Broadcom vs Siemens AG - A Brewing Storm

ITAM News & Analysis

Broadcom vs Siemens AG - A Brewing Storm

The ongoing legal battle between VMware (under Broadcom ownership) and Siemens is yet another example of why ITAM goes far beyond license compliance and SAM. What might, at first glance, appear to be a licensing dispute, has rapidly escalated into a full-blown copyright infringement lawsuit—backed by threats of injunction, audits, and damages including the wonderful legalese of disgorgement, which sounds painful and certainly will be for Siemens if they lose. It’s a timely reminder that poor visibility into entitlement and deployment is a multi-faceted risk – particularly when you don’t have trustworthy data and fail to prevent it from being shared that with a litigious supplier.

But first, how did we get here?

Timeline: from policy shift to courtroom

• Feb 2024: Broadcom ends sale and renewal of VMware perpetual licenses globally.
• Sept 9, 2024: Siemens submits an inventory to VMware seeking a one-year support extension. VMware claims the data reveals extensive unlicensed usage.
• Oct 29, 2024: Siemens issues a revised inventory but resists further audit or license verification.
• Mar 21, 2025: VMware files a lawsuit in Delaware alleging copyright infringement and seeking injunctive relief and damages.
• June 10, 2025: Siemens files a motion to dismiss, citing a forum-selection clause requiring disputes to be resolved in Munich, Germany.

What went wrong?

This is a classic example of lack of control of access to sensitive data. It’s particularly damning for Siemens considering it is Germany headquartered, and Germany is known for having some of the most stringent legal protections for privacy. Of course, this counts for nothing if you just send your entire unverified deployment data to a known litigiousness vendor.

Whilst I don’t have any insider information on this, I’d happily have a small wager on the deployment data coming from Siemens’ Server team or Procurement without it first being checked against license entitlements. This is a very common mistake and points to a hole in Siemens’ SAM policy.

Deployment data should only be provided to a vendor after it has been verified by the ITAM team. Siemens has effectively incriminated itself and is now severely hamstrung in its ability to defend itself in court.

It’s vital that operational teams that are often close to account managers/salespeople don’t inadvertently release data in response to a health check or some other seemingly innocent request from the vendor or its agents. I know this firsthand having come from a server support background where I sent deployment data to an account manager from one of the Big 4. Fortunately, we were broadly in compliance, but I still got a telling off from Procurement. Fast forward a couple of years to when I set up the in-house ITAM function and one of the first standard operating procedures I implemented was around control over deployment data. Bullet dodged and lesson learned.

What I recommend doing

For those of you looking to do similar, here’s what I recommend:

• Verify every submission: ITAM and Legal must review inventory data before its shared with a vendor. Never EVER send “raw” deployment data.
• Ensure entitlement clarity: If you hold perpetual licenses, confirm the quantities, versions, and support entitlements.
• Track deployments centrally: Consolidate tools and reconcile them regularly—ideally quarterly. Use non-ITAM sources such as Active Directory (or RVTools in this case) to reconcile your ITAM data, and fix any anomalies.
• Keep abreast of vendor acquisitions and license changes: VMware, under Broadcom, no longer supports perpetual renewals. If your support lapses, you’ll lose access to most updates—even if you still “own” the license.

The risk lens

This case isn’t about one vendor or one customer—it’s about the growing legal exposure tied to software compliance. If copyright law is used to enforce license terms, it fundamentally changes the risk profile worldwide. Why? A contract dispute is civil law and will be subject to the agreed terms in the contract. Siemens is relying on this to keep the litigation in the EU/Germany, which will be to their advantage. A copyright dispute is also civil law but carries a far greater scope for damages, including the aforementioned disgorgement of profits. A Federal court would hear such a case, resulting in reputational damages for Siemens.

Your organisation likely has a GRC (Governance, Risk, and Compliance) team, or at the very least, internal auditors. Typically, they will be responsible for managing the global risk register. With IT underpinning so many critical and key functions, its vital technology risk is treated with the same vigour as business risks. If you’re using VMWare, it’s very likely it’s critical infrastructure for your organisation – as critical as your production lines or buildings. For larger enterprises, the threat therefore isn’t just financial—it’s strategic.

You should add this to your risk register:

• Involuntary legal exposure from misunderstood entitlements.
• Business disruption from vendor cease-and-desist demands.
• Reputational and operational risk from a court-ordered injunction.

What are your options?

Many IT teams are now questioning their dependency on VMware. While the platform remains technically robust, the licensing environment is becoming more volatile. Broadcom are milking the cow as hard as they can, and they’re using automated “cease and desist” letters as leverage towards subscription licensing. As a result, Broadcom’s changes are pushing customers to reconsider their long-term virtualisation strategy.

You have three broad options:

1. Stay and comply: Maintain tight license hygiene and shift to subscription-based VMware offers. Swallow the bitter pill that results from considerably higher costs and vendor lock-in.
2. Migrate: Consider alternatives like Hyper-V, Nutanix AHV, or Proxmox. Each has trade-offs in functionality and ecosystem maturity but could offer cost and compliance benefits.
3. Cloud: For some workloads, hyperscale cloud removes the hypervisor headache altogether. It’s not a direct replacement, but it does simplify licensing.

 

Final thoughts

The Siemens case is a reminder that licensing isn’t just about cost optimisation. It’s a point of failure for legal, operational, and strategic plans. ITAM, risk, and strategy teams must work together to ensure critical vendors remain partners and don’t become enemies. You can’t overnight lift and shift a VMWare estate built up over a decade and a half. With Broadcom having you stuck between a rock and a hard place, it’s vital you understand your estate, know your rights, and don’t underestimate the power of your own data—because they certainly won’t.

Can’t find what you’re looking for?