[Looking for Charlie's main web site?]

ColdFusion 2016: What's new that's in CF Enterprise only?

Note: This blog post is from 2016. Some content may be outdated--though not necessarily. Same with links and subsequent comments from myself or others. Corrections are welcome, in the comments. And I may revise the content as necessary.
Continuing my series of posts I started last week on CF2016, here's a quick post on what's new in CF 2016 that is in the Enterprise edition only (not Standard).

Fortunately, the list is pretty short:

  • The ColdFusion API Manager (for more, see this summary and still more details)
  • The Security Analyzer (called from within ColdFusion Builder, but works only against CF Enterprise...and not even CF Developer edition). More in the docs

Before any chime in to complain about the fact that these features are Enterprise-only (and that the Security Analyzer is not even supported against the free Developer edition), I do agree with you. These were both quite surprising to most paying close attention. (There's even a more subtle limitation regarding the Security Analyzer: it only works against an Enterprise CF deployment if that deployment is running with the "Developer profile", not either the "Secure" or "Production" profiles.)

Update: See my comment below about how you can use an Enterprise license key on a dev/test server, to allow you to use the Analyzer on other than your production server. An Adobe representative confirmed my observation today on the Adobe webinar reviewing CF 2016 (recording to be posted there soon, if not by the time you read this.)

FWIW, if you would like to find a more substantial comparison of the differences between CF Enterprise and Standard (including all the differences that are NOT new to CF2016), see this Buying Guide table from Adobe.

For more content like this from Charlie Arehart: Need more help with problems?
  • If you may prefer direct help, rather than digging around here/elsewhere or via comments, he can help via his online consulting services
  • See that page for more on how he can help a) over the web, safely and securely, b) usually very quickly, c) teaching you along the way, and d) with satisfaction guaranteed
Hi Charlie,

Wow, I didn't realize Security Analyzer also required Development Profile - good find there. And, I completely agree w/ your post here :) Hopefully it is okay to link to this ticket?: https://bugbase.adob... (and thanks, BTW, for voting :))

@aaron, sure, I would never mind a post of mine being linked to in a ticket, if it will help folks.

As for the dev profile, well, it does make sense on the surface in that the Sec Analyzer relies upon CFB talking to the server via RDS, and that's only enabled (by default) if one uses the Dev profile.

I suppose it may be that if one enables it separately, then it would work with the other profiles. (Those only preconfigure some things, of course.) I've not tested. If anyone else does, do let us know. :-)
One other thing I'll note about the Security Analyzer requiring Enterprise: it's worth noting that the EULA (CF licensing agreement) clarifies that one CAN use a purchased production license key on a development or testing server. So if anyone is thinking, "I don't want to have to setup my production server to be connected to by CFBuilder over RDS/using the Development Profile", you do not.

Just put your Enterprise license key in a development server and run the tool against that.

And note that the CF Trial edition is technically "Enterprise" by default, so you can also run the Analyzer against a trial deployment as well.

Finally, just to be clear, it is NOT supported (by the EULA) to use the Trial edition for production purposes, nor to use your purchased Enterprise license key on that other server you may move it to for Dev/Test.

As I said in my other post about pricing and licensing (http://www.carehart....) , please read the EULA for more details (I link to it there).

To be clear: I am unable to answer questions/confusion about the EULA. I'm only pointing out things it says. I can't help with interpretation.

Here's good news: the CF product manager, Rakshith, has said he will accept such questions by email: [email protected].

One other comment about Enterprise-only features: I had forgotten to list above that the new feature about storing CF sessions in an external (Redis) storage is also listed in the Buying Guide as being Enterprise-only ("External storage for session scope").

But on the Adobe webinar today for CF2016, someone from Adobe said this was not so, and that it worked for CF Standard. As I don't have a CF2016 Standard license to confirm it either way, I am awaiting confirmation from CF Product Manager Rakshith about this. If it turns out it IS indeed Enterprise-only, I will add it to the page above as an update.
As a follow-up to this post (and to my last comment here), the Redis session support in CF2016 does indeed work with the Standard edition.
Copyright ©2024 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting