[Laforet]

Just wondering do I need CALs for external access to a website if it is hosted on a VM running in a regular copy of Windows? Technically traffic is conducted through the Windows server however web service is not.

Also is additional CALs needed for the back-end database server for the website?

Any help or comment is appreciated.

 

[ComGuards]

Quote:

Originally Posted by Laforet Just wondering do I need CALs for external access to a website if it is hosted on a VM running in a regular copy of Windows? Technically traffic is conducted through the Windows server however web service is not. Also is additional CALs needed for the back-end database server for the website? Any help or comment is appreciated.

Pure web-traffic, no.

You'll need CALs if you're serving up Remote Desktop over Web to a Terminal Server though (just as an example).

Treat the VM as another physical server and how CALs would be applied to it.

What version of SQL Database are you running in the backend?

 

[Laforet]

Thanks for the quick answer. I understand that a simple website does not involve CALs however not in the case when customers have to log into their accounts.

The server I am dealing with is running Windows 2003 with 5 client access licenses. Getting more CALs has been ruled out so we have the option of getting Windows Server Web Edition (no CAL requirement) or Apache on a linux distro.

The quickest way to integrate is probably to run the web server in a VM with Windows 2003 as the host OS which merely route web traffic to and from the VM, in this case do I need more CAL? We will eventually move to ESX however I'd like to know if this arrangement would work for now.

The database software will have its own licensing situation looked after, however I am not sure if Windows CAL is required on top of that.

 

[ComGuards]

Well, no, sorry to confuse. You can run a very complex website on IIS without requiring additional CALs if the website does not provide access to any Microsoft servers on your network.

If you are providing access to your customers through IIS, then you don't need to get any additional CALs if and only if they do not need to be authenticated against a user / device account in your network or on the local Windows Server SAM.. So if you are running a 3rd-party application that has its own user database, you do not need additional CALs.

If you are providing your customers with access to resources located in your physical network (i.e. they need to authenticate against Active Directory, or a local user account on a particular server), then they would need CALs.

If your host OS AND your VM OS are both Windows Server 2003 Standard, you will need two Server licenses if you are working with old Server 2003 licenses. If you have not yet purchased a license, you can buy a Windows Server 2008 Standard license which allows you to run one (1) VM as well as the host.

You should ignore the whole host-routing-traffic-to-the-VM notion. If you have two installs of Windows Server 2003 Standard, you need two licenses, basically.

For your database server, if it is running Windows Server 2003 Standard, you will be fine with the included 5-CALs if the only system accessing it is going to be your front-end web server.

This link should provide most of your answers:
http://www.microsoft.com/windowsserv...q.aspx#extconn

For future planning, when you move to VMWare ESX Server, you should plan on buying a Windows Server DataCenter license for your ESX Server. The DCE license is licensed on a per-processor ("socket") model, and is more economical to buy if you intend on running more than 5 Windows Server Virtual Machines on the ESX system.

 

[Laforet]

...then you don't need to get any additional CALs if and only if they do not need to be authenticated against a user / device account in your network or on the local Windows Server SAM

That really cleared up the issue for me. +rep for your concise reply. Many thanks.