When Broadcom acquired virtualization leader VMware in late 2023, some experts sounded the alarm that things were about to change. Not all tech leaders paid attention.
The changes came quickly. First, there were all the layoffs of VMware employees and the terminations of agreements with VMware resellers and service providers. Then the licensing changes. Perpetual licenses were out. Subscription licenses were in. And the software would no longer be sold as individual products but only in bundles.
Some of its largest enterprise customers, especially those already on subscription licenses, would benefit, Broadcom claimed.
But everyone else? Not so much. Those who had perpetual licenses would soon lose access to support, upgrades, and security patches. Nonprofits and educational institutions were out of luck. Members of the association of Cloud Infrastructure Services Providers in Europe reported increases ranging from 800% to 1,500% to the European Commission.
And it wasn’t just the small and mid-sized companies that were affected by the changes. AT&T said its prices would go up by 1,050%. And the lawsuits started flying.
In the Netherlands, the Dutch Ministry of Infrastructure and Water Management sued Broadcom to get support for its VMware products while it migrates to other solutions over the next two years. In June, the courts ruled against Broadcom, and if it failed to provide support, it could be subject to fines of up to $29 million.
AT&T also filed a lawsuit last August, which was settled in November at undisclosed terms.
And that brings us to the Siemens lawsuit. What’s different about the Siemens lawsuit, and what makes it so worrisome for other enterprises, is that Broadcom is the one that sued Siemens for using unlicensed VMware software.
Well, it was a little more nuanced than that. Siemens threatened to sue Siemens if it didn’t provide ongoing support for the software and handed over a list of the software it was using that it wanted support for. Except that the list included software that it didn’t have any licenses for, perpetual or otherwise. VMware sued, Siemens countersued, and now the two companies are battling over jurisdiction. Siemens wants the case to be heard in Germany, and VMware prefers the United States.
Normally, if unlicensed copies of software are discovered during an audit, the customer pays the difference and maybe an additional penalty. After all, there are always minor mistakes. The vendors try to keep these costs at least somewhat reasonable, since at some point, customers will migrate from mission-critical software if the pain is high enough.
According to Gartner, non-VMware products accounted for just 30% of the market for full-stack hyperconverged infrastructure software in 2024 — but this will double to 60% in 2029.
With VMware, however, Broadcom seems to be completely indifferent to the suffering of its customers, and to the idea that many of them would leave. The pain, in fact, might be the entire point of the exercise, and, so far, its strategy seems to be paying off. In the short term, anyway.
In June, Broadcom reported a 25% year-over-year increase in revenues for its infrastructure software business. Overall, the company said, total earnings reached a record high $15 billion for the second quarter of this year, up 20% from last year, due to VMware and to its AI semiconductor solutions.
There are three main lessons that enterprises should draw from this whole situation: they need to carefully review their licenses for terms and jurisdictions, track their actual usage, and have contingency plans in place in case something goes wrong.
According to a Flexera survey of more than 500 IT professionals, 45% say they had more than $1 million in audit fines in the last three years — and 23% said the number was more than $5 million.
VMware was the eighth-most aggressive vendor when it comes to audits, the survey shows, with 18% of companies getting audited over the past three years. But VMware was in second place in relevance to a company’s software asset management program, right after Microsoft, because of its strategic importance to the business, license complexity, and cost impact.
The first problem with software licenses is that companies might not always know about all the software they use. In large companies in particular, software purchases can be made by different departments or charged on individual credit cards. And then there’s shadow IT.
“Developers might just spin up virtual machines and companies might not even know what they are doing,” says JP Batra, president at Blue River International, an IT and management consulting firm.
It’s hard for a company to have a copy of the software contract on hand if it doesn’t even know that the software was purchased. But having a legal license is just the start of the battle.
As the Siemens lawsuit’s jurisdiction battle illustrates, the fine print in the contract can make a big difference down the line, especially if companies have offices or subsidiaries around the world.
“There’s a honeymoon period when a company acquires a new product,” says Batra. “People sign agreements without paying attention to their global presence. But what happens when there’s a conflict with local laws? Which laws should prevail?”
Another item that can show up in the fine print of software contracts is that the license might not include the use of all the available features in the product. According to the Flexera survey, 32% of respondents report that the complexity of software use rights was a significant challenge — tying for first place with the amount of time and money spent responding to audits.
This issue has come up in the Siemens lawsuit, says Dean Bolton, chief architect and co-founder at LicenseFortress, a software license asset management company.
“Siemens basically said that if the features were available, then they assumed it was included with what they purchased with their license key,” he says.
It’s a gotcha that other software vendors try to slip by their customers as well, he says. The feature might be right there, readily available, not grayed out, but you’re not supposed to use it unless you’ve paid for a specific additional license for that feature.
“If that decision were to go in Siemens’ favor, I think that could have some significant ramifications through the industry,” Bolton says. “But I don’t think it’s going to go in their favor.”
Even when the procurement department understands the terms and limitations of its licenses very well, that doesn’t mean that this information is adequately distributed throughout the company.
Employees often don’t have the time to focus on the literal minutia of how the licenses work and which features are allowed, and which aren’t, says Bolton. “It’s not an excuse that the customers don’t pay attention, but the vendors don’t make it easy. They could make it a lot easier. I think the problem is that the vendors are doing it so that they gain more revenue–they kind of set little traps for customers in there.”
So it’s not enough for a company to have a good understanding of all the terms and conditions of the software products they use. They also must track, in detail, exactly how that software is being used throughout the company.
Nathan Biggs, CEO of consulting firm House of Bricks, recommends that companies monitor the usage of that software and compare it to the license agreements to ensure that they stay in compliance.
“This is a challenge sometimes,” he says. “The procurement or contract management organization might understand the terms and conditions, but it’s the infrastructure and operations team that’s deploying the software, and sometimes those two groups don’t talk to each other.”
Most customers don’t want to get out of compliance, he says. “If they’re using something that should be paid for, they want to pay for it. They’re not trying to cheat Broadcom. They’re trying to do the right thing.”
That’s why so many are so frustrated with Broadcom right now, he says.
“They feel trapped or they feel like they’ve been tricked into a situation that they didn’t intend to get into, and it’s resulting in them having to pay a lot more money than they had planned,” he says.
For companies just starting out with software asset management, tracking is typically done with audits, according to the Flexera survey. About 37% of companies fall into this category. Another 33% track software licenses beyond just audits, and track SaaS, cloud usage, and software license lifecycles. The most advanced 29% also optimize their software license use, rationalize their application portfolio, and, while they’re at it, track software vulnerabilities.
Some software vendors will provide their own tools to track usage of their software, says Bill Sudbrook, senior director in the solutions advisory practice at Flexera, a software asset management company. Flexera is also a VMware customer.
“By default, VMware will use their portals to say how many licenses you have,” he says. “But their portals are extremely inaccurate. It’s horrible. You absolutely must have cross-checking in your environment because the portals can get out of sync.”
Good record-keeping can prepare enterprises for audits and protect them from unexpected fines and cost overruns. However, there’s not much that customers can do to protect themselves from price increases that result from drastic licensing changes, Sudbrook says.
“They can just say that your licenses are end of service life,” he says. “Your licenses are no longer supported. If you want support, you need to go purchase a new set of licenses.”
Some enterprises looked for other partners to provide support for their VMware installations, he says. “And Broadcom has since put a cease and desist on those companies, saying, ‘No, you have to buy directly from us at our new significantly higher prices,’” Sudbrook says.
Some Flexera customers are seeing VMware price increases of 100%, he adds, and some are evaluating alternatives such as Nutanix or one of the open-source options. Of those who switch, the majority are migrating to Nutanix, he says.
Is Flexera planning to migrate off VMware?
“Just like our customers, Flexera is always looking for ways to optimize our tech stack and resulting costs,” says Flexera CIO Conal Gallagher. “We constantly evaluate our tools and platform to better align with our business needs.”
Ken Ringdahl, CTO at expense management firm Emburse, has worked for VMware in the past, and has also been at a company that was audited by VMware.
“It was a regular audit,” he says. “It’s a bit of an open cavity search, and, by their licenses, it’s their right. It’s very common in large enterprise software because it’s very easy to lose track of your software licenses and the right hand doesn’t know what the left hand is doing.”
Emburse itself was almost caught by a major licensing change. In 2023, Oracle changed Java licensing from per-user or per-processor to per-employee. And by “employee” Oracle means not just full-time staff, but also part-timers, temporary workers, contractors, and consultants. “We’d have had to license 900 people for use of Java,” he says. That would have been very expensive.
According to Redress Compliance, the new license terms increase costs for companies from two to ten times, or higher, with some firms reporting six-figure budget overruns as a result.
So it’s no surprise that Oracle’s share of the Java market fell from 75% in 2020 to just 21% in 2024, according to a report by observability platform vendor New Relic. Fortunately, Emburse had a bit of foresight, and a bit of luck.
“Some of it was foreshadowed quite a bit since Oracle acquired other companies and they want to monetize the assets they have,” Ringdahl says. “And we were no longer using Oracle commercial licenses. We were using an open-source version.”
Other companies were caught by surprise, he says. For large companies, it can be hard to pivot quickly. Using open-source software can help reduce the risk of unexpected license changes, and, for many major tools there are third-party service providers that can offer ongoing support.
Another option is SaaS software, he says, because it does make license management a bit easier, since there’s usually transparency both for the customer and the vendor about how much usage the product is getting.
For VMware, he suggests that currently customers try to optimize their environments as much as they can. And, if they decide to leave, there are now alternatives.
“Nutanix has been the biggest benefactor,” he says. “Their business has grown quite substantially, and they’ve smartly gone after VMware customers.”
Another commercial alternative is Microsoft’s Hyper-V. Open-source options include Proxmox Virtual Environment, Red Hat OpenShift Virtualization, and Linux Kernel-level Virtual Machines. Public cloud is also an option, says Ringdahl.
Because of these risks, some companies try to avoid using single vendors for mission-critical systems and platforms, he says. “They have two-vendor strategies or require multiple vendors in the same space for situations like this. It’s about protecting your business as much as you possibly can.”
According to a recent Gartner report, migrating away from VMware could take 18 to 48 months, and migration services could range from $300 to $3,000 per virtual machine — and during the migration, companies would still have to pay Broadcom for their VMware subscriptions.
And, at the end of the day, the alternatives may not provide the same features that VMware does, or a company might not have the in-house expertise to handle them. Plus, the move itself can be costly, time-intensive, and disruptive. “Replatforming is hard to do,” says Ringdahl.
Source:: Network World