IBM - The Dark Horse of Software Audits?

04 July 2011
5 minute read

IBM - The Dark Horse of Software Audits?

04 July 2011
5 minute read

Are Companies Underestimating IBM Audits?

I recently interviewed Alan Swahn, VP of Product Management at Flexera Software. We discussed IBM Licensing and the IBM audit program.

Q. Why IBM? Shouldn’t companies spend more time focusing on Microsoft, Adobe or Oracle audit compliance?

Many of IBM’s customers are facing significant software audit risk, as IBM has implemented a comprehensive audit program. IBM has undertaken what may be the most comprehensive software audit program in history. Performed by Deloitte LLP, these audits drive compensation for any unlicensed software discovered and back maintenance for previous years.

According to a recent Gartner survey, software audits are increasing. (Gartner, Survey Analysis: Survey Shows Another Increase in Software Vendor Audits? IT Asset Managers Should Prepare Now, 2 March 2011) The Gartner survey of 144 respondents attending Gartner’s IT Financial, Procurement and Asset Management Summit indicated that 61% have been audited by at least one software vendor in the past 12 months. This is the highest percentage of any comparable survey. In 2009 the percentage was 54%; in the prior three years it was between 30% and 35%. The vendors listed as carrying out the highest number of audits were IBM (41%), Adobe (40%), Microsoft (35%) and Oracle (19%).

Q. What do companies need to know about IBM Licensing complexity in order to ensure compliance?

Most IBM software licenses require that companies pay for software installed regardless of whether is it executing. This is one of the primary issues with software audits because of the technical difficulties of accurately determining what has been installed.

IBM licenses are delivered with no constraint on the number of software installations. As a result, in a distributed environment, many installations may occur with the same license, bringing the company out of compliance. Audits can reveal problems in other areas such as Lotus where Client Access Licenses (CALs) are used. For instance, Notes Enterprise CALs allow access to a full range of features including the use of Domino Designer, but this is not the case for Notes Messaging CALs. As there is no license control on CALs it is fairly easy to drift out of compliance.

IBM offers a variety of licensing and pricing programs to address the diversity of its customers and its large number of products. Each program has its own metrics, rules and options. Close monitoring of the IBM offerings, which change on a regular basis, and internal product usage is required prior to negotiation to select the right offering.

IBM uses multiple contractual documents including the IBM Customer Agreement (ICA),  International Product License Agreement (IPLA), and  License Information (LI). Each carries its own set of terms and conditions, which sometimes creates confusion on licensing entitlements. Furthermore some policies such as backup and disaster recovery license entitlements are not detailed in any agreement, but are detailed on the IBM web site and could change at any time. All these documents and references contribute to the difficulty with managing IBM licenses.

Alan Swahn, Flexera Software

Q. What about Virtualization?

Virtualization adds an additional layer of complexity.  Virtualization is the hottest trend in the market today and will remain so for several years. It is used for both infrastructure modernization and cloud computing.

The market for Operating System Virtualization will grow, in terms of volume, as much as five-fold in the next three years (Gartner, Magic Quadrant for x86 Server Virtualization infrastructure, May 2010). To further illustrate the magnitude of this trend, as of the end of 2009, 18% of enterprise datacenter workloads that could be virtualized have been virtualized. This number is expected  to rise to 50% by the end of 2012.

IBM has been a leader in datacenter consolidation and has provided its customers with opportunities to drive down costs with its hardware partitioning technology (LPAR), license type (PVU, WLC, etc.) and sub-capacity licensing rules.

LPAR is a partition technology enabling the installation of multiple instances of operating systems on the same physical machine. With the LPAR technology, processors and cores are attributed to each partition. The sub capacity licensing rules are  based on the number of processor cores available to each partition running a given application, rather than number of cores in the entire physical server.

Enterprises underestimate the license management complexity introduced by virtualization technologies. For instance the possibility to create, delete or move a virtual machine to another server with a simple click, to modify the properties of a partition or its pool of hardware resources, potentially impacts the license compliance position of an enterprise. Virtual environments should be managed and optimized with the same diligence as the software running on an enterprise’s physical devices.

Alan Swahn is VP Product Management at Flexera Software.

Image Credit

Can’t find what you’re looking for?