By: Patrick Gunn, Flexera Software
This year almost two-thirds of UK companies intend to extend their current use of server virtualisation and about one-third of UK CIOs will start implementing some form of desktop virtualisation. This is according to the Citrix Virtualisation Index. While these numbers show a healthy rate of adoption of these technologies, there are areas of concern. Software licensing is the second biggest concern, behind security, for both server and desktop virtualisation, as revealed in the same Citrix survey. Software license management is complicated enough in the physical world due to complex license models, use rights and restrictions. With virtualisation, software license management becomes even more challenging—the virtual environment is more dynamic, and there are new rights and restrictions. What’s more, desktop virtualisation is inherently user-centric, while traditional software license models are device-based. This desktop virtualisation licensing issue has yet to be addressed by software publishers.
For those of you who are looking at rolling out desktop virtualisation, there are at least three potential license metrics that you could use for virtual desktop applications: pay-per-device (desktop, laptop, or thin client), pay-per-user authorised to access the application, or pay-per-user who actually uses the application. Under the standard Microsoft license model, enterprises still have to pay per computer that is used to access an application—meaning that every device that could be used for access must be licensed. However, it is in your interest to be able to pay per user that actually uses the application. After all, not everyone who has access may use a given application, and one of the benefits of desktop virtualisation is giving users the flexibility to access applications from any PC, not just their own. Software licensing should not be a hindrance, and organisations should demand alternative licensing approaches from software vendors.
A further complication with device-based virtual application licensing involves the situation where one version of the software is installed on endpoint devices and another version is installed on the application server. For example, if a desktop computer has a lower version than the one installed on the server, then a license for the server version is required for that desktop device when it is used to access the virtual application. Therefore, you need to carefully manage the reconciliation between local installations and software that can be accessed using the virtual desktop technology.
Using an enterprise license optimisation solution is perhaps the only reliable way to ensure compliance and minimise software costs in virtual environments. Also, the use of such a tool will provide you with leverage to negotiate the most economical licensing model with softwa

by: Jeff Jones, Flexera Software
Having worked with 100’s of corporations over the last few years, I have noticed something interesting about the software asset management (SAM) space, and specifically the SAM Maturity Model. While much has been written about the SAM Maturity model, I have noticed an interesting trend: vendors, corporations and analysts either discuss “SAM Basics” – usually Inventory and Tracking, or they discuss the “Pot of Gold” at the “end-of-the-rainbow”: Dynamic SAM and/or “Optimisation”.
It is this second area I find most interesting, because this tends to be where you get to the nexus of business value and software. But what I find interesting is almost every software asset management vendor, and every corporate consumer trying to get there, really discuss this level in different terms. There are papers on “Optimising Business Processes” and “Optimising Infrastructure”. And there are long, consultative “Best Practice” approaches to combining SAM, ITIL, ISO 19770-1, and custom methodologies to “Optimise”.
But interestingly enough, not many focus on optimising software usage, as it relates to licensing, and the monetisation of the value of your Application assets. And shouldn’t that be one of the most important factors? Isn’t the use of software applications the only true way to start to measure business value of software? And if you aren’t measuring business value, how can you “optimise” it? The Operations Management and Interfaces category of ISO 19770-1 touches on this, but doesn’t map this back to license entitlements and cost in enough detail to help optimise the software mixture.
Then combine this with the fact that most of the software asset management literature, when it does discuss “Application Usage”, focuses on Desktop software only. Not much focuses on high cost and high value software applications. Things like SAP or Oracle; or very expensive niche applications like Cadence, Synopsis, MATLAB or AutoCAD; or more difficult licensing models like concurrent users or custom corporate-specific metrics. From what I have seen, these typically make up 75% or more of the typical software budget, depending on the industry.
To really complete the software asset management optimisation stage, it seems that we as SAM professionals need to add more detail on Application Usage Management and Enterprise License Optimisation into the process. We at Flexera Software have been doing this for a long time with our customers, but see a need to extend the current SAM Maturity Model and other standards to include the Best Practices around monetisation of business value of application software.

By: Randy Littleson

Steve Schmidt, vice president of product management at Flexera Software, discusses the challenges enterprises face in getting the most out of their investments in software.  He details the importance of data and value of understanding software usage to ensure continuous software compliance and optimising software spend.

Click here to view the video

By: Steve Schmidt
Half of the “usage + entitlement” equation that is used to build a software license compliance position and plan for real enterprise license optimisation, is obviously the entitlement data, but it often does not get the same level of attention as the usage data. Increasingly, though, companies are asking for a deeper level of understanding of what it is and where it comes from. They want to know more about entitlements, which in this context is being defined as a “right to use” the software in a certain way, such as to download, install, re-host, upgrade, downgrade, etc.
An obvious source of entitlements is the database of financial records within the Enterprise utilising the software, including Purchase Orders. These highlight the specific products purchased, including part numbers, descriptions and quantities. Expense reports may also need to be scoured depending on the internal processes of the organisation and the ability of employees to handle their own software procurement.
What if the entitlements are not available in the company records, or there are questions with regard to completeness or currency? This often happens in a decentralised organisation or in an organisation where controls were loosened during organisation changes, M&A activity, or other unique circumstances. An option is to go to the Vendor for this data. The vendor could be the original software publisher, or a distributor/reseller in their value chain. If all purchasing is done through a small number of suppliers, the task becomes easier. This step can also be used to validate internal records, if for no other reason.
A key part of the entitlement data set that is often overlooked is the use rights that are needed to answer questions such as: Can I use the product on another system, and under what conditions? Can I use an older version of the software? Can a suite be split up for use on different systems? This type of data may exist in the end-user license agreements (EULAs), either in simple click-through format or long form contracts. Some may require reviewing documented vendor policies posted for the general public or in customer support centers, or a discussion with the vendors.
Start there… and then seek to automate and optimise. Companies that have been on the path of actively managing software license compliance and enterprise license optimisation for some time have established processes to keep the data current, house the data in a central location with controlled global access, and run software that aggregates and analyses the data for them.
What additional sources of entitlement data do you utilise, and under what circumstances?

By: Vincent Brasseur, Flexera Software
Software asset management has become a concern for most companies in the last past few years with the kick-start from the Sarbanes-Oxley Act (SOX) and ISO / IEC 19770-1, followed by well-publicised software audit results performed by publishers or affiliated organisations. The fear factor of a software audit is a substantial driver to start a software asset management initiative to lower corporate liability and ensure software license compliancy. Beyond traditional software asset management, companies are now looking for Enterprise License Optimisation to provide major benefits, such as, providing key data for renegotiating contracts with software resellers or publishers, inserting intelligence into software procurement decisions, and improving license allocation and usage.
Enterprise License Optimisation goes well beyond inventorying applications and collecting software usage data. A typical optimised license management program consists of 5 distinct steps that are usually completed in sequence:
1. Inventory of all devices to list software installations and collect application usage data,
2. Application Recognition to scrub the raw inventory data and provide a comprehensive list of software titles for each managed device,
3. Purchased versus Installed Reconciliation to match inventory and usage against purchase orders and contracts,
4. License Compliancy to apply terms and conditions and check if they are met,
5. License Optimisation that will allocate licenses according to the needs of the organisation, preventing over licensing or unused licenses.
Each of these steps has their own challenges. The most daunting ones are not in inventorying applications or collecting software usage. They are usually found when:
- bringing non-homogeneous data (inventory, human resources, purchase orders…) into a single repository to organise, reconcile and maintain data integrity and accuracy over time,
- adhering to complex publisher licensing models coupled with terms and conditions that are not fully understood and or applied properly.
A quick illustration can be found in the reconciliation between inventory and purchase order data. This is where many software asset management projects fail as this task is extremely time consuming and difficult for the license manager if performed manually. Tools that provide a Stock Keeping Unit (SKU) library used to match purchase orders to inventory data as well as to provide details on the license purchased help overcome this challenge. Another example is the difficulty of staying up to date on terms and conditions; licensing rules and Product Use Rights are modified on a regular basis by the publishers. Microsoft, for one, publishes their Product Use Rights guide each quarter and it is generally more than 120 pages long. Accurately applying these rules may change the compliancy status of licenses or achieve some of the optimisation goals.
As a result, tools used for software asset management and Enterprise License Optimisation must automate data reconciliation across data sources as well as maintain continuously updated embedded knowledge on SKUs, publishers, license agreements, and associated terms and conditions.

By: Randy Littleson
Amy Konary of IDC talks about “information as power” when it comes to software licensing use. Understanding how software is used is a critical insight to both enterprises and software vendors alike. Amy discusses what companies can do with this information to better their software license management

By Randy Littleson: Flexera Software
Jim Geisman, Principal & Founder, Software Pricing Partners, discusses the relationship between software vendors and their customers. He discusses why each party is afraid to share data with the other and discusses the value of doing so in terms of improving vendor/customer relations.
View the video here

By Randy Littleson: Flexera Software
In this interview, Amy Konary of IDC talks about how vendors and enterprises are moving closer together on their viewpoints related to software licensing. She discusses where a true “partnership” relationship is emerging and where it is not. She details the areas of breakdown and avenues to move vendor/customer relationships to a new level.
View the interview here

Andy Ellwood, iQuate
By correctly interpreting the complexity surrounding Oracle usage and licensing, iQSonar delivers accurate information relating to ALL aspects of an Oracle deployment.
This was illustrated by an engagement with a large Irish financial institution, in which iQSonar scanned Oracle on several hundred Solaris machines. One of the servers running Oracle Enterprise Edition had a single Sun UltraSPARC-T2 quad core processor. Each of the 4 cores had 8 threads. Under Oracle licensing policy this type of processor has a core factor of 1, so it requires 4 processor licenses. At current Oracle list price a one processor license for Enterprise Edition is $47,000, so the correct list price for Oracle on this server is $190,000.
The manual audit performed by the customer had stated that the server had 32 processors (as indeed did the CPU Highwater recorded in the Oracle database). Licensing for 32, rather than the required 4 license would represent a list license cost of $1.71m.
On another occasion, Oracle License Management Services were engaged with a UK Law Enforcement agency with unique security and operational requirements.
Owing to this complexity – and the size of the network (over 10,000 network devices) – various manual and agent based automated attempts to identify their Oracle deployment had not been successful. This increased the risk of non-compliance and of inefficient utilization of purchased licenses. These issues had also delayed the submission of complete audit data to Oracle by several months.
iQuate completed the audit in just five days without any network, performance or security issues. The customer now has an accurate view of their Oracle usage and was able to report their position back to Oracle LMS.
Finally, after performing a successful Oracle scan for a US based multi-national petroleum organisation across their global WAN network, iQuate was asked to use iQSonar to check some additional operational issues.
As part of their SOX-compliance guidelines, no default or “obvious” Oracle passwords were to be used across the organisation as this represented a significant security issue. iQSonar was able to quickly discover that non-compliant passwords were in use on 12% of Oracle instances.
iQSonar is the only third party tool verified by Oracle as providing accurate and definitive Oracle deployment and usage data

By Patrick Gunn
Recent research findings from FAST in the UK revealed that one software supplier audited 50% more businesses in 2009 than in the previous year. I believe this to be a reaction to the difficult economic times. Most software vendors have intensified their efforts to ensure software license compliance as a means to preserve their revenue during the downturn.
The larger the software publisher, the higher the risk of a software license audit. In fact, the result of an audit can potentially be one of the largest unbudgeted expenses for an enterprise. Unless organisations have their own optimised software asset management solution, they are pretty much at the mercy of software vendors when the auditors come knocking.
An Adobe software audit at a multi-national company is a case in point. This company was able to eliminate a large seat-count Adobe license liability worth over $3.8 million by using a next generation software asset management tool to accurately recognise installed software. The company proved to the Adobe auditors that it actually had a free Flash Player installed as opposed to the several hundred dollar Flash Professional.
When defending against an Adobe audit, pay special attention to the following:
• Inventory and asset recognition:
Collect and analyse inventory for all computers to accurately list all the installed Adobe products. You should include all versions and editions of the different products too. For example, if you have three versions of Adobe Acrobat installed, then the inventory analysis must accurately report all of these versions.
In addition, you must be able to accurately determine the versions and editions of Adobe suites installed versus the component products. This can have significant cost implications for you – Adobe suites cost less than the individual components. Not recognising the Adobe suites can therefore affect your software license liability.
• License management:
The common Adobe volume license agreement is Cumulative Licensing Program (CLP). The product use rights (PURs) for each Adobe product purchased under CLP can differ, from product to product and version to version. For example, Acrobat 6.0, 7.0 and 8.0 may all be installed on the same computer and it will only consume one license. However, this is not the case for the older versions of Acrobat, where each installation consumes a license. Hence, the importance of accurately reckoning installations and applying use rights correctly.
With an enterprise license optimisation program in place, your organisation will be ready the next time the auditors come knocking.