A Software Auditor’s Guide to IBM Licensing – Part 1

IBM has a large and diverse portfolio of Software products grouped into Analytics, Cloud, Internet of Things, IT Infrastructure, Security, Watson, etc. The vendor is one of the world’s largest software providers with over 30,000 software products, each with its own licensing structure and terms. There are more than 100 license metrics with complex models like Processor Value Units (PVUs), Resource Value Units (RVUs), Authorized Users, User Value Units (UVUs), etc.

Depth of knowledge about key licensing terms, product metrics, and software usage restrictions increase the risk of non-compliance. In addition, the diversity of contracts, renaming, and bundling of software, acquisitions, and divestitures of businesses, along with many other factors, make IBM license management a daunting task.

Based on our experience conducting audits for IBM and helping customers through the process, below are the most common challenges when assessing your IBM effective license position (ELP):

IBM contracts and agreements – IBM Agreements are not easy to understand and manage. They often contain complex provisions and licensing terms.  IBM currently uses its Passport Advantage Agreements (PPA) to manage its licenses, subscriptions, discounts, upgrades, and support.  However, PPA does not capture the license purchases made outside of it, so in order to determine your IBM license entitlements, you need to consolidate your PPA data with Non-PPA records (paper contracts, proof of entitlements, purchase orders, etc.). Also, IBM acquires other companies regularly, whose software is rebranded and transitioned (aka “Blue-Washed”).  You’ll need to keep track of the software records of the acquired company and the Blue-Washed product name, along with versioning for support and upgrades.

Complicated licensing metrics – IBM sells its software under various metrics and they involve varying levels of complexity.  Few of the metrics are simple to measure like user-based, instance-based, or device-based. However, a few of the notorious metrics are extremely complex such as PVU based licensing, which is based on the processors used in their computers and the number of cores in each of those processors.  This value is then converted into PVUs using a PVU conversion table made public by IBM. The PVUs are determined based on the hardware model of the computer.  In addition, as you make changes to the IT environment by adding virtual machines, nodes, or users, you create a requirement for additional licenses.  There are also tiered based metrics like Resource Value Units (RVUs), User Value Units (UVUs), Storage Capacity Units (SCU) which require specific data points to determine the tier requirements.  These are each counted differently and your agreement should be checked for any custom terms.

Licensing terms – IBM Software license agreements give us information regarding the different metrics under which the software is sold, restrictions, bundled programs, and other software-specific terms.  Lack of knowledge regarding these items usually results in non-compliance. Typically, these licensing terms are not effectively communicated when the software is purchased or made explicitly part of large contracts, so they’re often overlooked or not understood.

IBM sub-capacity– Sub-capacity licensing lets you license a PVU-based software program for less than the full processor core capacity of the server when the software program is deployed in an eligible virtualization environment.  With full capacity licensing, customers are required to obtain PVU license entitlements for all activated processor cores in the server, regardless of how the software was deployed.  In order to qualify for sub-capacity, IBM License Metric Tool (ILMT) is a mandatory requirement or must be installed in a customer environment with regular deployment reports provided. In cases where ILMT is not used or not configured using the eligible sub-capacity rules, the deployments (by default) are counted on full capacity, which spikes up the deployment counts.

IBM support policy – Beware of the “all or none” rule.  Per Section 3.8 of the Passport Advantage Agreement, If the Client elects to continue IBM Software Subscription and Support for an IBM Program at a designated Client Site, the Client must maintain IBM Software Subscription and Support for all uses and installations of the IBM Program at that Site.  This implies that customer needs to maintain all the licenses under support, Partial renewal is not allowed.

Tips to Minimize Non-Compliance

Given these license management challenges, how can your organization stay safe or mitigate non-compliance during an IBM audit?  Like many top vendors, IBM conducts a significant number of annual software audits globally. Below are some helpful tips to help minimize non-compliance findings resulting from an IBM license review:

Baseline the software licenses and usage – Companies need to have a complete and accurate overview of IBM software owned and supported. The entitlement history should be up-to-date with proof of entitlements, supporting contracts, renewals information, license evolutions, etc.  In addition, they should be able to measure what IBM software products are installed and who are the IT owners responsible for each software title. IBM rules regarding sub-capacity and other product restrictions should be studied and well understood.  Having reliable toolsets for discovery and data analysis is essential to assessing your ELP.  If you’re running IBM License Metric Tool (ILMT), it’s important to have in-depth knowledge on the tool or consider partnering with a viable 3rd party.

License optimization – A periodic review of IBM software deployed is needed to optimize licensing.  By tracking and analyzing usage, you can identify unused software that can be reallocated to other users or projects.  The unused or under-used software can usually be uninstalled to reduce license liabilities resulting in cost savings during a software inspection

Continuous monitoring – Enterprises should continuously monitor and track their IBM software deployments to ensure they are compliant with contracted IBM licensing terms, along with any product, bundling, or metric changes.  Some of the key activities that should be reviewed and verified regularly include:

  • Recent hardware modifications/changes in the IBM environment
  • Change in users (new users added, changed roles or left the company)
  • Renewals due dates
  • New software purchased
  • Blue-washed or newly acquired software by IBM

It’s not always a trivial task to stay safe during an IBM software audit.  While IBM software is known to be inherently difficult to manage, there are a few common licensing gotchas that can save you time, trouble, and money if known and investigated before an actual license review:

Full-capacity vs Sub-capacity – As mentioned above, sub-capacity licensing is a term offered to customers deploying PVU based products.  By default, IBM customers are subject to full-capacity licensing.  Meaning, they have to license all the processor cores in a computer, regardless of whether the IBM software actually uses all of the computing power or not.  In order to qualify for sub-capacity, a customer has to install the ILMT tool.  The PPA agreement requires customers to keep accurate ILMT reports of the PVU/RVU estate for two years, and also, keep the tool patched, maintained and updated in order to be eligible for sub-capacity licensing.  This is one of the top and more expensive findings during IBM audits, where customers fail to meet sub-capacity requirements and must license their IBM deployment under full-capacity licensing.

Full use of limited use product bundles – There are limited use software bundles that are received as part of the multitude of IBM’s software product offerings. Customers are required to be well aware or versed of the limitations, along with the licensing restrictions of each bundled software component in order to stay compliant.  More often than not, customers believe an installed product comes bundled with another IBM product offering, but later learn that they are not compliant with its limited use restrictions, which leads a significant non-compliance.

Although IBM’s licensing rules may seem overwhelming and are not always easy to follow, Connor Consulting can help you successfully navigate through the licensing pitfalls and complexity of your IBM software environment.  Our experts have years of software licensing, contract compliance, and IT sourcing experience for major vendors like IBM, and we have helped many IT organizations prepare for inbound vendor audits and boost the effectiveness of their ITAM/SAM programs.

Contact us at info@connor-consulting.com to learn more today, and stay tuned for part 2 of our IBM blog series for a deep dive into IBM’s complex licensing models and common SAM/discovery tools.