5: Can be extended any time after v11.5 becomes available to all CCB users 
  • CCX: Per user add-on for external users 

Introducing CCX  

CCX is an add-on to a CCB entitled Domino environment extending applications to external users at an attractive per user price. Hence, we now distinguish between internal users – who must be licensed under CCB (as always) – and CCX entitled external users.  

Employees or contractors must be CCB users, who cannot be replaced by CCX. CCB is a prerequisite entitlement enabling all code install/download & product support. Use of Domino Volt extends to CCX users at no additional cost, if added to the base CCB license.  

CCX users are functionally restricted to using Domino or Domino Volt applications and workflows but cannot create applications themselves. Nor can a CCX user have a personal mailbox but can use task/functional mail for workflow routing or applications generating mail.  

CCB Guest Users: What’s New 

Since the announcement in July 2020, we have thoroughly analyzed and discussed many customers’ use cases and now enhanced the value of authenticated/logged-in web users to permit a predefined maximum level of Domino application access (ACL) as “Reader.”  

Counting Users for License Compliance  

CCB/CCX require Authorized User entitlements for any user who has credentials to access the system.  For both CCB and CCX, the required license volume for compliance is determined by counting directory entries in the Domino directories and accessible LDAP directories permitting users to log-in. Simple mail routing entries or credentials on the Domino Denied Access list are not included in the counts. 

As of now, you simply count the entries in the Domino Directories/linked LDAPs permitting users to log-in. Any entry or LDAP tagged as “External” will be counted as a CCX user and all other credentials make up the CCB count.  If Guest user log-in credentials are in the same directories/LDAP they must be tagged as “Guest” and excluded from the count.  

No employee or contractor in the Enterprise can be CCX or Guest but must be CCB. It is our intention to automate the counting for Domino v12 by enhancing the included Domino License Tracker tool to produce an internal license compliance report, however, the report is not automatically shared with HCL.  

CCB/CCX Users’ Rights and Capabilities

Access to Domino Servers Licensed under CCB A/U Entitlement 

Effectively immediately, customers with HCL Domino Servers deployed under CCB Authorized User entitlements can be accessed by Licensee’s entitled CCB Authorized Users, CCX Authorized Users and Guest Users under the CCB entitlement. 

In addition, HCL Domino Servers deployed under CCB Authorized User entitlements may participate in mail routing (SMTP), directory lookup and authentication (LDAP) for non-HCL Domino programs and permit access to free/busy time calendar information. 

More Information 

HCL has made the following changes to the CCB license based on customer and partner requests to facilitate: 

  • A read-only external or internal web site for Guest Users.
  • A simple way of providing tailored content to specific Guest Users. 
  • Eliminating the need for server capacity (PVU) based licensing through the introduction of a specific External User license. 
  • Permitting External Users in the Enterprise B2B value chain to participate in Domino based applications and workflows. 
  • Using Domino Volt for External Users in general, as well as for data collection through surveys for anonymous Guest users.  
  • Clarifying licensing for mail and calendar interoperability in multi-vendor scenarios involving our partner’s solutions.    
     

HCL plans to update the formal CCB/CCX V11.0.1 License Information can be found here when CCX becomes available later in September 2020. This announcement reinforces CCB/CCX as the licensing platform for Domino customers, allowing more customers to upgrade to CCB and the model for all new customers. 

If you have any questions about this announcement or have any licensing questions, please contact your HCL product specialist or Business Partner. 

Useful Links:  

Related Blog Posts: 

Frequently Asked Questions 

Q: How are CCB/CCX users counted? 

A: You simply count the entries in the Domino Directories/linked LDAPs permitting users to log-in. Count entries/LDAP tagged as “external” as the CCX user count and deduct this number from the total number of entries which becomes the CCB count. The Denied Access List is excluded from the counts.  

CCB and CCX can reside on same server or as administrator decides – counting is always across all Domino Directories in Licensee’s enterprise.  CCB includes an unlimited entitlement for Guest users. If logged-in Guest user credentials are included in the Domino Directories tagged as “guest” they are excluded from CCB/CCX counts. No employee or contractor in Licensee’s Enterprise can be CCX or Guest.  (The current Domino License Tracker tool for v12 will produce an internal report to assist you with license compliance, but it is not automatically shared with HCL.) 

Q: I am using an earlier Domino license model. How do I switch to CCB/CCX?  

A: CCB licensing is a superset of prior Domino licensing. When CCB licensing is established replacing active Domino licensing, CCB can provide the entitlements that were in place for the Domino Servers and various clients. To support the user constituents, you may need both CCB/Guest and CCX entitlements to match your current use cases, but you can continue to use deployed software. 

Q: I just need a Domino server for apps, no need for mail or other features. 

A: Mail routing is intrinsic to Domino and to many apps that run on the platform. For simplicity, full mail functionality is included with CCB and functional/workflow mail is included with CCX. You don’t have to use the mail functionality but it is part of your entitlement. 

Q: Can I still just license mail? 

A: The mail-only licensing of Messaging CAL/PVU, Messaging Express will remain as such. However, you can fully replace your mail entitlements with CCB/CCX and include Domino Volt to gain significant additional value for your users. 

Q: What is included with CCB and what are add-ons? 

A: CCB licensing includes entitlement to HCL SafeLinx 1.1 for all CCB servers and CCB/CCX users as well as limited use Sametime and Connections Files & Profiles for all CCB users.   
Add-ons include:   

  • Sametime Premium when v11.5 becomes available around November 2020 
  • Domino Volt for all CCB users at a simple uplift (also extend to all CCX users for no additional charge).  Domino Volt includes HCL Enterprise Integrator and HCL SAP Connector which is entitled for all CCB servers when upgraded with Domino Volt ! 
  • CCX on a per External User basis 

Q: What is a CCB user permitted to do? 

A: CCB users are entitled to all aspects of Domino applications and enterprise e-mail and add-ons per above, without license restrictions on what users are permitted to do. CCB users can create and participate in apps and workflows to any level set by Domino Administrators. 

Q: How do you restrict CCX and Guest users’ access to applications? 

A: We use the Domino “Access Control List” (ACL) – all Domino databases/applications has an ACL which map access levels to users. The access level is a classification limiting which tasks a user can perform in the database – Manager, Editor, Author, Reader, Depositor, No Access – these classes are just labels, not verbatim. To fully understand permitted use cases, refer to the product documentation of ACL. (Note: Existing applications and standard templates may need customisation to fully support Guest users.) 

Q: Why is a CCX user permitted ACL level up through Author? 

A: CCX users can fully participate in, and use (not create) Domino apps and workflows (including Domino Volt if added to CCB.)  Hence, maximum ACL level is “Author” access, which is typically assigned to users who need to contribute documents to a Domino database – and authenticated users can edit their own or other designated content. CCX is for authenticated, external users only and not permitted for any employee or contractor in the Licensee’s Enterprise! 

Q: Why is an anonymous Guest permitted ACL level up through Author? 

A: Anonymous Guests are web users, who beyond browsing a web site are permitted actions like submitting a contact form, participating in a web survey, posting anonymous blog content, etc. “Author” access is typically assigned to users who need to contribute documents to a Domino database just like CCX users, however, being anonymous they cannot edit any content, nor access individualised content. 

Q: Why is a logged-in Guest permitted ACL level up through Reader? 

A: Under ACL control, “Reader” access allows controlled creation of documents by using public access forms. Logged-in Guests authenticating with HTTP/LDAP are typically a dynamic, ever increasing volume of users visiting your web site, registering to gain access to community content, special interest forums, initiating workflows, etc.  “Reader” access is typically assigned to users who are only permitted to read documents in a database and/or using public forms to create documents. This case is for authenticated, external, limited use only, and not permitted for any Employee or contractor in the Licensee’s Enterprise!  
For external users needing any higher level of access, you must purchase CCX entitlements. 

Disclaimer – HCL’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at HCL’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard HCL benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multi programming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here. 

The post Licensing Update: Introducing CCX, External User Entitlements appeared first on HCL SW Blogs.

New Release: HCL SafeLinx 1.1, – Secure VPN Services for Cloud or On-Premise

3. September 2020 Posted by Ketan Godhaniya

At HCL, we understand that securing your network is a topmost priority. HCL SafeLinx provides remote users with secure web-based and client-based access to enterprise applications and today, we’re excited to announce that the latest release of HCL Safelinx 1.1.

For Domino customers using HCL Nomad, SafeLinx v1.1 enables you to securely access your Domino apps on a phone, tablet, or desktop browser without the need of an additional VPN.

Introduction of HCL SafeLinx

SafeLinx uses standards-based protocols to enable secure access from mobile computing devices outside the firewall to business applications and data on your organization’s internal network.

SafeLinx supports an extensive list of standard Internet Protocol (IP) and non-IP wireless bearer networks, server hardware and operating systems, and mobile security protocols. Remote users can connect to your internal network from a range of desktop, notebook, and handheld mobile devices and operating systems.

Top Product Features

  • Client and clientless access
  • Network choices: Supports a worldwide selection of wireless and wireline network technologies, enabling a worldwide scope of connectivity. Cellular, LAN, satellite, dial-up, radio (IP, non-IP)
  • Authentication: Multiple strong authentication options (Radius, Secure ID, LDAP, Active Directory, Certificate)
  • Encryption DES, Triple DES, RC5, AES and FIPS 140-2-certified
  • Network Optimization and Scalable and Reliable

Customer Benefits

  • Supports all major platforms: Windows, Linux, iOS and Android
  • Best enterprise VPN with reverse proxy capabilities
  • Mobility clients and Distributed Administration – Gatekeeper
  • Dedicated mobile app for Android and iOS
  • Two-way secure authentication
  • Supports seamless, non-disruptive cross-network roaming
  • Quick and easy deployment of servers and agents

What’s New in HCL SafeLinx 1.1?

This new release includes improved functionalities of VPN and reverse proxy and support for TLS 1.3. View documentation on SafeLinx 1.1 here.

For all Notes Domino Complete Collaboration cCustomers, SafeLinx v1.1 is now available as a free entitlement and will be listed under supporting programs. (SafeLinx is available as a standalone to non-Notes-Domino Complete Collaboration customers.) CCB customers can use SafeLinx’s server component without the need for an additional VPN client to securely access their Domino apps from mobile. With this release, we’d like to provide our customers the opportunity to evaluate SafeLinx VPN for broader usage.

We are very excited to announce these new features and improvements from our customers’ inputs. Feedback based on feature improvements, ease of use, and a requested makeover to our most loved dedicated IP feature are now part of this release. Our team has put in many hours turning your ideas into reality and we’d love for you to continue submitting your ideas and improvements in our Ideas Portal. (Make sure you select “SafeLinx” under the Workspace before submission.)

Please contact your HCL sales representative or HCL Business Partner for more information on how to get HCL SafeLinx 1.1

We also have a joint webinar with our partners at Panagenda on September 17 4 PM (CEST),  10 AM (EDT). Join us to learn about SafeLinx, and how it can provide top-level secured access for your Domino environment. Register now.

The post New Release: HCL SafeLinx 1.1, – Secure VPN Services for Cloud or On-Premise appeared first on HCL SW Blogs.