Licensing under virtualisation - time for change

Virtualisation has been the darling of CIOs for many years, and for good reason. By driving significant operational efficiencies and paving the way for cloud computing, virtualisation has enabled IT to be more flexible, dynamic and cost-effective. The popularity of virtualisation has however led to questions as to how the software that runs in virtualised environments should be paid for.

When it comes to software asset management and licence optimisation in particular - the process of proactively managing software licences to ensure the organisation is always compliant and never pays for more software than it uses - virtualisation continues to highlight the outdated software licensing models practiced by most of the major vendors.

As a result the task of software asset management under virtualisation continues to be a tricky one. In fact, recent analysis has indicated that virtualisation could end up costing businesses far more than the savings they've made - up to 500% more - if licences are not properly managed.

Many have started to point fingers, ultimately trying to blame the vendors for developing complex technologies that integrate well with other third party vendor technologies, but don't align their license strategies. This complexity, however, is not the fault of the virtualisation vendor, they are responsible for developing innovative solutions that radically improve IT Services and are not accountable for third-party license dependencies.

As is the case, you cannot blame Audi when you get a speeding ticket, equally you cannot accuse the virtualisation vendor for an organization's failure to meet the compliance obligations set by the application or OS vendor.

Therefore, virtualisation adds to the software asset management challenge in two ways. Firstly, the way software licensing schemes have been 'tweaked' to remove grey areas around virtualised infrastructures has in fact added complexity to many licensing scenarios.

While virtual machines break down the ties that bind software applications to the hardware they run on at a technical level, the addition of new licensing metrics since virtualisation (such as the number of cores, processors etc.) has resulted in software becoming even more tied to the configuration of the physical server on which it resides than ever before; at least from a licensing perspective.

Secondly, the scalability of virtualisation, in particular with Dynamic Resource Allocation (DRA), has made tracking the location and use of software and ensuring compliance much more complicated, increasing the likelihood of accidental non-compliance considerably.

Too many licensing metrics
Tackling the changes to licensing configurations first. The licensing obligations of the software installed on the virtual machines are increasingly being determined by the physical configuration of the host (how many cores/processors, what processing power etc.). The addition of these hardware metrics has meant that discovering/inventorying the virtual machine on its own is no longer enough to know if you are compliant, you now need to know how the virtual configuration relates to the physical configuration as well. This is no easy task, but is made even harder when the physical host is a non-Wintel device, such as an ESX server as used in VMware deployments (and with VMware still having a 65% market share, that's most of them…).

If you are using a Windows-centric discovery solution such as Microsoft SCCM or Symantec Altiris, you simply can't automatically inventory these ESX servers and thus it becomes increasingly difficult to understand the licensing obligations for them. Since it is Microsoft software that tends to reside on more virtual servers than anyone else's, and the mega-vendor is already one of the most prolific software licence auditors out there (recent figures from IDC suggest you are twice as likely to receive an audit request from Microsoft than any other vendor ), you cannot afford to take any chances.

Dynamic Resourcing and Mobility
In virtualised environments, organisations will operate many instances of server software on a single physical machine. It is critical, therefore, that an organisation understands the inlying dependencies associated with running this software in a virtual environment. For example, a VMware ESX server running virtual Microsoft Operating System Environments (OSE), must have assigned licences equal to or exceeding the number of running instances.

Let's say an organisation has a VMware cluster with 3 ESX servers all running 8 virtual OSEs in normal production, however each ESX server can run up to 12 virtual OSEs when one of the three ESX servers enters maintenance mode. How many Windows 2008 licenses must be assigned to each ESX server?

The answer is, every ESX server must have 12 Windows 2008 Standard licenses assigned or three Windows 2008 Enterprise server licenses or two Windows 2008 Datacenter licences assigned. With the cost of acquiring standard licence far exceeding the Datacenter licence, it makes sense using the latter.

In addition, if this organisation was to deploy Microsoft SQL Server in this environment, what are the additional requirements? As you can see, this is immensely challenging and, therefore, must be considered prior to migrating.

While licensing every virtual machine is relatively simple to start with, the issue becomes much more complicated once technologies such as Dynamic Resource Scheduling (VMware), Performance & Resource Optimization (Microsoft) and WorkLoad Balancing (Citrix) are taken into account.

These technologies, which dynamically allocate IT resources to the highest priority applications (even moving entire virtual machines to alternative physical hosts) have proved popular for the significant operational efficiencies they can bring (58% of our customers claim to use it ). However, left unchecked, this can also lead to a significant shortfall in an organisation's licensing compliance, since a virtual application has the potential to be used on every physical machine in a cluster if the need arises.

With the historic focus on device-centric licences, this can require the organisation to licence every virtual application on every physical machine based on the potential that the application could be moved dynamically during peak times (some vendors do now offer 'datacenter' licences to cover these kinds of scenarios, but typically only on the latest versions of their software).

This is unless rules are put in place governing the use and deployment of licences in virtual environments (i.e. limits based on the number of licences the organisation has bought). Based on our own analysis of customers' virtualised environments, enabling virtual machines to move around dynamically has the potential to increase an organisation's server licensing  requirements by up to 500% at the flick of a switch - particularly because these technologies tend to be switched on during the configuration of virtualisation platforms.

This is not only a potential additional licensing cost for the organisation to bear, but if left unchecked, exposes the organisation to a hefty fine for non-compliance when it is next audited. With the right parameters and licences in place, dynamic resourcing should be nothing but an efficiency boon for the organisation, but the obligation is firmly on the end user to manage this.

So what can firms do to ensure that virtualisation still delivers significant value in light of these additional licensing complexities?

  1. If your organisation uses Microsoft software on VMware or Citric Citrix hypervisors, ensure that your licensing discovery solution(s) can track all platforms

  2. Check that you can inventory all the necessary hardware configurations within your organisation as required by your software licences, in addition to knowing where each and every installation of this software is across the organisation

  3. If using dynamic resourcing, set rules and limits on software deployment based on the software licences you have purchased

  4. If you are considering a virtualisation project, conduct a thorough audit of your software use first so that you can forecast its impact on your licensing liability

  5. If you have already virtualised, work out your effective licensing position now so that you can remedy any licensing shortfall before the auditors come knocking. Being proactive now will save money in the long term and impress your vendors, making you less of a target for audits in the future

  6. When buying new server software licenses, pay careful attention to ensuring that the license type not only meets immediate requirements (e.g. a single instance) but has the ability to support future requirements such as mobility
  7. licensing
  • By following these tips, your organisation can ensure that virtualisation delivers on its promises of a more flexible, lower cost and streamlined IT estate, while avoiding a rather nasty surprise from your next software audit.

  • Sean Robinson, License Dashboard

Copyright © 2013 IDG Communications, Inc.

Download: EMM vendor comparison chart 2019
Shop Tech Products at Amazon