No device provisioning. I do have profiling enabled, but I'm thinking that if I'm not using attributes gained from profiling for any authorization rules, then it shouldn't be using advanced licenses. The fact that I only have 7 profiled end points showing on the home page sort of makes me feel more comfortable that I haven't got that wrong.
Reply from TAC was that there were internal discussions regarding whether the method in which the licensing was calculated is to be changed, or Cisco's wording in the documentation is to be changed. I hear that it's the former but no news regarding when yet. Confirmed that it doesn't perform as per the documentation. End points which were manually added by MAC were subsequently being marked as profiled and using an advanced license, despite the rules which they are using not using any of the profiled information. Cosmetic but sends annoying alarms constantly. Doesn't look too good.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...