Managing Virtual License Boundaries
There are three major types of virtualisation that need to be monitored and managed;
- Virtual Machines
- Virtual Applications
- Dynamic Partitioning
In this article I explore each type of virtual environment, the licensing implications and basic fail-safe procedures and processes to consider.
Virtual Machines
The main benefit of Virtual Machines is the ability to build new machines very quickly and for multiple operating systems to be run on one piece of hardware. In Software Asset Management terms these two points also represent the biggest risk. The physical process of building a new piece of hardware, plugging in a network cable and installing software allows for processes to be implemented to maintain compliance. When machines are built and deployed virtually instantly (whilst also consuming licenses) it can lead to VM sprawl and be a real challenge to manage licensing, one IT Asset Manager I spoke to said that VMs breed like rabbits.
The main challenge in auditing and managing virtual machines is a) Ensuring a definitive list of virtual machines and b) determining and differentiating the physical host. In laymans terms – how many virtual machines do we have and which physical machines are they being run on? In the recent Mid-Market SAM Software Group Test all three tools allowed for their agent to be deployed within a virtual machine and also discover that VMWare as an application was being run but could not add any further intelligence. The weakness here is that we might know when someone is running VMware because it appears in our audits, but we don’t know how virtual machines are being run. An added complexity is that virtual machines can be run from thumb drives or portable drives connected to a machine on the network. Things to Consider: Closely manage and monitor who can create new Virtual Machines and have a process for either deploying an agent to each new virtual machine or recording the instance to be manually checked at a later date.
Virtual Applications
A user clicks on an icon on his desktop to run and application but the application is run in another location and streamed to his desktop. The risk here in licensing terms is that vendors commonly charge based on what might be used and not necessarily on actual consumption. The fact that a user has an icon on his desktop and could access an application is enough for software vendors to charge for it. A case of guilty by association. Things to Consider: Know the worst case scenario. Place a flag in change processes to check total concurrent usage or total maximum usage against entitlement when building or configuring machines with virtual application access.
Dynamic Partitioning
Dynamic partitioning is whereby processing power is assigned to an application or system based on demand. For example a system may be built upon a partition within a server with a certain amount of memory and processor power, this may dynamically increase or decrease depending on requirements. As with virtual applications software vendors tend to charge by what could be used rather than what is currently being used. So a database that is currently using 2 CPUs but could physically use 4 CPUs will be priced accordingly. Things to Consider – know the worst case scenario. Place a quarantine around hardware priced software deployment and place a flag within change processes to alert to the risk.
What have I missed? If you have any further comments please add them below or contact me directly.
Related articles:
About Martin Thompson
Martin is also the founder of ITAM Forum, a not-for-profit trade body for the ITAM industry created to raise the profile of the profession and bring an organisational certification to market. On a voluntary basis Martin is a contributor to ISO WG21 which develops the ITAM International Standard ISO/IEC 19770.
He is also the author of the book "Practical ITAM - The essential guide for IT Asset Managers", a book that describes how to get started and make a difference in the field of IT Asset Management. In addition, Martin developed the PITAM training course and certification.
Prior to founding the ITAM Review in 2008 Martin worked for Centennial Software (Ivanti), Silicon Graphics, CA Technologies and Computer 2000 (Tech Data).
When not working, Martin likes to Ski, Hike, Motorbike and spend time with his young family.
Connect with Martin on LinkedIn.