Business and Technology Law

Microsoft Enterprise Agreement – Understanding Qualified Desktops and Users

Fri, 19 Aug 2011 16:01:13 -0600

Software licensing for medium to large companies is complicated. Not only are the software license agreements often hard to read and understand, but the terms frequently change with little notification to the user. Deploying software across an entire enterprise, therefore, can be exceedingly complex, and it requires both technical expertise and a thorough understanding of the practical application of the terms and conditions of the licenses. Many organizations, relying on their senior IT professional to make software purchasing recommendations, fail to submit the licensing agreements to legal review. For those that do submit the licenses to legal, the lawyers reading the agreements often will understand the typical contract language—the indemnities and limitations of liabilities of the world—but they often will not fully appreciate the practical effect of the license on implementation, deployment, and compliance. Over the coming weeks, I will use Microsoft’s volume licensing agreements as an example to highlight some of the legal and practical issues arising from enterprise-level software licensing agreements—issues that affect how companies deploy software, develop and test software solutions, report usage, design data centers, etc. To ease some of the pain of licensing software for large organizations, Microsoft developed the Enterprise Agreement (“EA”). At its core, the Microsoft EA was created to standardize licensing across all of an organization’s PCs. It accomplishes this by forcing the company to purchase a pre-defined bundle of software titles, the “Desktop Platform,” for each desktop or user considered “qualified” under the agreement. These bundles include a Microsoft operating system, an Office Suite (Professional or Enterprise), and a Client Access License Suite (Core CAL or Enterprise CAL). Under the standard EA, Qualified Desktops are all desktop computers owned by the company. Another option is to license not by desktop, but by user. Qualified Users are defined as any user that accesses any of the organization’s server software or online services. This means that every desktop (or user) within an organization must be licensed for one of the pre-defined bundles. Unfortunately, sometimes organizations get into these agreements without fully appreciating what this means to their organization. Many companies have different classes of users—some require the full Office Suite to perform their job tasks, while others may only need intermittent access to e-mail or Word. The standard flavor of EA would roll-out the same desktop platform to every qualified user or desktop; resulting in dramatically underutilized software deployments. With careful evaluation of internal needs along with a heavily negotiated EA, organizations can avoid these overdeployments and can more successfully take advantage of the discounts and licensing efficiencies originally offered by the EA.

Top Three IBM Software Licensing Challenges

Fri, 19 Aug 2011 15:57:10 -0600

In the past, I have covered some of the most problematic aspects of standard IBM software license agreements. However, IBM software licensing can be a recurring nightmare for procurement teams and IT administrators for reasons that extend beyond the four corners of those agreements. Three of the more “global” challenges associated with correct licensing of IBM software products include the following:

You will be assimilated. Though IBM has a wide array of current software-product offerings, a large part of that catalog is the result of a substantial number of acquisitions of other companies (e.g., Tivoli, Lotus, Guardium, SPSS, ILOG, Cognos, Rational, Informix) that developed innovative software products. As a result, IBM’s software products often have very little in common with one another, either from an architectural or a business-model perspective. Licensing metrics and restrictions vary substantially across the product line, requiring software asset managers to become proficient in a stack of licensing rules that rival the Oxford English Dictionary for fine print.
Good luck with discovery. The variability of IBM’s software-product architectures means that it can be extremely difficult to deploy a software asset discovery tool that is capable of identifying all IBM software installed on company computers. IBM’s License Metric Tool (ILMT), in theory, at least, is one product designed to facilitate the discovery process. However, ILMT can be challenging to deploy and configure correctly, especially in virtualized environments (where its use typically is mandatory, if a business wants to take advantage of sub-capacity licensing). In addition, it is worth being at least a little suspicious of discovery tools that are developed and distributed by the same companies that naturally would like to maximize their customer’s software-licensing expenditures.
Resource drain. Many of the products published by IBM are mission-critical software tools. A company’s entire customer-facing business operation may be constructed on top of WebSphere Application Server, and its repository of customer data may be stored in a DB2 database. Consequently, IBM software products often are very widely distributed throughout corporate IT environments, meaning that IT administrators often must choose between the lesser of two evils: either (a) license all servers to full processing capacity, which maximizes the likelihood of license compliance at the expense of higher licensing charges, or (b) devote IT manpower to configuring and monitoring processor usages, which maximizes the likelihood of licensing efficiency at the expense of human resource costs. Pick your poison.

For these and other reasons, it often is very nearly impossible to correctly and efficiently license IBM software without the assistance of knowledgeable counsel or other, independent licensing consultants. Without adopting a holistic approach to the challenge, the risk of exposure can be unacceptably large.

Microsoft Company Store Restricts Terms of Use, Leads to Licensing Confusion

Fri, 19 Aug 2011 15:54:02 -0600

Microsoft offers its employees an opportunity to buy discounted software if they agree to restrictive usage terms when purchasing from the Microsoft Company Store. In addition to the online Microsoft Company Store, employees may go to one of a few different physical locations, including one near the Microsoft campus visitor center. The Microsoft Company Store is separate and distinct from the online Microsoft Store, which is aimed at the general public. The Microsoft End User License Agreement (“EULA”) outlines terms controlling the use of each of its products. Many of its products allow commercial use in a business setting. Although anyone can go to the Microsoft Company Store, only Microsoft employees are allowed to purchase discounted Microsoft software. These products sold to Microsoft employees are specifically restricted from use in a commercial setting, limiting usage to personal only. Although it is unlikely that the general public could accidentally purchase software from the Company Store, some users are confused by the non-commercial restrictions for software purchased at the “Microsoft Store.” Additionally, Microsoft employees should be cognizant of potential licensing pitfalls if attempting to use any of the software in a commercial setting or if they buy software for their friends and relatives to use in a corporate setting. The terms of use on the products sold explicitly prevent commercial use. Software licensing is a complex issue that may cause complications for consumers or businesses seeking to properly comply with licensing terms. If you are facing a copyright infringement claim from a software publisher, or simply seek information related to software compliance and licensing, you should contact experienced counsel to assist you with evaluating your rights.

Microsoft Server Licensing – Shared Resources for Internal and External Users

Tue, 02 Aug 2011 15:59:09 -0600

When it comes to Microsoft licensing, we are frequently asked how to license for a situation where a Microsoft server resource is to be accessed both by internal company employees and external non-employee affiliates. Our typical legalese answer to this perfectly reasonable question: “It depends.” The correct answer (read: most-cost-effective-while-still-being-compliant answer) requires an examination of the circumstances surrounding the required access (number of users, manner of access, specific server products implicated) and a grasp of company’s current licensing environment with Microsoft. In most cases, the threshold question to answer is this: “Are my affiliates paying me for access to the Server resource?” If the answer is yes, then we will generally suggest to our clients to engage with Microsoft in a Service Provider License Agreement, or SPLA. Though designed for use by “hosting or application service providers,” the SPLA can be used for other organizations as well. Essentially, the non-hosting/service providing company will form an affiliate entity that licenses the software from Microsoft under a SPLA, then turns around and provides software services to both internal employees and external affiliates. It’s a fairly straightforward process, but it does increase the transaction costs somewhat. In the right situation, however, the benefits gained from licensing in this manner will outweigh any upfront costs. On the other hand, if the answer to the “paying for access” question is “no,” then factors such as the number of users and the nature of the required access will determine the best course of action. One model is to purchase user CALs for each employee and affiliate user who will be accessing the resource. Another option is to purchase CALs for internal users, and an External Connector license for those outside the organization. In other cases, a processor license along with an external connector license becomes the more economical choice, from both licensing spend and licensing management perspectives. The point is, there is no one “right way” to license for this usage environment. The model that is right for a given organization requires thoughtful examination of the facts. To make matters more complicated, it has been our experience that resellers, and many times Microsoft representatives themselves, do not completely understand the intricacies of these licensing schemes, and sometimes inadvertently give technically or financially bad advice because of it. However, our experience is that once you break through the first or second levels of licensing discussion and talk directly with Microsoft’s licensing experts, they are willing to work with you to find the optimal solution.

SQL Server Licensing Perils: Free and Paid Components

Tue, 02 Aug 2011 15:56:59 -0600

Correct licensing for Microsoft SQL Server database software can be a complex undertaking, and in light of the prices charged for certain kinds of SQL Server licenses, it also is an undertaking where mistakes can be extremely costly. SQL Server actually is a package of various software components with different functions in creating and managing a SQL database, so one of the more challenging aspects of analyzing SQL Server license obligations is determining how many licensable SQL Server instances are installed on company computers. Some of those components can be installed, effectively, on an unlimited number of network computers, provided that the core components are correctly licensed. Those “free” components include:

Business Intelligence Development Studio
Client Tools Backward Compatibility
Client Tools Connectivity
Client Tools SDK Management Tools - Basic
Management Tools - Complete
SQL Client Connectivity SDK
Microsoft Sync Framework
SQL Server 2008 R2 Books Online

However, the core components of SQL Server – the Database Engine and the Reporting, Integration and Analysis Services – all require separate licensing. This means that if a company wants to separate the core SQL Server components across several different servers (for security or workload-distribution reasons, for example), then it must purchase the same number of SQL Server licenses that it would need to purchase if it were deploying all of the core components on each of those machines. Those licensing costs can add up very quickly (per-processor licenses for certain editions of SQL Server can cost between $25,000 and $50,000 per physical processor that is activated on the servers where the software is installed). Complicating matters is the fact that some automated software-inventory products sometimes report the “free” SQL Server tools and the “paid” SQL Server components the same way. That can lead the users of those inventory products to believe that the number of SQL Server product installations for which they need to purchase licenses is lower that it really is, resulting in a licensing gap and potential audit-related exposure. Businesses with questions about licensing for SQL Server and other costly, mission-critical software owe it to themselves to discuss their requirements with knowledgeable licensing counsel before proceeding with license purchases that may be either inadequate, in terms of quantities acquired, or incorrect, in terms of product versions, editions and license types included in a purchase order.

Consumer Groups Urge the Supreme Court to Reconsider the Vernor Case

Tue, 02 Aug 2011 15:55:12 -0600

A number of consumer groups – including the Electronic Frontier Foundation, the Consumer Federation of America, the American Library Association, Association of Research Libraries, Association of College and Research Libraries, U.S. Public Interest Research Group, and Public Knowledge – recently filed a “friend of the court” brief asking the Supreme Court to reconsider the Ninth Circuit’s decision in Autodesk v. Vernor. Those groups are asking the Court to determine what they consider to be an important question: What is the impact of technology licensing on the First-Sale Doctrine? The Supreme Court will determine whether it will reconsider the Ninth Circuit Vernor opinion holding that an owner of a copyrighted work may license its work and retain ownership and control over its distribution. The Ninth Circuit overturned a lower court ruling that the First-Sale Doctrine applied to software sales, and that purchasers of software licenses were entitled to transfer, distribute, or sell the software. The First-Sale Doctrine allows an owner of a copy of copyrighted work to transfer or sell the copy, unlike a license, which restricts the transferability of a copyrighted product. The consumer groups are petitioning the Supreme Court to grant a hearing to determine whether the First-Sale Doctrine applies to the sale of software, and grants the owner of the copy the right to sell, rather than a license to use the product. The Supreme Court will evaluate whether so-called “magic words” contained in an End User License Agreement (“EULA”) undermine a consumer’s right to own and distribute a copyrighted work. These “magic words” are terms relating to licensing restrictions in the EULA. If the Supreme Court decides there is merit in the arguments set forth in the brief, it may grant a hearing to consider the Vernor case. If the Supreme Court grants the petition, it will likely set a date to hear oral arguments from each party before making a final ruling. A new decision in the Vernor case may potentially have far-reaching implications for copyrighted works, especially software. If the Supreme Court determines that purchasers of software own a copy of the work, rather than just a license, consumers might be free to sell or transfer their copies of copyrighted works without regard to the restrictions in the EULA. The consumer groups who filed the brief argue that “after an individual copy has been sold, the first sale doctrine puts further dispositions of the copy beyond the reach of the copyright owner.” If you are facing a copyright infringement claim from a software publisher, you should contact experienced counsel to assist you with evaluating your rights and the appropriate strategy for your defense.

New Texas Healthcare Privacy Law

Tue, 02 Aug 2011 15:54:11 -0600

Starting on September 1, 2012, businesses handling electronic protected health information (ePHI) in Texas will be subject to more stringent data privacy and security regulations and harsher penalties than those imposed by federal HIPAA regulations. Among other things, the new bill, signed into law in June 2011 by Governor Rick Perry, expands on the HIPAA definition of a “covered entity.” Under the new law, “covered entities” are broadly defined as any organization that handles electronic health records. This expanded definition has the potential to impact many organizations that are not currently “covered entities” under HIPAA, such as SaaS and cloud providers who market to health care organizations. In addition to complying with HIPAA requirements, covered entities are required to provide custom training sessions within 60 days of hire. In addition, the time period for responding to patients’ written request for copies of EHR is reduced from 30 days under HIPAA to 15 days. The new law also includes an explicit ban on selling patient records for profit, and a breach-notification requirement similar to that recently enacted under the Health Information Technology for Economic and Clinical Health Act (HITECH). In addition to the more stringent regulations, there are harsher civil penalties available under the new law. Depending on the degree of intent exhibited in committing a violation, penalties can range from $1,500 to $1.5M per year for disclosure of PHI. The monetary penalties are in addition to any penalties levied by the federal government under HIPAA/HITECH, and they can also include license revocations. Although the law will not be effective until September 2012, I recommend taking time this year to revisit your organization’s status under the new law and to determine if your current compliance policies and procedures are sufficient to address any new requirements.

Overview of Proposed Federal Data Privacy Legislation for 2011

Tue, 02 Aug 2011 15:50:16 -0600

Arguably as a result of the Obama administration’s call for federal data privacy and security legislation, a number of bills have been introduced this year in both the House and Senate to address consumer-data privacy issues. Introduced earlier this spring were the Do Not Track Online Act, discussed here previously, and the comprehensive, Commercial Privacy Bill of Rights Act sponsored by political heavyweights Senators John Kerry and John McCain. A new crop of bills introduced this summer focuses on data-protection procedures and breach-notification requirements. Highlights from these entries, by Senators Leahy and Pryor and Representative Bono Mack, are outlined below. Personal Data Privacy and Security Act – Sen. Leahy

Preempts state breach notification statutes
Criminalizes intentionally or willfully concealing a data breach
Breach notification to be made “without unreasonable delay”

Secure and Fortify Electronics (SAFE) Data Act – Rep. Bono Mack

Preempts state breach notification statutes
48 hour breach notification requirement, in some cases
Civil penalties available; capped at $5M

Data Security and Breach Notification Act – Sen. Pryor

Similar form to the SAFE Data Act
60 day breach notification requirement
Includes special rules for “Information Brokers”

Whether any of these become law by the end of this year’s session is not clear. However, the 48-hour breach-notification requirement proposed by Rep. Bono Mack seems to be generally unworkable in practice, making the requirement unlikely to be a component of any enacted law. What is clear, however, is that with recent, highly publicized and scrutinized data breaches at Lockheed Martin and Sony, greater-than-average political will exists in Congress to approve some form of federal data privacy and security legislation this year.

Approach Third-Party “Solutions” to IT Costs with Caution

Wed, 15 Jun 2011 15:40:31 -0600

Many IT-solution providers develop and sell hardware, software or support services (or some combination of all three) intended to reduce costs associated with deploying someone else’s enterprise-level software products in the licensee’s network environment. For business owners, the high cost of deploying some industry-standard, server-based software deployments can lead to near-desperation in efforts to remain competitive while keeping associated costs from breaking the bank. In many cases, third-party solutions designed to achieve those ends can seem too good to be true. However, in those cases, a prudent business owner will start with the assumption that they are, in fact, too good to be true, and he or she will conduct a thorough level of due diligence before (1) obligating the company to contractual obligations with a provider that can’t deliver on its promises and, possibly, (2) exposing the company to legal liability. An excellent case-in-point is the recent settlement reached between IBM (the mother ship of high-end software solutions) and an Austin-based firm called Neon Enterprise Software. Neon developed a product called zPrime, which is a software solution designed, in essence, to allow certain IBM mainframe software licensed on a process-capacity basis to run on lower-priced IBM processors that do not trigger the same capacity-counting rules as a server’s “primary” processors. By deploying zPrime, IBM mainframe customers effectively could reduce a large portion of their processor-capacity-based licensing fees to zero. In response, IBM began to threaten Neon’s customers with legal liability based on the argument that use of zPrime constitutes a violation of applicable IBM license agreements. Neon sued IBM in an effort to stop these practices, and IBM then countersued Neon based on allegations of tortious interference with the contractual relationship between IBM and its customers. IBM’s most recent counterclaim and Neon’s most recent answer to that counterclaim provide a good summary of the arguments in play in the litigation. However, despite the vigor with which both parties appeared to be pressing their respective cases, IBM and Neon reached a settlement in early June 2011, under the terms of which Neon agreed to pull zPrime from the market. For Neon’s customers’ IT procurement teams, this litigation undoubtedly caused a number of headaches. Those customers’ deployments of zPrime likely initially resulted in license-breach notices from IBM (which doesn’t really need to threaten much past termination of associated license agreements in many cases, since that action alone could be devastating for businesses with IBM-based mainframe architectures). Then, following loss of zPrime as a supported product (or perhaps once the case appeared to be a lost cause for Neon), those customers were required to absorb an unanticipated and possibly very high bill for the license-rights required to deploy mainframe software at regular-capacity levels. The Neon case is just one example of what can happen under these circumstances. Oracle, for instance, is known to threaten its hardware customers with license-breach claims based on attempts to use non-Oracle service providers for support and maintenance of Oracle systems. This leaves many of those customers feeling as though they are joined at the hip to Oracle, despite the availability of support services from third-party providers that may be better and cheaper. Whatever the circumstances, it is important to keep the following in mind when considering solutions like zPrime, third-party maintenance for Oracle systems, or similar, third-party work-arounds for high IT costs:

Read – slowly and carefully – licenses or other agreements with the software or system source (e.g., IBM or Oracle) to determine if the proposed third-party solution is likely to result in heat from that source/li>.
Read – slowly and carefully – any proposed statements of work or services agreement with the third-party provider to determine whether any work to be performed or solution to be delivered by that provider could result in legal exposure from the system source./li>
Consult with counsel. Even if it looks like there may be a conflict – in fact, even if the system source has sent a letter saying that there is a conflict arising from a solution known to have been deployed already – that does not mean that the source’s legal team is correctly applying the law. The customer may be well within its contractual and other legal rights in working with the third party, leaving it up to the system source to demand different terms during the next round of renewal talks.

Avoid Risks Associated with Software Licensed Through ISVs

Fri, 03 Jun 2011 15:39:33 -0600

Independent software vendors (ISVs) constitute a diverse group of businesses whose core business model typically consists of utilizing third-party software infrastructure and development platforms (such as Microsoft SQL Server or IBM WebSphere Application Server) to create targeted solutions for their customers. ISVs have become a fixture in today’s marketplace for information technology solutions, and most large software companies have programs and licensing models specifically intended for use by ISVs. However, while the return on investment for ISV-delivered solutions is very high in many cases, it is critical for potential ISV customers to be aware of opportunities for legal exposure that can arise when one company’s software products are licensed through in independent vendor. First, the license that accompanies an ISV’s solution typically includes terms that are specific to the third-party technology utilized by that solution. ISV customers need to be familiar with those terms in order to avoid liability associated with possible over-deployment of the third-party products. For example, many of SAP’s client-relationship management solutions use IBM’s DB2 Enterprise Server software as the associated runtime database. The DB2 license grant included in SAP’s end-user agreement typically allows the user to install the DB2 software as widely as necessary in order to use the SAP solution within licensed limits. However, those terms also expressly limit the use of DB2 to functions related to the SAP solution, and business that use that DB2 software for any other purpose incur the obligation to ensure that those DB2 deployments are independently licensed through IBM. Therefore, in the event of a software audit initiated by IBM, past inattention to the use of SAP-licensed DB2 installations can result in significantly increased licensing exposure. In addition, it is important to keep in mind the fact that a business’ license to use third-party software in connection with an ISV’s solution is only as good as the rights acquired by the ISV. To the extent that the ISV has failed to secure adequate pass-through license rights through the platform vendor, any license purportedly granted to the end user is potentially worthless. Businesses need to remember that copyright infringement is a strict-liability offense, which means that a belief that software was properly licensed through an ISV is no defense to liability for unlicensed installations (though it may help to mitigate the amount of a damages award). Therefore, it is critical for a business to ensure that its agreements with ISVs include terms requiring the ISVs to provide indemnification for third-party infringement claims. In cases where an ISV is relatively small or otherwise may not have adequate resources to deliver on a duty to indemnify, it is not inappropriate to request that it acquire appropriate insurance coverage against such claims. Companies are well advised to seek input from knowledgeable licensing counsel where there appears to be potential for risk associated with ISV solutions.

Renewal Grace Period in Microsoft Enterprise Agreements

Tue, 17 May 2011 17:09:19 -0600

The Microsoft Enterprise Agreement renewal process can be a difficult time for many large organizations. The process generally begins with a count of software products, processor cores, and virtualizations. All of these elements are necessary for a thorough evaluation of an organization’s true-up obligations under the EA. Next up is the process of evaluating future needs in order to determine whether the perpetual use rights associated with the licenses purchased under the original EA will satisfy the organization’s needs moving forward. Finally, all of these activities must be conducted under the looming specter of the EA’s expiration date and the associated non-stop communications from the company’s Microsoft account representative. However, to avoid making a hurried decision that could end up costing an organization hundreds of thousands of dollars in unneeded licenses, decision makers must understand: 1) the penalties, if any, associated with non-renewal; and 2) the actual date by which the decision must be made. It is important to understand that a decision not to renew does not instantly make an organization noncompliant. In fact, one of the biggest benefits to the EA, as opposed to the EAS (Enterprise Agreement Subscription), is the perpetual license grant that comes with most products. On the other hand, there is a significant penalty to Software Assurance users if they let the EA lapse – when the EA agreement expires, Microsoft typically requires its customers to purchase the Software Assurance along with another copy of the product license. The good news, for most organizations just now coming off a three-year EA, is that Microsoft likely built a grace period into the original agreement by including a 30-day window from the expiration of the previous EA to renew with Software Assurance without being forced to re-buy the underlying product license. The bad news is that Microsoft removed this grace period provision for most EA’s signed after 2009. For these customers, the expiration date for those agreements really is the expiration date. Microsoft customers should carefully read their EA to determine whether a grace period for Software Assurance is present or consult with an experienced attorney to assist with protecting legal rights when making this expensive decision on renewal.

Tread Carefully When Deploying IBM Software in Server Clusters

Tue, 17 May 2011 17:07:30 -0600

Many businesses are realizing the processing and failover benefits of incorporating clustered servers in their IT environments. Having groups of servers whose processing resources are shared and centrally allocated means that server malfunctions can be remedied without compromising business functions that otherwise might need to be suspended until the appropriate fix can be applied. It also means that the most mission-critical functions can benefit from prioritized allocation of processing power from multiple machines, often resulting in improved overall performance. However, licensing software in clustered environments can carry with it pitfalls that many business may not suspect at the outset. IBM software licensed based on Processor Value Units (PVUs) is an excellent example. PVU-based licensing entails counting up the number of processor cores for a computer where software is to be installed, multiplying that number by the per-core PVU value assigned by IBM for the processor architecture in question, and then multiplying that number by the per-PVU MSRP for the software product. Thus, for example, an IBM 795-series server with a single quad-core POWER7 processor chip running IBM DB2 Enterprise database software would incur the following licensing obligation:

4 cores per server x 120 PVUs per core x $405.00 per PVU = $194,400.00 per server

However, unless the business qualifies for IBM’s sub-capacity licensing model (more on that below), the inclusion of that server in a server cluster means that each of those servers must be licensed to full PVU capacity for DB2 Enterprise as well. Worse, even if the cluster is comprised of numerous virtual servers, and only one of those virtual servers is the one where DB2 Enterprise is installed, the entire cluster nevertheless must be licensed for that product. Thus, though a business may only be deriving limited functionality from its DB2 Enterprise installation, if that installation is in an 8-server cluster where each of the physical servers is identical to the one shown above, that business could incur a DB2 Enterprise licensing charge equal to 8 times the above amount, or $1,555,200.00. For this reason, it is vital that business operating IBM software in clustered server environments familiarize themselves with IBM’s sub-capacity licensing rules. Under the sub-capacity model, it is necessary to license a PVU-based software product only according to the number of activated processor cores accessed by that product. Thus, in the example above, if DB2 Enterprise is capped to a virtual server utilizing only 1 of the 4 availably physical cores , then the licensing charge is a quarter of the full-capacity server charge reflected above, or $48,600.00. However, in order to utilize sub-capacity licensing, a business must agree to and abide by IBM’s contract terms for sub-capacity licensing, which include requirements for the technology used to cap the virtualized software deployments along with the obligation to maintain regularly generated records regarding the nature of those deployments. In many cases, it is necessary to deploy the IBM License Metric Tool (ILMT) to generate those records. IBM software licensing can be a complex undertaking. When doubt arises, it is well worth it to seek the assistance of knowledgeable licensing counsel.

Responding to a License Review Request from Oracle License Management Services

Tue, 17 May 2011 17:04:07 -0600

As with many software publishers, Oracle seems to be making a push to audit their customer base in search of revenue streams arising from licensing deficiencies. However, Oracle usually does not like to use the word “audit” and instead tends to ask its customers to engage in a “license review,” courtesy of the Oracle License Management Services (LMS) division. LMS generally requests that a customer fill out a Server Worksheet, which is essentially an overview of the company’s Oracle deployments. Before responding to such requests, organizations must understand both their legal rights with respect to a prospective audit, as well as the various Oracle license grants as they apply to their environments. In many cases, organizations inadvertently become non-compliant over the course of a few years, seemingly without growing their database environment. For example, installing Oracle version upgrades sometimes turns on software features, such as the diagnostic and features packs, which trigger an associated increase in licensing cost. A company’s IT department can significantly increase its Oracle spend during version upgrades without knowing it. If the Oracle Server Worksheet contains information that concerns LMS, Oracle may ask the customer to allow Oracle to run a set of scripts across its network to perform an in-depth network deployment audit—the mere thought of which should make even the most confident CIO squirm. Organizations should carefully consider any response they make to Oracle to avoid that kind of request. If there are any concerns whatsoever about the state of a company’s Oracle deployments and associated entitlements, consulting with experienced counsel prior to responding to an Oracle license review request is highly recommended.

The Basics of Sub-Capacity PVU Licensing for IBM Software

Tue, 17 May 2011 16:58:30 -0600

A processor value unit (PVU) is a unit of measurement that IBM uses to determine licensing costs based on the kinds of processors deployed on servers where IBM software is installed. A server’s PVU count is defined by the brand, model and number of physical processors running in the server and the number of core chips per processor. In order to calculate the number of PVUs, it also is necessary to refer to IBM’s PVU-per-core ratings for current processor technologies, which are updated on IBM’s website here. A sample, full-capacity, PVU-licensing calculation for IBM WebSphere MQ software on a hypothetical server is as follows:

Server stats:
Server/Processor: IBM 795-series POWER7
PVUs per core: 120 | Physical processors: 8 | Cores per processor: 4
PVU calculation: 120 PVUs/core x 8 processors/server x 4 cores/processor = 3,840 PVUs/server
Software price: $73.25/PVU (as of May 2011)
Licensing calculation: 3,840 PVUs/server x $73.25/PVU = $281,280.00/server

As an alternative, “sub-capacity” licensing gives IBM customers who use virtual-server technology the option to license IBM products based only on the PVUs made available to the licensed software, rather than on the total PVU count for that server (as in the example above). However, sub-capacity licensing also requires that IBM customers meet the following requirements:

Agree to IBM’s sub-capacity licensing terms. The most recent, form Sub-Capacity Licensing Attachment is available here.
Use eligible software products. The latest published statement by IBM on sub-capacity-eligible software is available here.
Use eligible virtualization technologies. The latest list of eligible, virtual-server technologies published by IBM is available here.
Use eligible processor technologies. The latest list of eligible processors published by IBM is available here.
Use the IBM License Metric Tool (ILMT). The ILMT is a software tool designed to assist with the maintenance of an inventory of PVU-based IBM software deployments. Sub-capacity users must use the ILMT on a regular basis to generate and retain inventory reports for audit purposes.

Returning to the above example, if the server in question is running an eligible virtualization technology to limit WebSphere MQ to 3 processors, the sub-capacity PVU-licensing calculation would be as follows:

PVU calculation:
120 PVUs/core x 3 processors/VM x 4 cores/processor = 1,440 PVUs/VM
Licensing calculation: 1,440 PVUs x $73.25/PVU = $105,480.00 Use of the sub-capacity licensing model therefore can result in significantly reduced licensing costs. Businesses with questions regarding whether it makes sense to license IBM software on a sub-capacity basis should consult with experienced licensing consultants.

Are Your Microsoft SQL Servers Properly Licensed?

Fri, 06 May 2011 16:23:59 -0600

Depending on the size of your organization, Microsoft SQL Server licensing costs easily can be one of the biggest yearly expenditures for an IT department. As multi-core and virtualization technologies have taken hold in nearly every datacenter across the globe, SQL Server spends often consist not only of licensing the SQL Server instances, but also, in many cases, of over-licensing due to a lack of clear understanding of SQL Server licensing models and associated options. Proper licensing of SQL Server depends on, among other things, SQL Server use characterization, access characterization, and developer needs. Microsoft Developer Tools represent a good example. Microsoft created the Developer Tools category of licenses for use by software developers. Some of the Developer Tools include SQL Server use rights (such as Visual Studio with MSDN and SQL Server Developer), and these generally are licensed on a per-user model. For instance, under the March 2011 Products Use Rights document (which contains license terms applicable to Microsoft software licensed under one of the company’s Volume Licensing programs), a user of a Developer Tool has rights to install unlimited instances of the included software titles, provided the every installation is used “to design, develop, test, and demonstrate” the programs under development. Microsoft Developer Tools licenses also include downgrade rights and end-user testing rights (meaning that end users do not need any license whatsoever to “perform acceptance tests” on the programs being developed). In addition, a SQL Server Developer license entitles developers working in third-party environments (like SAP), to install and access a SQL Server back-end for development, testing and QA purposes, and the SQL Server Developer license also permits the in-place upgrade of the test server to production uses without redeploying the solution to a different “production server.” Why should you care? A SQL Server Developer license runs $37 per user (at the time of the posting of this article), compared to over $1200 for a Visual Studio Pro w/ MSDN license. Organizations with development groups therefore must carefully evaluate their development, testing, and quality-assurance environments to ensure they are not spending more money than necessary to license the installed SQL Server instances. Savings for a 30-developer team with a testing, quality assurance, and staging environments can be very significant, provided a careful analysis and a deep understanding of Microsoft SQL Server licensing options and use grants. However, a thorough evaluation of server-use characterization, access characterization, and developer identification requires not only the technical expertise to inventory diverse and varying infrastructures, but also the experience to know the right questions to ask of employees to determine their licensing needs. Therefore, businesses should consider engaging knowledgeable licensing counsel to assist in their assessment processes.