This article provides a detailed overview of how licensing works within our system. It will explain the different types of licenses, how they are allocated, and the specific metrics used to count your active license usage on different HEIMDAL products. Understanding this process is crucial for managing your subscription and ensuring compliance.
EMAIL SECURITY
Licensing for Email Security depends on how you choose to configure the product for your environment. On one hand, customers using the Exchange Online service can configure Email Security automatically using the integration we developed for the Microsoft Graph API. On the other hand, customers who are not using Exchange Online can configure Email Security with the MX Records method by pointing the domain's DNS to the Email Security servers. Below, we will describe how licensing works for each setup method.
A. Microsoft Graph API
This mechanism needs to be enabled at setup, in the HEIMDAL Dashboard, under Network Settings -> Email Protection -> Email Security by pressing the Grant consent hyperlink (this will connect Email Security to O365 / Azure tenant by installing the Heimdal Security ESEC enterprise application in Entra to allow the HEIMDAL Dashboard to get the mailbox count from the Microsoft Graph API.
The number of licenses will be the count of mailboxes that show up in Exchange Online Protection (the users who have a Microsoft 365 Exchange Online license) and have logged in during the selected billing interval.
Note: If the start of the Active Clients report is up to 30 days in the past, the number of licenses will reflect the users who had any activity in their Exchange account in the last 30 days. If the start date is over 30 days in the past, the license count will include users with licenses and activity from the last 90 days.
The job that synchronizes the data from the Microsoft Graph API runs once a week, every Monday.
B. MX Records counts
The number of licenses will be counted based on the following formula:
1. In the selected interval, we consider all the domains configured at the Customer level.
Example: Customer The Strong Example filters email traffic on 3 domains: strongexample.com, strongexample.eu, and strongernow.org.
2. We count all INBOUND mailboxes from all domains (the OUTBOUND is not taken into consideration).
3. We look for identical user accounts across all domains. If identical user accounts (mailboxes) are found, we strip the Top Level Domain (TLD) from each identical user account (mailbox) and merge them. The email counts for each merged mailbox are added to get the total.
Example: john@strongexample.com received 40 emails, and john@strongexample.eu has received 12 emails. Because the user accounts appear similar, we strip the TLDs (.com and .eu) and merge the 2 accounts' counts. Out of 2 mailboxes, the results show one mailbox (john@strongexample, with a total of 52 received emails).
4. After merging all identical mailboxes, we filter out the mailboxes that have a total of fewer than 21 received emails. Only the mailboxes (including the merged ones) that have an email count of 21 or higher are considered in the final billing report.
REMOTE DESKTOP
Your license usage is measured by the peak concurrent sessions within each licensing period. The total count is calculated based on the highest number of sessions active at the same time for each of your individual customers. For Managed Service Providers (MSPs), these individual customer peaks are aggregated into a combined total.
Example: During a given period, if you have four customers with the following peak session usage:
- Customer A: 1 session
- Customer B: 1 session
- Customer C: 1 session
- Customer D: 4 sessions
Your total license count for the period will be 7, calculated by summing each customer's peak usage: 1 + 1 + 1 + 4.