New license terms for Windows 10... might impact on it's use as a ClearSCADA 'server'

BevanWeiss · ‎2020-02-14

Hi all,

So, MIcrosoft like to change the license terms with each new release of Windows (or at any other time they feel like it), and for the most part this goes un-noticed. However Microsoft have been known for performing Software License Audits (it's also within the license), and issuing penalties for non-compliance against the terms.

The Windows 10 OEM terms are below (so this will apply for general pre-installed software) and likely only has a few terms changed when applied to custom Volume Licensing Ts&Cs.

https://www.microsoft.com/en-us/Useterms/OEM/Windows/10/UseTerms_OEM_Windows_10_English.htm

2. Installation and Use Rights.

c.Restrictions.The manufacturer or installer and Microsoft reserve all rights (such as rights under intellectual property laws) not expressly granted in this agreement. For example, this license does not give you any right to, and you may not:

(i) use or virtualize features of the software separately;

...

(v) use the software as server software, for commercial hosting, make the software available for simultaneous use by multiple users over a network, install the software on a server and allow users to access it remotely, or install the software on a device for use only by remote users;

...

d. Multi use scenarios.

...

(v) Remote access. No more than once every 90 days, you may designate a single user who physically uses the licensed device as the licensed user. The licensed user may access the licensed device from another device using remote access technologies. Other users, at different times, may access the licensed device from another device using remote access technologies, but only on devices separately licensed to run the same or higher edition of this software.

...

Now obviously the wording used isn't particularly precise, and it could be interpreted/mis-interpreted a number of ways. But ultimately it's going to come down to the amount of money that Microsoft has to fund a legal case, vs the amount of money our end-users would have to fund a legal case.

I can see a number of ways that Microsoft could very easily convince a judge that the use of a Windows 10 'Client Installation' to provide a ClearSCADA / Geo SCADA Expert (or Citect etc) 'Server' service to multiple users would breach the Ts&Cs above.

There are only a few instances I can think of where this would not be the case. And these are largely where the computer is used like an HMI, with only local 'in front of panel' access being available.

I am not however a lawyer, and this should not be considered as legal advice.

Lead Control Systems Engineer for Alliance Automation (VIC).
All opinions are my own and do not represent the opinions or policies of my employer, or of my cat..

adamwoodland · ‎2020-02-16

Interesting. Typically "we" put out servers on Windows Server only, although I'm sure some cases we have cheaped out, although similar issues with no Remote Desktop CALs and using just the default two for admin only is another area to be aware of when using this sort of software.

The usage of the term "the software" is interesting and may well really depend on how that is defined. If they're only talking Windows components then third party software may be ok (IANAL), however if that software term also includes any software installed onto that OS then something to note.

Years ago when spec'ing out a system the Microsoft Partner we were using they were insistent that a DNP3 RTU counted as a client connection to the server and so we needed a CAL for each one. There were over a thousand RTUs on that system so not trivial amounts of money. Other Partners disagreed on the need for CALs in that scenario so some inconsistency back then too.

BevanWeiss · ‎2020-02-17

There are (or were) two different ways to license Windows Server.

Either via CALs (Client Access Licenses) or DALs (Device Access Licenses). Looking at the license info, it seems both of these are now considered Client Access Licenses, but in either Device or User licensing.

If going with User licensing, every unique user (regardless of user accounts) that would have access to a system would require a suitable Client Access License 'assigned' to them (the assignment is purely procedural, there is no actual technical assignment required). In such a situation, the RTUs would not require a license.

However... if going with Device Access Licenses, then every device that utilises the Windows Services would require a license. If you look into what Microsoft consider as 'Windows Services' this includes DNS, DHCP, and TCP/IP... so yes, in this situation every RTU that would communicate to a Windows Server hosted ClearSCADA service would need a Device Access License.

It's almost always more 'useful' to utilise User-based Client Access Licenses anyway. Although this can start to get challenging again if the visibility of the service is intended on being very broad (like if the ClearSCADA service would be open to the internet..). I actually don't know how the Windows licensing would apply there. I know they had some special exemptions for IIS/SQL... but if not using IIS/SQL etc then it might fall into a grey area.

Lead Control Systems Engineer for Alliance Automation (VIC).
All opinions are my own and do not represent the opinions or policies of my employer, or of my cat..

Invite a Co-worker

Invitation Sent