Broadcom VMware Audit Defence: What Triggers It

Broadcom's audit programme since the VMware acquisition is more aggressive than VMware's pre-acquisition compliance reviews. The audit team has expanded. The targeting has sharpened around perpetual customers running unsupported deployments. The commercial use of audits has shifted: audit settlements are increasingly the path Broadcom uses to drive perpetual customers into subscription contracts they would not otherwise sign.

How the audit programme has changed under Broadcom

VMware's pre-acquisition compliance programme was real but generally low-pressure. Audit notices were mainly used to surface specific compliance issues, not as a primary commercial lever. The audit team was a discrete function inside the broader VMware sales organisation.

Broadcom has restructured the programme. The audit team has grown. The audit cadence has shortened. The integration with Broadcom's sales organisation has tightened: an audit settlement frequently includes a multi-year subscription commitment as a closing condition, making the audit into a sales transaction.

For customers, this means three things. First, the probability of receiving an audit notice in any given year has increased materially since 2024. Second, the audit notice itself often arrives when the customer has signalled migration intent (engaged with Nutanix, allowed support to lapse, queried alternatives publicly). Third, the audit settlement number is rarely the final commercial outcome; the closing position usually includes a forward subscription commitment.

The five Broadcom audit triggers we see most often

1. Perpetual customers running unsupported versions

Perpetual VMware licenses continue to function after support lapses, but unsupported versions are an audit target. Broadcom's audit team identifies unsupported deployments through partner channel reports, hardware compatibility list mismatches, and customer-side support engagement attempts. The audit notice typically arrives 6 to 18 months after support lapse.

2. Non-renewal within Broadcom's expected window

Customers who delay subscription renewal past Broadcom's expected window receive escalating outreach from the account team, then formal compliance review, then audit notice if no commercial agreement materialises. The window varies but typically runs 60 to 120 days post-renewal date.

3. Recent acquisitions surfacing additional VMware

M&A activity is a standard audit trigger across enterprise software. Broadcom monitors merger and acquisition announcements and follows up where the combined entity's VMware footprint exceeds the contracted entitlements.

4. Migration intent signals

Engagement with Nutanix, Proxmox, OpenStack or hyperscaler-native virtualisation alternatives can trigger preemptive Broadcom audit notices. The signal sources include partner channels, public reference customers, sales team intelligence and infrastructure spend disclosures.

5. Public infrastructure disclosures

Public companies that disclose infrastructure spend, hardware purchases or virtualisation strategy in earnings calls, annual reports or industry conference presentations occasionally trigger Broadcom audit attention. The disclosed footprint is compared against the licensed entitlement.

What Broadcom requests during an audit

Standard Broadcom VMware audit data requests typically include the following.

• Complete vSphere deployment inventory. Every ESXi host, vCenter Server, with cluster topology, cores per host, total cores per cluster, total cores across the estate.
• License key assignment. Which license keys are assigned to which hosts and clusters. Broadcom matches the assignment against the contractual entitlement.
• vSAN deployment state. vSAN-enabled clusters, capacity in use per cluster, total vSAN capacity across the estate. Compared against the bundle entitlement (100 GB per core in VVF, 1 TB per core in VCF, or perpetual edition entitlements).
• NSX deployment state. NSX Manager deployments, NSX Edge nodes, distributed firewall and load balancing usage. NSX is included in VCF but not VVF.
• Aria suite usage. Aria Operations, Aria Operations for Logs, Aria Automation, Aria Suite Lifecycle. Each has different bundle inclusion.
• Tanzu Kubernetes deployment. Tanzu workload clusters, Tanzu Application Platform usage. Included in VCF, not VVF.
• Version inventory. ESXi, vCenter, vSAN, NSX, Aria versions in production. Compared against version-specific entitlements and support eligibility.
• Third-party integration. VMware-integrated tools (backup software, monitoring, automation) that interact with the platform. Some create indirect licensing questions.

The data request is broad. Broadcom's working assumption is that the customer's documentation is incomplete and that the audit will find more deployed cores or features than the customer initially declares.

Common audit findings

Three findings recur across the Broadcom VMware audits we have defended.

Core count over-deployment. Bundle entitlement is per-core with a 16-core minimum per CPU. Servers with high core counts (32, 48, 64 cores per CPU) often exceed the customer's declared core count if the per-CPU minimum was assumed but the actual core count is higher. Modern Intel and AMD CPUs commonly trip this.

vSAN capacity exceedance. vSAN capacity in use exceeds the bundle entitlement (100 GB per core in VVF). The audit findings typically push the customer to upgrade to VCF or to license additional vSAN capacity separately.

NSX or Tanzu usage without VCF entitlement. Customers running VVF that have enabled NSX or Tanzu features that should require VCF. Often unintentional, often surfaced by the audit. The finding typically requires bundle upgrade or feature disablement.

Building the defensive position

Defence work runs in five phases.

Phase 1: communications takeover. Independent counsel takes over correspondence with Broadcom. Initial response acknowledges receipt only and requests the formal audit scope letter in writing.

Phase 2: deployment baseline. Independent audit team pulls the customer's deployment data on the customer's behalf, validates it against contract entitlements, and identifies the gap between what Broadcom will claim and what they can actually validate.

Phase 3: methodology challenge. Broadcom's data submission requirements, scope assumptions and counting methodology are formally challenged where they overreach. Per-CPU minimum vs actual core count, vSAN capacity calculation, NSX usage classification, Aria component bundling.

Phase 4: contract entitlement verification. Customer's perpetual licenses, transition arrangements, edition entitlements and support history are documented. Broadcom's claim is matched against the actual contractual position.

Phase 5: settlement negotiation. The closing settlement number is negotiated against Broadcom's opening position. The closing position frequently includes a forward subscription commitment; whether to accept or to negotiate alternative resolution structures depends on the customer's strategic direction.

What independent VMware audit defence outcomes look like

Independent buyer-side defence typically achieves one of three outcomes.

Outcome 1: claim materially reduced, subscription accepted. The opening claim is reduced through methodology challenge and entitlement verification. The customer accepts a Broadcom subscription on negotiated terms with locked discount and audit-cleared status. Most common outcome for customers planning to stay on VMware.

Outcome 2: claim resolved, customer migrates off VMware. The audit settlement is structured as a final perpetual license run-out. The customer commits to migration to an alternative platform within the settlement term. Broadcom accepts this where the customer has credible alternative path. Rare but increasing in frequency.

Outcome 3: claim significantly reduced or zero settlement. Where the customer's deployment can be defended against the audit findings. Less common than Outcome 1 because Broadcom's audits typically have at least some surface area, but happens where the customer's documentation is strong.

Frequently asked questions

Has Broadcom changed VMware audit practices?

Yes. Broadcom's audit programme since the VMware acquisition is more aggressive than VMware's pre-acquisition compliance reviews. The audit team has expanded, the focus has shifted to perpetual customers running unsupported deployments, and the commercial pressure from audits is being used to drive subscription conversions.

What triggers a Broadcom VMware audit?

Common triggers include perpetual customers running unsupported VMware versions, non-renewal of subscription within Broadcom's expected window, recent acquisitions that surface additional VMware deployments, partner-channel reports, public infrastructure spend disclosures, and customer engagement with Nutanix or other VMware alternatives.

What does Broadcom request in a VMware audit?

Standard audit data requests include complete vSphere deployment inventory, vSAN capacity in use, NSX deployment state, Aria suite usage, Tanzu Kubernetes deployment, vCenter Server inventory and version, ESXi host inventory, license keys assigned to each component, and contractual entitlement documentation.

What should I do when Broadcom sends a VMware audit notice?

Acknowledge receipt only. Do not respond directly with deployment data, do not engage Broadcom's audit team in detailed conversation, and do not agree to any audit timeline before reviewing the scope. Engage independent VMware audit defence within the same week.

How long does a Broadcom VMware audit take?

VMware audits typically run 4 to 8 months from formal notice to closing letter. Audits combined with broader Broadcom product reviews can run longer.

What does a Broadcom VMware audit settlement look like?

Settlements typically combine three elements: prospective subscription pricing for ongoing VMware use; retroactive subscription fees for any period where deployment exceeded entitlement; and contract terms that resolve specific findings.