®

URGENT

Per F5 recommendations: F5 Security Incident and Quarterly Security Notification

F5 customers are strongly recommended to ensure their TMOS is running at least 17.5.1.3 / 17.1.3 / 16.1.6.1 / 15.1.10.8. BIG-IQ 8.4 or F5 OS 1.5.4 or 1.6.4 or higher version to ensure the security of their F5 infra structure.
Please ensure you are running a compliant version per the articles above.

Secured Environment License Utility

CCN Program Overview

You can run F5® hardware and software products in secure environments where there is no Internet connectivity and data cannot leave the secure environment.

For CCN customers, F5 offers a manual licensing process. The product exports a system-specific set of data that is submitted manually. The F5 license server will return a system-specific license file. The product will then use the license file to enable software features and disallow the license from being installed on additional systems.

Requirements and eligibility for the manual licensing process

  • You should use this manual licensing process only for systems in secured environments, also known as closed circuit networks (CCN).
    F5 defines these systems as: "Devices that, due to a security policy, cannot connect to F5 Networks License Server through the normal licensing process to acquire a license for the product". This definition may include devices that must go through a day-long (or longer) security or sanitization process to send and receive data through the F5 License Server.
  • The system must run in a secured environment where physical network configuration or a security policy strictly prohibits you from transmitting any data outside the network, such as in highly-secure government, military, or banking environments.
  • The CCN process does not support F5 end-of- life (EOL) platforms, such as the F20 or F25. Please visit support for the most up-to-date platform EOL list.
  • Make sure that your system has a current service contract before you submit a license activation, especially when upgrading the software version.

To be eligible for software version upgrades, a system must have a current F5 service contract. This eligibility is automatically validated through the service check date in the license file and the software release date embedded in the software.

For more information, please see K7727: License activation may be required before a software upgrade for the BIG-IP or Enterprise Manager system.

Alternatives for licensing in a secure environment

  • You can license new or Return Materials Authorization (RMA) hardware units before installing them in the CCN by temporarily connecting the units to an open network where you can license them through the standard manual or automated licensing processes. Obtaining the unit‘s initial license through the standard licensing process also helps F5 better support the unit in the future.
  • Use the F5 Secured Environment License Utility.