Risk of Non-Compliance Part 3: Oracle Audit Risk in VMware Environments


Monitoring for License Compliance in VMware-based Private Cloud Environments 

In part 3 of our series on calculating the potential cost of non-compliance in private and public cloud environments, we are focusing on one of the most challenging and intimidating problems that users of Oracle database and middleware software face. That problem is license compliance with Oracle running in a VMware virtualized environment. 

It is unfortunate, but the reason that this compliance risk is so onerous is Oracle’s insistence on claiming non-compliance using arguments that contradict the customer’s license agreement. 

Dissecting Oracle’s (Specious) Arguments 

Running Oracle technology products (any Oracle software using a Processor-based license metric, hereinafter referred to simply as “Oracle software”) is licensed according to the number of processor cores in the physical server where that software is installed. The license metrics that Oracle uses for hardware-based licensing are “Processor” and “Named User Plus.” The licenses required for both of these metrics depend on the definition of the word “Processor.”  

In each license agreement that a customer enters into with Oracle is a contractual reference to the License Definitions and Rules. Older license agreements (such as an OLSA or SLSA) may have contained these definitions and rules in a section within the contract document itself. Newer license agreements tend to refer to an external document where these rules are outlined. Oracle makes the referenced License Definitions and Rules document publicly available. This document contains the contractual definitioni for the word “Processor” as follows:  

“Processor: shall be defined as all processors where the Oracle Programs are installed and/or running.”ii 

Seemingly afraid that this decades-long definition would erode their license revenue as virtualization allowed for Oracle software to be more densely installed on servers with the same or fewer processor cores, Oracle personnel started to claim that this straightforward definition of Processor meant that everything running a virtualization hypervisor inherently met the qualification of having already been “installed.” This was explicitly stated by Oracle’s Sr. Legal Counsel, Chad Russell, in his statement to Mars Corporation: 

“Oracle programs are installed on any processors where the programs are available for use.  Third party VMware technology specifically is designed for the purpose of allowing live migration of programs to all processors across the entire environment.  Thus, Oracle Enterprise Edition is installed and available for use on all processors in a V-Center.”iii 

Chad Russell, Oracle Senior legal counsel

This expansive, non-contractual, and specious claim that having the ability to be easily installed in the future constitutes a present installation was challenged by Mars in Mars v. Oracle. The case apparently settled quickly and the issue was never resolved by a court of law. The speed of the resolution without Oracle filing any opposition to Mars motion, in our opinion is most likely because Oracle knows the weakness of its contractual argument.

This is probably the appropriate place to show our favorite comic, first introduced 8 years ago.  

What is the Potential Cost of Oracle’s Claim? 

House of Brick’s clients enjoy House of Brick’s proven ability to refute and push back on Oracle for their claims lacking contractual justification. There are many Oracle customers, however, that have not taken advantage of our service and software solutions. For those organizations that may fall prey to Oracle’s aggressiveness, what would the potential cost entail? 

We will consider the price to license Oracle software on a small, medium, and large-sized environment. The pricing is shown with list prices for Oracle database only, with selected database features that might be appropriate for the size of the environment. The hosts and processor cores shown are assumed to be only those where the Oracle software is actually installed and/or running. 

As you can see from the table, a small Oracle software environment using database Enterprise Edition might cost $480,000iv at list price. A medium environment might be just over $4.5M, and a large environment over $33M. This is expensive, but the value that Oracle software provides is generally worth the investment.  

Now we will consider what the potential cost would be if the customer acquiesced to Oracle’s specious claim of having to license every host and every processor core in their VMware environment, whether those hosts had installed Oracle software or not. Again, showing the potential number of vSphere hosts for varying sizes of organizations: 

Look how the potential claim of non-compliance skyrockets! In the small environment the potential risk goes up 5x. It is about 3.5x for the medium, and an astounding 9x for the large. You might wonder if Oracle would ever even make such a claim to a customer with a multi-hundred-million-dollar deficiency. The answer is YES! We have seen it on multiple occasions (even on medium-sized customers). Admittedly, Oracle would likely not insist on settling at that huge figure, but out of the goodness of their hearts, and in consideration of “the partnership” they have with the customer, would offer a considerable discount. These offers usually take one of the following forms: 

  • Negotiated discount down to a figure that is 15% to 35% of the gross elevated claim (on top of existing license and support costs). This is typically accomplished by issuing non-usable licenses (we call them “dummy licenses”) to cover the entirety of the VMware environment, but that cannot be used anywhere else to run Oracle software. This is an exorbitantly expensive option, and locks customers into having to acquire new licenses whenever the VMware environment is expanded, even if not for Oracle. 
  • Negotiating an Unlimited License Agreement (ULA) with Oracle that is considerably more expensive than simply licensing the installed processors would be. This is a hugely expensive option and locks the customer into an elevated cost basis that cannot be reduced in the future. 
  • Insisting on the customer implementing outrageously strict physical isolation of their vSphere, network, and storage environments to “guarantee” that the virtual machines running Oracle software cannot migrate to an unlicensed host. This is costly in terms of architectural and operational overhead to manage as a separate isolated environment from the rest of the VMware data center. It also requires Oracle’s review and approval of any architectural changes in the future. 

How Can OpsCompass Help Avoid This Risk? 

OpsCompass for Oracle (we also have OpsCompass for Microsoft) actively monitors the Oracle databases, middleware, and VMware environments for our customers. We can alert our users if a virtual machine with Oracle software installed migrates to a host or cluster that is not sufficiently licensed. This gives our customers an opportunity to move the VM back to where it should be, and to address any issues with the containment methods that were intended to keep the VM on licensed hosts to begin with. 

In addition to the power of OpsCompass for Oracle, House of Brick offers a SAM managed service to help our customers stay educated on Oracle licensing issues, effectively architect their Oracle environments, and aggressively refute claims made by Oracle that could end up being unnecessarily expensive. The Managed OpsCompass service bundles all of the following into a complete license compliance solution: 

  • Unlimited defense support for Oracle audits 
  • Unlimited support for Oracle purchase or renewal negotiations 
  • Annual education workshops for license management and audit preparation 
  • Annual internal software audit (compliance assessment and organizational preparedness) 
  • Annual architecture optimization and license cost reduction review 

House of Brick solutions powered by OpsCompass monitoring software is the future of Oracle asset management, governance, and compliance. We would love to help you avoid the dramatic costs that are identified above. If you feel like Oracle is pushing you into a costly position, please contact us so we can ensure you are not taken advantage of. We have your back! 

Table of Contents

Related Posts