Comprehensive Software Reviews to make better IT decisions

Sr hero 001 Sr hero 002 Sr hero 003 Sr hero 004

Don’t Let IBM’s Licensing Rules Squander Virtualization ROI

Organizations that have deployed IBM software in a virtualized infrastructure setting must comply with a variety of complex licensing rules, the most important of which is to run an approved version of the IBM License Metric Tool (ILMT). Audit findings for this single aspect of IBM licensing can account for noncompliance license fees that far exceed the original purchase price of the software, often running in the millions.With 20 straight quarters of declining revenue at IBM, it should come as no surprise that the company is searching high and low for revenue sources, leaving no stone unturned. Even the “Oracle of Omaha,” Warren Buffett, has just trimmed his holdings in IBM by one third after re-evaluating and devaluing the company’s prospects compared to IBM’s competitors. An easy source of revenue continues to be existing customers who IBM can audit and find noncompliant with their byzantine and ever voluminous licensing rules that span hundreds of products. Off-the-record sources at the company place software-compliance-related revenue somewhere between five and six billion (with a B) dollars annually.

There are multiple drivers of IBM software noncompliance comprised of one or many of the following items emerging during an IBM audit:

  • Poor contract administration
  • Organizational disconnect
  • Server and data center refreshes
  • Confusing license metrics
  • Minimal or poorly announced changes to license T&Cs
  • Virtualization and Sub-Capacity vs. Full Capacity rules

This note will focus on the last item noted above, which occurs when organizations decide to deploy their IBM licenses within a virtualized environment. We can almost assume that IT infrastructure leaders responsible for any significant software deployment will seek to do so within a virtual environment due to the well-known macro-level efficiencies of scale derived from mass virtualization. And therein lies the problem…

The Unique Universe of IBM Virtualization

Processor-based licensing is accommodated via a processor factor calculation known as the Processor Value Unit (PVU). In IBM parlance, deploying processor-based license software on a bare metal server requires all sockets to be licensed and is known as Full Capacity licensing. When virtualizing via a soft partitioning method, the environment is called Sub-Capacity licensing and the customer only needs to license the PVU volume that is being deployed in the virtual environment. Sounds like a reasonable proposition, right? Well, yes and no as IBM places very specific, strict, and often changing requirements around Sub-Capacity licensing practices.

One core requirement is that all customers deploying IBM PVU-based licenses in a Sub-Capacity model are required to correctly deploy and run the IBM License Metric Tool (ILMT) and at the current version of ILMT. Many organizations completely miss this and neglect to deploy ILMT at all, while others make a good faith attempt to deploy and run ILMT, but are not able to get the tool to function and report license usage correctly. It is not uncommon for IBM-approved consultants to fail to get ILMT up and running properly as part of the initial software implementation; however, IBM compliance will not excuse this as a valid reason for noncompliance to the software license agreement.

A second requirement is that customers must run and maintain reports from ILMT for the current quarter and retain them for two years. Reports must be provided to IBM upon request at any time. This must become part of the administration of the IBM environment if companies have any hope of maintaining license compliance in a Sub-Capacity model.

The third and most recent requirement centers on the version of ILMT that is running in the customer environment. IBM recently made v7.5 end of life in April 2017 and now requires customers to be running v9.2, which is based on Big Fix technology. The IBM IPAA agreement requires the current version of ILMT to be installed and configured within (90) days. The migration from a legacy version of ILMT to version 9.2 is not always a straightforward and simple exercise.

Impact of Noncompliance

The initial result of any ILMT and Sub-Capacity noncompliance is that IBM will charge the customer under the Full Capacity model. This results in all physical processors in the environment having the maximum PVUs applied for all processors, which can result in license fees and support that can and do regularly run into the millions of dollars, far exceeding the original cost of the software investment. Finding this out at the tail end of an IBM software audit can be devastating and is part of the IBM “shock and awe” tactics, as they will often offer to settle the noncompliance immediately for a 50% discount. Most customers will still find an unbudgeted compliance expense of this magnitude unacceptable and seek other means of remediation. We outline below the proactive steps your organization should take now to prevent this outcome!

Recommendations

  1. Licensing compliance and asset managers need to be part of the change control process. Understanding the implementation plans of the infrastructure and app dev teams is a crucial first step to prevent technical improvements that may violate license entitlement(s) or lead to increased license cost liability.
  2. Assign management of licenses to the application owners and instill oversight via a software asset management (SAM) team. Educate the application owners on licensing T&Cs, make it part of their job description, and inject accountability for the TCO of the application inclusive of license and support at the technical level.
  3. Be proactive and conduct internal audits annually, procuring expert third-party assistance if needed. The benefit is gap identification, quantification of risk, and remediation. This process assists in enabling the proper budget for new licenses, avoids 40% penalties, and builds awareness of the importance of communication across IT.
  4. Develop a network of licensing experts that watch for changing T&Cs and new auditor tactics. Build SAM tools, processes, and procedures for continued internal review by publisher.
  5. Understand your entitlements, IBM licensing documents, and license bundling instances. IBM license requirements are strewn across multiple agreements (IPLA, IPAA, and website) and can change frequently and without notice from IBM. IBM bundled licenses are complex and not easily disentangled for compliance counting purposes.
  6. For Sub-Capacity licensees of IBM software:
    • Ensure the most current version of ILMT is properly installed, configured, and running.
    • Stay current on running quarterly reports and archive them so they are ready for IBM when the audit occurs.
    • Regularly monitor the operating environment for changes to underlying hardware or configuration changes that may impact your PVU license requirements, both for increased licensing and opportunities for license harvesting.

Bottom Line

All IBM customers can expect a visit from the Big Blue compliance department and their armies of consultant/third-party auditors. IBM customers deploying processor-based licenses in a virtualized environment are assuming an amplified risk of noncompliance with IBM’s licensing rules. Noncompliance to IBM Sub-Capacity license terms can cost your company millions of dollars in license, support, and penalty fees.


Want to Know More?

Prepare and Defend Against a Software Audit