There is a misconception that ‘IBM does not audit cloud’.
This statement cannot be considered universal. Cloud describes different services and cannot be simplified in such a fashion. Let’s review what Cloud could be, and whether there is something to examine for licensing purposes.
Software as a Service (SaaS) that is provided by IBM, such as IBM Analytics (Cognos), Bluemix, or API Connect. IBM is aware of one’s usage of these software products because they host and invoice the client by the SaaS licensing metric whether it be users, subscriptions, or transactions. In a regular Software License Review (SLR), IBM does not audit these products. As they say on Game of Thrones ‘it is known’.
For other cloud scenarios, where there is a Bring-Your-Own-Software-License (BYOSL) scenario, IBM would review usage. This may also be true when IBM is providing Managed Services, either on-premise, in their data center, or somewhere else. For peace of mind, check your agreement for the terms around the solution IBM has offered. Frequently, the client is responsible for licensing the software.
Now that it’s been narrowed down to what is considered fair game for an IBM software audit – BYOSL, where can more information be found?
First and foremost, always remember IBM’s sub-capacity/virtualization licensing requirements. This is essential for licensing virtualized environments, including those that are off-premise. Run ILMT on all of these to obtain your reporting to comply with IBM’s sub-capacity licensing terms under the IBM Passport Advantage Agreement (IPAA).
ILMT will assist you with what a managed service or strategic outsourcing provider is doing with your IBM software deployments. From where you are, you may only know there are 10 instances allocated 2 vCPUs each of DataStage running in their environment. With ILMT agents deployed on your off-premise instances, it will report the 20 vCPUs and calculate the PVU licenses for DataStage and DataStage Non-Production for you. If you are audited, the auditor will request the two years of your quarterly ILMT reports that you’ve kept on file. There may be some verification to confirm accuracy, but overall you have adhered to IBM’s sub-capacity licensing and have the reports ready.
The other circumstance you may have is running IBM software on an eligible public cloud infrastructure as a Service (IaaS) which is covered by IBM’s Eligible Public Cloud BYOSL Policy . Note, that after the list of public cloud providers: IBM, Amazon, Google, Microsoft, and Oracle at 70 PVUs per vCPU, there is additional language toward the bottom of the page. Very important is what I just mentioned about ILMT – “This policy does not modify or supersede any obligations in the applicable governing license agreements, including requirements for licensed software use in a virtualized environment.” Also mentioned is if you are lucky enough to have an environment that IBM’s tools do not support, you would manually record the necessary information. This is similar to how IBM addresses ineligible ILMT technologies – don’t ignore your reporting responsibility and end up having your licensing assessed at Full Capacity.