Subscription States
The full subscription state is displayed in the Subscription tile on the Dashboard screen of the ESA Web Console:
Subscription state |
Description |
|---|---|
OK |
•Correct state regarding licensing |
Warning |
•Subscription expires in less than 30 days •User count less than 10% or 10 seats available, whichever is lowest •OTP SMS Credits 10 or lower SMS credits remain •All Users count is more than 90% of FUP limit •Components count is more than 90% of FUP limit |
SMS credits depleted |
•Zero SMS credits remain |
Violation (full functionality) |
•Subscription state no more than seven days after expiration (or other licensing state resulting in disabling ESET Secure Authentication) •Active users exceed licensed users by <=10% (and in this state for no more than seven days) |
Violation (limited functionality) |
•Subscription state more than seven days after expiration (or other licensing state resulting in disabling ESET Secure Authentication) •More than seven days after active users exceed licensed users by <= 10% or active users exceed licensed users by more than 10% |
Not activated |
•ESET Secure Authentication not activated yet |
ESET Secure Authentication Disabled |
•Subscription state more than 30 days after expiration (or other licensing state resulting in disabling ESET Secure Authentication) •ESET Secure Authentication deactivated (in ESET Business Account/ESET PROTECT Hub) |
The following table describes how each subscription state affects the ESA authentication server.
✔—Allowed
X—Disabled
Restrictions |
OK |
Warning |
SMS Credits depleted |
Violation (full functionality) |
Violation (limited functionality) |
Not activated or ESET Secure Authentication disabled 3 |
|---|---|---|---|---|---|---|
Enable Users for 2FA |
✔ |
✔ |
✔ |
✔ |
X |
X |
Disable Users for 2FA |
✔ |
✔ |
✔ |
✔ |
✔ |
X |
Provision Users 1 |
✔ |
✔ |
✔ |
✔ |
X |
X |
Authenticate with SMS OTP |
✔ |
✔ |
X |
✔ |
✔ |
X |
Authenticate with mobile app (OTP, Push) 2 |
✔ |
✔ |
✔ |
✔ |
✔ |
X |
Authenticate with hard token or FIDO |
✔ |
✔ |
✔ |
✔ |
✔ |
X |
Manage system configuration |
✔ |
✔ |
✔ |
✔ |
✔ |
X |
1 This is the Send Application part of provisioning process (for example, self-enrollment is not included). This feature should be enforced by Authentication Server but also Provisioning server.
2 Includes self-enrollment.
3 Even if ESET Secure Authentication is disabled or not activated, the administrator can disable the authentication for a subset of users (by disabling 2FA for those users) or for all users (by means of system configuration or uninstalling the product).