Lately, I have been working with several corporations who were using traditional Software Asset Management (SAM) solutions for Software License Compliance. Unfortunately, while these SAM solutions provide a decent software license solution for some assets, they left holes and actually created compliance risk for others. One example is the Oracle environment. I was recently working with a Global 100 company who was using a very popular SAM solution to understand their Oracle environment. While at first glance the solution appeared to be finding Oracle databases, it was in fact only finding Oracle Listeners. It then reported the servers these Listeners were running on as licensable Oracle database servers, and didn’t analyze what Options were being used on those servers.
Without getting into too much technical detail, let’s just say that this process can be very inaccurate. The reality in many large organizations is that Oracle Listeners can be setup to point to multiple databases on different hosts. They can be configured for High Availability and/or Load Balancing, which further obfuscates the underlying database server architecture. Just looking at CPU’s that a Listener is running on does not provide you any clarity into your entitlement position with regards to Oracle Database licensing.
In the case of this most recent engagement with the Global 100 company, the traditional SAM solution reported a CPU count that was off by 35%. It then also estimated the DB Option usage figures, which were off by more than 50%. The solution not only mis-counted Oracle Listeners as Oracle Databases, but also incorrectly calculated the “Oracle CPU” count, which takes into consideration not only the physical number of CPU’s, but the number of Cores, and a core multiplier factor (which can change depending on OS and processor speed). Last but not least, it also double counted many environments where their DB servers were running on VMware Hosts.
Thus, when choosing any IT Asset Management solution, it is important to keep in mind that a “one-size-fits-all” approach might not always make sense. You must ensure that the solutions you are using take into consideration the license metric of the underlying asset, as well as the solutions ability to correctly discover and track the physical deployment and actual usage of that asset, as it relates to the licensable metric.