Understanding licensing in TLS Protect Cloud¶
Licensing in TLS Protect Cloud helps you understand your organization's entitlement to product capabilities and monitor how your team uses those capabilities over time. This visibility supports informed decision making, cost management, and audit readiness.
IMPORTANT: About legacy vs. current licensing
TLS Protect Cloud's licensing model changed in 2024. By default, the information in this help system describes current licensing model. Because some customers continue to use the legacy model, it will also be described when helpful for comparison.
Why licensing visibility matters¶
Accurate licensing data helps you:
- Track entitlement and consumption in real time
- Understand how certificates are being used in your environment
- Plan renewals and upgrades based on actual usage
- Ensure alignment with your organization's contract terms
TLS Protect Cloud licensing model¶
TLS Protect Cloud's settings includes a Licensing page where you can view your current entitlements and usage metrics. Usage is updated once daily.
TLS Protect Cloud's licensing model is built around an accurate and flexible licensing metric: the Secured Certificate Instance (SCI).
An SCI represents a certificate that is actively managed by TLS Protect Cloud. A certificate may count as an SCI if it is issued, renewed, provisioned, or monitored by TLS Protect Cloud—or if it is installed in an active location.
This model enables precise usage tracking and aligns licensing with how your organization is using certificates in practice.
About the legacy licensing model
The legacy licensing model measured usage based on the number of certificates issued. It differentiated between:
- Short-lived certificates (valid for 90 days or less)
- Long-lived certificates (valid for more than 90 days)
Key licensing terms¶
| Term | Description |
|---|---|
| Entitlement | A top-level object that defines the licensed access for a tenant. Every tenant has one entitlement. |
| Plan | A collection of packages and features that defines the licensed capabilities for a tenant. A tenant with a plan is considered licensed. |
| Package | A modular group of features included in a plan. Some packages are base offerings (Standard or Enterprise), while others are add-ons (such as Kubernetes support). |
| Feature | A specific capability or service available within a package. |
| Installation location | A unique place where a certificate is deployed, such as a machine, keystore, or Kubernetes cluster. A certificate installed in multiple locations will count as multiple SCIs. |