LEGAL DEFINITIONS

McAfee Enterprise Product Entitlement Definitions

License Type License Type Description

API Calls “API Calls” is the maximum number of daily calls per license made by a customer. The maximum number of daily calls,
and annual fee for the API Calls license is set in the applicable Price Book. If the daily calls are exceeded, additional
licenses are required.

Application Server An “Application Server” is a web-based application hosted in an application server container, either IIS using the .NET
runtime or Java framework. The application is accessed via an http/https interface that clients connect to through their
browser. The application must connect directly to either Oracle 9 and above or MS SQL 2000 and above for
performing database queries.

AWS Account An AWS account is the basic unit where all resources are contained within AWS, such as number of compute, network
and storage instances. An AWS Account is an operational and billing controls boundary by product, application
workload, or program. Customers may create multiple accounts for administrative isolation between workloads, or to
provide limited visibility and discoverability of workloads for instance.

Azure Subscription An Azure subscription is the basic unit where all resources are contained within Azure. It also defines several limits
within Azure, such as number of compute, network and storage instances. An Azure subscription is a billing and
security boundary. An Azure account can have multiple Azure subscriptions. Customers may create multiple
subscriptions to meet legal requirements for data sovereignty, or to prevent a user from inadvertently changing a
critical system for instance.

CPU A “CPU” (or central processing unit) is the central unit in a computer containing the logic circuitry that interprets and
executes the instructions of a computer’s programs.

CPU Core A “CPU Core” is a single independent physical processing unit (execution core) within a CPU. In the case of Virtual
Machines, the number of CPU Cores will be reported by the Guest Operating System.

McAfee Enterprise
Rev. July 2021
License Type License Type Description

Database A “Database” is a software application and related computer resource (CPU, storage and/or network resource) that
enable a User to collect information that is organized so that it can easily be accessed, managed, and updated.
Database example: Customer has two (2) Oracle 10 instances running on a server. Two Database licenses must be
purchased for any solutions that are licensed on a Database basis, and an additional Server license must be
purchased to cover solutions licensed on a Server basis.

Database Instance A Database Instance refers to a complete environment which is uniquely identified by the memory structures and
background processes used to access information in the Database.

Entity An “Entity” is a unique object which can express events and behaviours within a data set. An entity may describe a
user account, IP Address, machine or node name, file share, or directory. An entity appears as a unique item with an
associated risk score within the McAfee Enterprise Behavioural Analytics UI.

File Submission Daily A “File Submission” is the transmission of a file (whether or not unique), of any file type, for advanced file analysis,
Limit inspection, or reputation, or application or operation of another process or feature by a product or service, which
transmission is received by the product or service. “Daily Limit” is the maximum number of File Submissions that may
be transmitted (and received) in any given day.

GCP Project A GCP (Google Cloud Platform) Project is the basic unit where all resources are contained within Google Cloud
Platform, the GCP such as number of compute, network and storage instances. GCP Projects form the basis for
creating, enabling, and using all GCP services including managing APIs, enabling billing, adding and removing
collaborators, and managing permissions for GCP resources. Customers may create multiple projects for
administrative isolation between workloads, or to provide limited visibility and discoverability of workloads for
instance.

Hypervisor A “Hypervisor” is a virtualization platform that allows and supports multiple Virtual Machines (VMs) to run on a shared
physical host computer at the same time. A Virtual Machine operating on the Hypervisor provides the execution of a
complete operating system and corresponding resources to create a virtual server. Products licensed by Hypervisor
can be deployed within any or all Virtual Machines residing on the host computer in which the Hypervisor is licensed.

IAAS Account Customer can use purchased IAAS Account licenses across the following product categories in Cloud Security: AWS
(MVISION Cloud for IaaS Account, Azure Subscription or GCP Project. One IAAS Account license is required for each individual Cloud Security
Pooled) product in this list (i.e. You purchase 10 IaaS Account licenses and, for example only, you can use 2 licenses for AWS
Account, 3 for GCP Project, and 5 for Azure Subscription). Standard Offerings only. An “IAAS Account” means, in
McAfee Enterprise
Rev. July 2021
License Type License Type Description
relation to an AWS Account, Azure Subscription or GCP Project, the basic unit where all resources are contained within
the infrastructure-as-a-service offering, respectively, such as compute, network and storage instances. An IAAS
Account is an operational and billing controls boundary by product, application workload, or program. Companies
may create multiple accounts for administrative isolation between workloads, or to provide limited visibility and
discoverability of workloads for instance.

IAAS Resource Customer can use purchased IAAS Resource Based licenses across the following product categories in Cloud Security:
(MVISION Cloud for IaaS AWS Account, Azure Subscription or GCP Project. One Resource license is required for each specific instance of
Pooled Resource) compute, database entity, load balancers and gateways (i.e. 100 Resource Based licenses can be used 40 AWS
compute, 35 Azure Blob Containers and 25 GCP buckets). Includes support for security, compliance, and governance
programs for container workloads where 1 Resource is equivalent to 10 container instances. Customers can audit the
configuration of the container runtime / Orchestration systems as well as container Platform as a Service (container
PaaS) offerings. Also provides container vulnerability scanning / assessment of packages included in the target
containers via the container manifest. Standard Offerings only.

IP Scan An “IP Scan” is an electronic interrogation via the product technology of a single internet connected device such as a
laptop or desktop computer, a server, network router or switching device, or any mobile device.

Kit A “Kit” is the combination of hardware and/or software.

Live Host A “Live Host” is any device with an IP address (e.g., a laptop or desktop computer, servers, network router, switching
device, mobile devices, etc.) that is connected to a network and can be electronically interrogated.

Mailbox A “Mailbox” is an area within a computer’s memory or in a storage device where e-mail is placed. In e-mail systems,
each User has a private mailbox. When the User receives e-mail, the mail system automatically places it in the
mailbox.

Manager Consol / A “Manager Consol / Manager Console” is one (1) instance of the Network Security Manager software that can be
Manager Console installed on a customer’s server for management of a specified number of Network Security Platform Appliances or
Sensors.

McAfee Enterprise ESM A “McAfee Enterprise ESM Appliance” means a McAfee Enterprise Security Manager (ESM) appliance or ESM Virtual
Appliance Machine (VM) that the McAfee Enterprise product is deployed on. “McAfee Enterprise ESM Appliance” does not include

McAfee Enterprise
Rev. July 2021
License Type License Type Description
and does not take into account any other appliance(s) that may be included or combined with the McAfee Enterprise
ESM Appliance(s).

Node A “Node” is any kind of device capable of processing data and includes, without limitation, any of the following types
of computer devices: mobile/smart phone, diskless workstation, personal computer workstation, networked
computer workstation, homeworker/teleworker home-based system, File Server, Print Server, e-mail server, Internet
gateway device, Storage Area Network Server (SANS), terminal Servers, or portable workstation connected or
connecting to a Server or network. In the case of a virtual system, each virtual machine or instance running McAfee
Enterprise software is considered to be a node.

Node Combination A “Node Combination” is defined as the aggregate number of customer Nodes on which the licensed McAfee
Enterprise product may be installed at any given time during the term. Subject to the agreement between McAfee
Enterprise and the customer, McAfee Enterprise products licensed by Node Combination may be installed by the
customer via software-as-a-service and/or on-premise deployment, and all such installations shall count toward the
aggregate licensed quantity.

OS Instance An “OS Instance” is each occurrence of an operating system (OS) that has been installed. In the case of a physical
server that has not been virtualized, then only one OS can be installed on that server. If the physical server has been
virtualized, there may be multiple OS instances running.

Page View A “Page View” is a single instance of an individual person or programmable device which uses the internet to load a
webpage onto a particular internet connected device such as a laptop or desktop computer, a server, network router
or switching device or any mobile device.

Parser A “Parser” is a rule- or code-based software that parses (interprets) device, server, database or application data, and
outputs the information into an interpretable form for McAfee Enterprise Security Manager (ESM).

Per company; flat fee “Per company; flat fee” is a flat fee charged for unlimited access to a product.

Physical Virtualization A “Physical Virtualization Server” is applicable when a product is licensed per physical server host or per Hypervisor.
Server Virtualization technology enables multiple operating systems to run on a single computer at the same time. It applies
to both server and client hardware. Each virtual machine running on a separate physical server host is a fully self-
contained system that can share and utilize the same hardware as other virtual machines. A virtual machine operating
under the Hypervisor provides a complete system platform which supports the execution of a complete operating

McAfee Enterprise
Rev. July 2021
License Type License Type Description
system. The VirusScan Enterprise for Offline Virtual Images can be deployed on any or all virtual machines residing on
the host computer in which the Hypervisor is licensed.

Seat A “Seat” is each individual user who has access to the applicable software. For example, a 50 user per-seat license
means that up to 50 individually named users can access the program.

Server A “Server” is a computer or device on a network that manages network resources. For example, a File Server is a
computer and storage device dedicated to storing files. A Print Server is a computer that manages one or more
printers. A Network Server is a computer that manages network traffic. A Database Server is a computer system that
processes database queries.

Server Instance A “Server Instance” is a single occurrence of an operating system. Licensing for a Server Instance must be obtained for
(May also be referred to as each Occurrence identified.
Instance, AV Scanning
Server,
ESX Server, Virtual Instance)

Student owned PC A “Student Owned PC” is any computing device (for example, a desktop PC, laptop or tablet) that is owned by the
student and is used by the student for personal use or educational purposes to connect to the educational
institution’s computing infrastructure (and not for educational institution business).

TB To scan up to 1 terabyte of data (2 to the power 40) with the McAfee Enterprise (Skyhigh) DLP engine.

Throughput Capacity “Throughput Capacity” is the maximum rate of network packet transmission available to any given system under ideal
conditions, as defined in measurement of “bits per second”. For a “system” comprising more than one component
(such as, for example, an appliance or virtual machine), Throughput Capacity applies to the system, as a whole, and
not individually to each component of the “system.” Categorizations of Throughput Capacity, such as “Small,”
“Medium,” or “Large,” if indicated, are provided for qualitative estimation purposes, only.

Unit A “Unit” is a single instance of a complete physical computer system such as a laptop, desktop, Server, networks
appliance, network router, network switch or a mobile computing device.

User A “User” for McAfee Enterprise web products is defined as any individual person capable of sending HTTP requests to
(Five Categories) or from the Internet to be processed by a McAfee Enterprise product, regardless of whether the individual is actively

McAfee Enterprise
Rev. July 2021
License Type License Type Description
using the product at any given time. In such cases where multiple unique Users use the same workstation to access
the Internet, that workstation represents a single “User”.
A “User” for McAfee Enterprise email products is defined as any mail enabled account capable of sending or receiving
emails to or from the Internet to be processed by a McAfee Enterprise product, regardless of whether the mailbox is
actively using the product at any given time. This includes administrative mailboxes, for example, “do not reply”,
proxy, and customer service mailboxes.
A “User” for subscribers of McAfee Enterprise MVISION product is defined as a unique individual person within a
company, organization, or other entity, where: (1) the company, organization or other entity has acquired a valid
subscription(s) or license(s) to use the product, and (2) the company, organization or other entity has authorized the
particular individual person to use the product. For devices that are shared among “Users”, such as printers, each
device shall be counted as a single User.
For purposes of licensing compliance, an “Academic User” refers to the number of licenses required for McAfee
Enterprise academic-specific endpoint products licensed Per User. It is calculated as follows: Full-time faculty + Part-
time faculty÷3 + Full-time staff + Part-time staff÷2 = Total number of licenses required. Students accessing school-
owned or leased computers do not need a license.
For all other McAfee Enterprise Products, a “User” is defined as a unique individual person within a company,
organization, or other entity, where: (1) the entity has acquired a valid license(s) to use the product, and (2) the entity
has authorized the particular individual person to use the product. For example, if the company has acquired 1,000
licenses of the product, and the company has authorized a particular individual to use the product, and that person
falls within the aggregate pool of people authorized to use the software, then they are a “User”, regardless of whether
the individual is actively using the product at any given time.

User Email Account A “User Email Account” is any mail enabled account capable of sending or receiving emails to or from the Internet to
be processed by a McAfee Enterprise product, regardless of whether the mailbox is actively using the product at any
given time. This includes administrative mailboxes, for example, “do not reply”, proxy, and customer service
mailboxes.

User Combination A “User Combination” for McAfee Enterprise web products is defined as any individual person capable of sending
(two categories) HTTP requests to or from the Internet to be processed by a McAfee Enterprise product, regardless of whether the
individual is actively using the product at any given time. In such cases where multiple unique Users use the same
workstation to access the Internet, such as educational institutions or libraries, that workstation represents a single
“User”.

McAfee Enterprise
Rev. July 2021
License Type License Type Description

A “User Combination” for McAfee Enterprise email products is defined as any mail enabled account capable of sending
or receiving emails to or from the Internet to be processed by a McAfee Enterprise product, regardless of whether the
mailbox is actively using the product at any given time. This includes administrative mailboxes e.g. “do not reply”,
proxy, customer service mailboxes, etc.
NOTE: Suite products licensed by User Combination enable a customer to install any combination of products
included in that suite up to the quantity for which they are licensed.

Virtual Machine For products determined by McAfee Enterprise to be network-based, a “Virtual Machine” is a single virtual emulation
(may also be referred to as of a computing environment, running as a separate virtual machine, on a single physical host, and making use of the
VM or Virtual Instance or services of a single hypervisor, that provisions the network-based McAfee software product to other virtual
Virtual Server) emulations. For products determined by McAfee Enterprise not to be network-based, a “Virtual Machine” is a single
virtual emulation of an operating system, running as a separate virtual machine, on a physical host, and making use of
the services of a single hypervisor.

Web Application A “Web Application” is a scan able web-based software application hosted in a computer environment where the
application performs a defined set of functions and is accessed over a network that includes the three (3) distinct
attributes of a URL, Port and IP address.

McAfee Enterprise
Rev. July 2021