How Germany's leading car rental company saved $4M by challenging Oracle LMS audit claims on VMware virtualisation peak-capacity licensing and Java SE compliance — reducing a near-$4M compliance demand to a nominal amount through independent assessment and audit defence.
Sixt SE is one of Europe's leading mobility service providers, headquartered in Pullach near Munich, Germany. Founded in 1912, Sixt operates in over 100 countries with a fleet of hundreds of thousands of vehicles, supported by digital platforms serving millions of customers annually. The company's IT infrastructure — powering reservation systems, fleet management, pricing algorithms, and customer-facing applications — relies on Oracle Database for core data management and Oracle Java SE across a broad range of internal and customer-facing applications.
When Oracle's License Management Services (LMS) initiated a formal audit, Sixt faced a compliance report suggesting nearly $4M in licence shortfalls. The claim was driven by two primary vectors: Oracle's assertion that Sixt's entire VMware virtualised environment required licensing at peak capacity — far beyond the servers actually hosting Oracle workloads — and blanket Java SE subscription demands under Oracle's revised commercial policy. Oracle's sales team immediately followed up, pressuring Sixt to purchase a multi-million dollar licence-and-subscription bundle to "settle" the issues quickly.
By engaging Redress Compliance for an independent licensing assessment and audit defence, Sixt eliminated nearly the entire $4M claim. Only minor additional licences were required for a few genuine gaps. No broad Java purchase was needed. The audit concluded with no penalties, and Sixt preserved full control over its Oracle environment.
| Metric | Oracle's Claim | Actual Position (Post-Assessment) | Impact |
|---|---|---|---|
| Oracle Database Exposure (VMware) | $2.8M — peak-capacity cluster licensing required | Nominal — actual usage scope validated; existing entitlements largely sufficient | ~$2.7M eliminated |
| Database Options & Features | $400K — additional options licences flagged | $0 — auto-enabled, unused features confirmed via usage statistics | $400K eliminated |
| Java SE Exposure | $800K — enterprise-wide Java subscription | ~$60K — targeted subscription for essential servers only | ~$740K reduced |
| Total Compliance Claim | ~$4M | ~$160K (minor gaps + targeted Java) | $3.84M saved (96% reduction) |
| Oracle's "Settlement" Proposal | Multi-million dollar licence bundle | Declined — resolved on factual basis | Millions in unnecessary spend avoided |
Key takeaway: Oracle's audit claimed $4M in compliance gaps based on peak-capacity virtualisation assumptions and blanket Java demands. Independent analysis reduced the genuine exposure to approximately $160K — a 96% reduction. The difference was Oracle's overestimation of virtual environment licensing requirements, overcounting of database features, and all-or-nothing Java subscription approach.
Sixt's Oracle licensing situation reflected a common pattern for European enterprises operating large-scale digital operations on virtualised infrastructure: rapid technology scaling had outpaced licensing governance, creating gaps that Oracle's audit process would exploit using their most aggressive interpretations.
1. Oracle Database on VMware — The Peak-Capacity Dispute:
Sixt ran Oracle Database Enterprise Edition across multiple data centres in Germany supporting its global reservation platform, fleet management systems, and business intelligence. The database infrastructure was hosted on VMware vSphere clusters — a standard architecture for enterprises that need elastic capacity to handle variable demand, which is particularly critical for a mobility company with significant seasonal and event-driven booking peaks.
Oracle's audit approach introduced a particularly aggressive variant of the standard VMware licensing dispute. Rather than simply claiming that all hosts in a VMware cluster required licensing (the standard "soft partitioning" argument), Oracle's LMS team assessed Sixt's environment at peak capacity — the maximum number of virtual CPUs and host processors that could theoretically be allocated to Oracle workloads under the VMware configuration's resource limits. This meant Oracle was licensing not just the hosts where Oracle was currently running, but the full capacity of the cluster as if Oracle could consume every available resource.
The financial impact was enormous. Sixt's VMware production environment comprised approximately 20 physical hosts. Oracle's peak-capacity methodology effectively required licensing all 20 hosts at maximum core count — approximately 320 processor cores, translating to 160 Oracle Processor licences at the standard 0.5 core factor for x86 servers. At list price ($47,500 per Oracle Database Enterprise Edition Processor licence), this translated to $7.6M in list-price licensing requirements. After accounting for Sixt's existing entitlements and contractual discounts, Oracle's claimed gap was approximately $2.8M.
2. Database Options and Feature Flags:
Oracle's LMS tools also detected licensable database options — Diagnostics Pack, Tuning Pack, and Advanced Compression — across multiple instances. These features are commonly auto-enabled during Oracle Database installation and flagged by audit tools regardless of whether they are actually used. Oracle's additional claim for these options totalled approximately $400K.
3. Java SE — The All-or-Nothing Demand:
Oracle's revised Java SE commercial model had created significant exposure for Sixt. Java was deployed across the organisation — on application servers powering customer-facing platforms, on internal development environments, on desktop workstations, and embedded within third-party applications. Oracle's audit identified hundreds of Java SE installations and asserted that a company-wide Java subscription was required — approximately $800K annually under the employee headcount-based pricing model.
| Risk Area | Oracle's Assertion | Claimed Value | Core Dispute |
|---|---|---|---|
| Database on VMware (peak capacity) | Licence all hosts at maximum theoretical capacity | $2.8M | Peak capacity vs actual usage; soft partitioning policy applicability |
| Database options (Diag, Tuning, Compression) | Options detected = options requiring licence | $400K | Auto-enabled vs actually used |
| Java SE (enterprise-wide) | All employees need Java subscription | $800K | Enterprise subscription vs targeted server licensing |
| Total | — | ~$4M | — |
Oracle's sales team moved swiftly, presenting Sixt's management with a "settlement" package: a multi-million dollar licence-and-subscription bundle positioned as the cost-effective alternative to formal compliance remediation. This is a well-known Oracle tactic — using audit urgency to drive purchasing decisions before the customer has time to independently validate the claims.
What IT Leaders Should Do Now — Initial Audit Response
Question the licensing methodology, not just the numbers: Oracle's choice of licensing methodology (peak capacity, full cluster, per-host) determines the claim size more than any individual product finding. Challenge the methodology itself — is it based on actual usage or theoretical maximum?
Reject "settlement" pressure during active audits: Oracle's sales team has financial incentives to close commercial deals during audits. Any proposal presented as a "settlement" should be evaluated independently — after you understand your actual compliance position, not before.
Engage independent expertise immediately: The window between receiving audit findings and responding is critical. Independent analysis before your first response prevents accepting flawed assumptions that become harder to challenge later.
Document your actual Oracle resource consumption: Gather VMware performance data showing actual CPU allocation to Oracle VMs over time — not theoretical peak capacity. This is your primary evidence against inflated virtualisation claims.
The highest-priority phase focused on Oracle's $2.8M database claim — specifically, dismantling the peak-capacity licensing methodology that inflated the licensing scope far beyond Sixt's actual Oracle usage.
1. Comprehensive Discovery and Actual Usage Mapping:
Redress Compliance deployed independent data collection across Sixt's entire Oracle estate, mapping every database instance to its physical host, VMware cluster assignment, and actual resource allocation. Critically, the team collected historical VMware performance data — vCenter statistics showing actual CPU utilisation, memory allocation, and resource pool assignments for Oracle VMs over the trailing 12 months.
The findings directly contradicted Oracle's peak-capacity assumptions:
| Metric | Oracle LMS Assumption | Actual Environment | Impact on Licensing Scope |
|---|---|---|---|
| Hosts requiring licensing | 20 (all production hosts) | 6 (Oracle-hosting cluster only) | 70% reduction in host count |
| Processor cores in scope | 320 cores (peak capacity) | 96 cores (6 hosts × 16 cores) | 70% reduction in core count |
| Oracle Processor licences required | 160 (320 × 0.5 core factor) | 48 (96 × 0.5 core factor) | 70% reduction in licence count |
| Sixt's existing entitlements | — | 44 Processor licences | Gap of only 4 licences |
| Financial gap (Database EE) | $2.8M | ~$100K (4 licences at negotiated rate) | $2.7M eliminated |
2. Dismantling the Peak-Capacity Argument:
The advisory team built a three-layered defence against Oracle's peak-capacity methodology:
Contractual layer: Sixt's Oracle licence agreement defined licensing requirements based on the Processor metric — "the number of processors where the Oracle programs are installed and/or running." Oracle's peak-capacity interpretation extended this to processors where Oracle could theoretically run at maximum resource allocation — a reading not supported by the contract language. The team prepared a detailed contractual analysis demonstrating that "installed and/or running" refers to actual state, not theoretical maximum.
Technical layer: VMware resource pools and DRS configuration restricted Oracle VM workloads to a dedicated cluster of 6 physical hosts. Affinity rules prevented Oracle VMs from migrating to the other 14 hosts. vCenter performance data confirmed that Oracle VMs had never exceeded their allocated resources or migrated outside the designated cluster — Oracle's "peak capacity" scenario had never occurred and could not occur under the existing configuration.
Precedent layer: The advisory team referenced prior audit resolutions where Oracle had accepted VMware segmentation as a valid licensing boundary. While each engagement is distinct, the pattern of Oracle ultimately accepting properly documented segmentation is well-established across the industry.
3. Database Options — Zero-Usage Defence:
For the $400K database options claim, the team applied the standard but essential defence: querying DBA_FEATURE_USAGE_STATISTICS across all database instances. The results confirmed that Diagnostics Pack, Tuning Pack, and Advanced Compression had been auto-enabled during installation but showed zero actual usage over the trailing 12-month period. The options were present in the installation but never invoked by any application or DBA activity.
Oracle's own licensing policy acknowledges that features must be "used" to require licensing — and DBA_FEATURE_USAGE_STATISTICS is Oracle's designated mechanism for measuring usage. With zero-usage evidence across all instances, the $400K options claim was fully eliminated.
The Java SE component represented $800K of Oracle's $4M total claim — and like the database assertion, it was based on Oracle's most expansive interpretation rather than Sixt's actual licensing requirements.
1. Oracle's Enterprise-Wide Java Demand:
Oracle's audit team and sales representatives presented Java licensing as a company-wide obligation: because Oracle Java SE was installed on systems across Sixt's environment, Oracle asserted that every employee required a Java SE subscription at approximately $15 per employee per month. For Sixt's workforce, this totalled approximately $800K annually — a recurring cost for software that had been free under Oracle's previous licensing terms.
2. Granular Java Inventory and Classification:
The advisory team conducted a comprehensive Java inventory across Sixt's entire IT estate — application servers, web servers, development environments, desktop workstations, kiosk systems, and embedded applications. Each installation was classified by version, distributor, commercial use context, and licensing obligation:
| Java Category | Installations | Oracle Licence Required? | Action Taken |
|---|---|---|---|
| Oracle JDK (post-April 2019, production servers) | ~70 servers | Yes — commercial subscription | Licensed under targeted server subscription |
| Oracle JDK (pre-April 2019, legacy builds) | ~40 servers | No — covered under legacy BCL free terms | Retained; version evidence documented |
| OpenJDK / Amazon Corretto / Adoptium | ~180 systems | No — open-source, free distributions | No action required |
| Oracle JRE on desktops & kiosks | ~500 endpoints | Potentially — depends on version | Migrated to OpenJDK; Oracle JRE uninstalled |
| Java bundled with third-party applications | ~130 systems | No — redistributable under vendor licence | Documented redistribution chain |
| Java in Oracle product bundles (DB, middleware) | ~20 servers | No — covered under Oracle product entitlements | Documented as component of licensed product |
3. Remediation and Cost Optimisation:
The Java remediation followed a structured three-step approach that has proven effective across dozens of enterprise engagements:
Step 1 — Remove and replace non-essential Oracle Java: The ~500 desktop and kiosk installations were the largest volume contributor to Oracle's headcount-based licensing argument. The team coordinated with Sixt's desktop management team to deploy Eclipse Adoptium (OpenJDK) as the default Java runtime across all end-user devices, uninstalling Oracle JRE in the process. This eliminated the foundation for Oracle's enterprise-wide subscription demand.
Step 2 — Document all exempt installations: Pre-April 2019 legacy builds, Java bundled with third-party software (vendor redistribution), and Java deployed as a component of other licensed Oracle products were all documented with evidence of their exempt status. Without this documentation, Oracle defaults to "subscription required" — but with it, these installations are clearly outside the commercial licence scope.
Step 3 — License only what's required: For the ~70 production servers running Oracle JDK with post-April 2019 updates in active commercial use, the team negotiated a targeted Processor-based Java subscription — not the employee headcount model Oracle had proposed. The annual cost: approximately $60K — versus the $800K Oracle demanded. An 92.5% reduction.
What IT Leaders Should Do Now — Java SE Optimisation
Make OpenJDK the default across all desktops and kiosks: Desktop Java is the single largest driver of Oracle's headcount-based pricing model. Eliminating Oracle JRE from endpoints removes the justification for enterprise-wide subscriptions.
Audit third-party application Java dependencies: Many enterprise applications bundle their own Java runtime under redistribution agreements. Identify these and document the vendor's redistribution licence — these installations don't require your organisation to hold an Oracle Java subscription.
Negotiate server-specific, not headcount, Java pricing: Oracle prefers the employee-count model because it maximises revenue. Push for Processor-based or Named User Plus pricing tied to specific server deployments — typically 70–93% cheaper.
Implement a Java governance policy: Require procurement approval for any Oracle JDK installation. Default all provisioning templates to OpenJDK. Quarterly scans to detect and remediate unauthorised Oracle Java installations.
With the independent assessment complete, the engagement moved to formal audit defence — presenting Sixt's actual compliance position to Oracle LMS and resolving the audit.
1. Formal Response Submission:
The advisory team prepared a comprehensive response document — over 50 pages with supporting evidence — addressing each Oracle LMS finding systematically. The response followed a structured format for each claim: Oracle's assertion → independent finding → supporting evidence (technical, contractual, statistical) → conclusion and corrected position.
| Oracle LMS Finding | Redress Response | Key Evidence | Outcome |
|---|---|---|---|
| Database requires peak-capacity licensing of all 20 hosts | Oracle workloads segmented to 6 hosts via DRS; contract defines licensing at "installed and/or running" state, not theoretical maximum | vCenter configs; DRS affinity rules; 12-month performance data; contract analysis | $2.8M → ~$100K (4 additional licences) |
| Diagnostics Pack, Tuning Pack, Advanced Compression require licensing | Auto-enabled during installation; zero actual usage confirmed across all instances | DBA_FEATURE_USAGE_STATISTICS reports; 12-month usage history | $400K → $0 |
| Enterprise-wide Java SE subscription required | Majority of installations exempt (legacy, OpenJDK, redistribution, Oracle product bundles); targeted server subscription for ~70 production servers | Java inventory; version records; redistribution documentation; OpenJDK migration evidence | $800K → $60K |
2. Oracle's Response and Progressive Concession:
Oracle LMS initially resisted the VMware segmentation defence, repeating their standard position that VMware constitutes soft partitioning. The advisory team's counter-response emphasised three points that Oracle found difficult to dispute: the contract language doesn't reference Oracle's Partitioning Policy, the DRS configuration physically prevented Oracle VM migration outside the 6-host cluster, and vCenter audit logs confirmed zero out-of-scope migrations over 24+ months of recorded history.
After two rounds of formal response over approximately 10 weeks, Oracle LMS progressively conceded. The peak-capacity database claim was reduced to the 6-host scope. The options claims were withdrawn entirely based on zero-usage evidence. The Java claim was narrowed to the targeted scope Sixt had already addressed. The final resolution required Sixt to purchase just 4 additional Oracle Database Processor licences (approximately $100K at negotiated rates) and the $60K/year targeted Java subscription — a total of approximately $160K against Oracle's initial $4M claim.
3. Rejecting Oracle's Commercial "Settlement":
With the audit resolved factually, Oracle's proposed multi-million dollar licence bundle lost its justification. The advisory team helped Sixt formally decline the commercial proposal and communicate that the company's licensing needs were fully addressed by the minor additional purchases identified in the audit resolution. Sixt avoided a multi-year commercial commitment that would have cost many times the actual compliance gap — preserving complete flexibility over its Oracle strategy.
The engagement transformed Sixt's Oracle position from a $4M compliance crisis to a controlled, well-understood licensing environment — with savings that far exceeded the immediate cost avoidance.
| Outcome Area | Result |
|---|---|
| Oracle Database compliance | $2.8M claim reduced to ~$100K; peak-capacity methodology rejected; VMware segmentation validated; 4 additional Processor licences purchased |
| Database options (Diagnostics/Tuning/Compression) | $400K claim fully eliminated; auto-enabled, zero-usage confirmed |
| Java SE licensing | Reduced from $800K/year to $60K/year; 500 endpoints migrated to OpenJDK; targeted server subscription negotiated |
| Oracle LMS audit | Formally closed; no penalties; no compliance remediation beyond minor licence purchase |
| Oracle "settlement" proposal | Declined; multi-million dollar unnecessary spend avoided; full strategic flexibility preserved |
| Total direct savings | ~$3.84M (96% reduction from Oracle's initial claim) |
Governance Improvements Implemented:
VMware-Oracle deployment controls: Sixt implemented a formal change-management process for any modifications to VMware clusters hosting Oracle workloads. DRS affinity rules, resource pool boundaries, and vMotion scope changes now require licensing review and documentation update before implementation. This prevents future configuration drift that could inadvertently expand Oracle's licensing scope.
Java management policy: All new Java deployments default to OpenJDK (Eclipse Adoptium). Oracle JDK installation on any system requires explicit procurement approval with licensing justification. Quarterly automated scans detect and flag any unauthorised Oracle Java installations for remediation.
Annual Oracle licensing health check: Sixt adopted an annual independent licensing review — a proactive measure that ensures any genuine gaps are identified and remediated internally, on Sixt's terms, before Oracle has the opportunity to initiate another audit cycle.
Client Testimonial — Head of IT, Sixt: "When Oracle auditors reported massive compliance gaps, we sought expert help. Redress Compliance came in and changed the outcome. Their in-depth knowledge of Oracle Database licensing in virtualised environments and Java licensing rules enabled us to demonstrate that we weren't under-licensed, as Oracle had claimed. Redress showed us what we needed to licence — and what we didn't. Ultimately, we saved approximately $4 million. We also learned how to better manage our Oracle usage. Redress's independent advice and negotiation support were invaluable — we ended the audit on our terms and saved a fortune."
Sixt's experience offers particularly valuable lessons for European enterprises — where Oracle's audit practices interact with distinct regulatory and commercial dynamics.
1. Oracle's Peak-Capacity Methodology Is Particularly Aggressive — And Challengeable:
Oracle's standard VMware audit claim is that all hosts in a cluster require licensing (soft partitioning policy). The peak-capacity variant — licensing at maximum theoretical resource allocation — goes even further. This methodology is not supported by Oracle's contract language, which defines licensing based on where software is "installed and/or running," not where it could theoretically run at maximum capacity. Any enterprise receiving a peak-capacity claim should challenge the methodology itself, not just the numbers.
2. European GDPR Considerations Affect Audit Data Sharing:
European enterprises face additional considerations around data sharing during Oracle audits. GDPR and national data protection regulations may restrict what information can be shared with Oracle's audit team — particularly if audit data includes personal data (user IDs, employee counts, access logs). Use GDPR data minimisation principles as a legitimate framework for controlling what data you share: provide only what is contractually required and technically necessary for the compliance assessment, not everything Oracle requests.
3. Automotive and Mobility Companies Have High Oracle Exposure:
Companies in the automotive and mobility sector — car rental, fleet management, ride-hailing, automotive OEMs — typically run data-intensive Oracle environments with significant virtualisation. Seasonal and event-driven demand patterns (holiday travel, major events) create variable workloads that are best served by elastic VMware infrastructure — exactly the architecture that triggers Oracle's most aggressive licensing claims. If you're in this sector, proactive VMware segmentation for Oracle workloads is essential.
4. Oracle's "Settlement" Proposals Should Never Be Accepted During Active Audits:
Oracle's sales teams are incentivised to close commercial deals during audits — they earn commissions on new licence sales, including those driven by audit resolution. The "settlement" proposal is a sales instrument, not a compliance assessment. In Sixt's case, the proposed settlement would have cost many times the actual compliance gap. Always resolve the audit factually before considering any commercial proposals.
| Lesson | Action |
|---|---|
| Challenge the methodology, not just the numbers | If Oracle claims peak-capacity licensing, demand contractual justification. The contract defines "installed and/or running" — not theoretical maximum capacity. |
| Use GDPR data minimisation in audit responses | Share only contractually required data. Apply data minimisation principles to restrict scope of information provided to Oracle LMS. |
| Segment VMware proactively | Dedicated Oracle clusters with DRS affinity rules. Document and maintain as ongoing evidence — not a last-minute remediation. |
| Always check DBA_FEATURE_USAGE_STATISTICS | Run across all instances. Auto-enabled options with zero usage are the easiest audit claims to eliminate. |
| Reject "settlements" during audits | Resolve compliance factually first. Evaluate commercial proposals only after you know your actual position. |
What IT Leaders Should Do Now — Proactive Defence
Conduct an independent licensing assessment proactively: Don't wait for Oracle's audit notice. Annual health checks ensure you know your position and can respond from strength when the audit comes.
Build your VMware-Oracle defence file now: DRS configurations, affinity rules, vMotion logs, resource pool assignments, performance data. Update quarterly. Contemporaneous evidence is always stronger than retroactive documentation.
Review GDPR implications for audit data sharing: Consult your data protection team about what information can legally be shared with Oracle's audit team. Apply data minimisation principles to control scope.
Implement Java governance immediately: OpenJDK as default; procurement approval for any Oracle JDK; quarterly automated scans. Prevention costs a fraction of remediation.
Sixt's outcome is consistent with results across Oracle licensing assessments in diverse industries and geographies. The pattern of Oracle LMS overstating compliance exposure — and independent assessment dramatically reducing claims — is remarkably consistent.
| Client | Industry | Region | Oracle Claim | Post-Assessment | Savings |
|---|---|---|---|---|---|
| Sixt | Mobility / Rental | Germany | $4M | ~$160K | $3.84M (96%) |
| NOV Inc. | Energy | USA | $22M+ | Significantly reduced | $22M |
| ADNOC | Oil & Gas | UAE | $6M | Minimal | $6M |
| Pernod Ricard | Beverages | France | $4M | Minimal | $4M |
| Circles | Telecom | Singapore | $4M | $120K | $3.88M (97%) |
| New Look | Retail | UK | $3M | Minimal | $3M |
| MDF | SaaS | Canada | $3M | Minimal | $3M |
| Husky Energy | Energy | Canada | $2M | ~$80K | $2M (96%) |
Across these engagements — spanning mobility, energy, telecom, retail, SaaS, and beverages, across Europe, North America, the Middle East, and Asia-Pacific — the average claim reduction exceeds 90%. The recurring drivers are always the same: VMware over-licensing claims (whether standard soft partitioning or peak-capacity variants), auto-enabled database option flags, and blanket Java subscription demands. All are factually challengeable with proper data, contract analysis, and independent expertise.
For European companies, the consistency of these outcomes is particularly important given the EMEA regulatory environment. Oracle's audit practices apply globally, but the contractual frameworks governing Oracle licensing in Europe often contain provisions (including GDPR-related data handling requirements) that strengthen the customer's position in audit negotiations when properly leveraged.
Redress Compliance provides end-to-end Oracle licensing assessment and audit defence services, applying the methodology demonstrated in the Sixt engagement across enterprises globally.
| Service | Duration | Fee Model | Typical Outcome |
|---|---|---|---|
| Oracle Licensing Assessment | 6–10 weeks | Fixed fee | Complete compliance picture; quantified risk and savings |
| Oracle Audit Defence | 3–12 months | Fixed fee | Average 72% claim reduction across 80+ engagements |
| Java SE Assessment & Remediation | 4–8 weeks | Fixed fee | 70–93% cost reduction vs Oracle's enterprise subscription |
| VMware Virtualisation Defence | 2–4 weeks | Included in audit defence | Typically eliminates 60–100% of virtualisation claims |
| Oracle Contract Negotiation | 3–6 months | Fixed fee | Structural protections; benchmark-validated pricing |
Why Redress Compliance:
100% vendor-independent: No commercial relationships with Oracle, any third-party support provider, or any software vendor. Our recommendations are based solely on your best interests.
Fixed-fee engagements: No contingency fees, no percentage of savings, no incentive to inflate the claim or the solution. Cost certainty from engagement start.
Deep Oracle expertise: Our team includes former Oracle licensing specialists with direct experience in Oracle's LMS audit methodology, pricing policies, and internal approval processes.
European presence and expertise: With offices in Dublin and global delivery capability, we understand European contractual frameworks, GDPR implications for audit data sharing, and EMEA-specific Oracle commercial practices.
Proven track record: 80+ enterprise Oracle audit defences. Average claim reduction: 72%. Clients across Europe, North America, the Middle East, and Asia-Pacific.
Whether you're a European mobility company, a global enterprise, or any organisation running Oracle on VMware — here is the practical action plan drawn from Sixt's experience and dozens of comparable engagements.
| # | Action | Timing | Expected Impact |
|---|---|---|---|
| 1 | Segment Oracle workloads in VMware. Create dedicated Oracle clusters with DRS affinity rules. Restrict vMotion scope. Document configuration and maintain vCenter audit logs. | Immediate | Eliminates 60–100% of virtualisation claims |
| 2 | Collect VMware performance data. Export 12 months of vCenter CPU utilisation data for Oracle-hosting clusters. This directly counters peak-capacity claims with actual usage evidence. | Within 2 weeks | Defeats peak-capacity audit methodology |
| 3 | Run DBA_FEATURE_USAGE_STATISTICS on every database. Identify auto-enabled options. Confirm zero usage. Compile reports as standing defence evidence. | Within 2 weeks | Eliminates $100K–$500K+ in options claims |
| 4 | Inventory all Java SE installations. Categorise by version, distributor, and use. Migrate desktops/kiosks to OpenJDK. Document exempt installations. | Within 30 days | 70–93% reduction in Java licensing costs |
| 5 | Reconcile entitlements against deployments. Map every Oracle ordering document and CSI to actual systems. Identify surplus and genuine gaps. | Within 60 days | Complete compliance picture; negotiation baseline |
| 6 | Implement quarterly Oracle governance. Review deployments vs entitlements; track VMware changes; scan for Java drift. Prevent gaps from accumulating. | Ongoing | Permanent audit readiness |
| 7 | If Oracle audits — engage advisory before responding. The first response defines the audit trajectory. Independent review prevents accepting flawed methodology or overcounted findings. | When triggered | Controls the narrative; prevents inflated outcomes |
Key point: Sixt faced $4M in Oracle compliance claims. Independent assessment reduced the actual exposure to $160K — a 96% reduction. Oracle's peak-capacity methodology, auto-enabled database options, and blanket Java demands are all standard audit tactics that are factually challengeable with proper data and expertise. The cost of an independent assessment is a fraction of what an undefended audit costs. Invest in knowledge, not in Oracle's compliance narrative.
Through an independent licensing assessment that challenged Oracle's audit claims on three fronts: VMware peak-capacity licensing (reducing the database claim from $2.8M to ~$100K by demonstrating actual usage scope and VMware segmentation), database options ($400K eliminated via zero-usage evidence), and Java SE ($800K enterprise subscription replaced with $60K targeted server subscription). Total: $4M reduced to ~$160K.
An aggressive variant of Oracle's standard VMware audit claim. Rather than just claiming all hosts in a cluster require licensing (standard soft partitioning), peak-capacity methodology licenses at the maximum theoretical resource allocation — as if Oracle could consume every CPU in the cluster. This methodology is not supported by Oracle's contract language, which defines licensing based on where software is 'installed and/or running,' not theoretical maximum capacity.
Oracle's Partitioning Policy claims VMware requires full cluster licensing, but this policy is typically not part of your signed licence agreement. VMware DRS affinity rules that restrict Oracle VMs to designated hosts limit the licensing scope. Contract language defines licensing at 'installed and/or running' state — not where software could theoretically migrate.
Oracle Database Enterprise Edition automatically enables several licensable features during installation — Diagnostics Pack, Tuning Pack, Advanced Compression, Partitioning, and others. Oracle LMS flags these as 'in use.' However, DBA_FEATURE_USAGE_STATISTICS shows actual usage. Zero usage means the features are enabled but not actively used and shouldn't require additional licensing.
Enterprises typically save 70–93% compared to Oracle's enterprise-wide headcount subscription. The approach: migrate desktop/endpoint Java to OpenJDK, document exempt installations (legacy versions, third-party bundles, Oracle product components), and license only production servers running commercial Oracle JDK under targeted Processor-based pricing.
Almost never. Settlement proposals during audits are sales instruments, not compliance assessments. Oracle's sales team earns commissions on these deals. In Sixt's case, the proposed settlement would have cost many times the actual $160K compliance gap. Always resolve the audit factually first, then evaluate commercial proposals independently.
GDPR data minimisation principles provide a legitimate framework for controlling what information you share during Oracle audits. Provide only contractually required and technically necessary data. Consult your data protection team about what can legally be shared with Oracle's audit team, particularly if audit data includes employee information.
Typically 3–12 months from initial notice to formal closure. Timeline depends on environment complexity, number of products in scope, and the quality of your defence preparation. Engagements with independent advisory support tend to resolve more efficiently because responses are better prepared, more factual, and harder for Oracle to challenge.
Companies in the mobility sector — car rental, fleet management, ride-hailing — typically run data-intensive Oracle environments on elastic VMware infrastructure to handle seasonal demand. This architecture triggers Oracle's most aggressive licensing claims. Proactive VMware segmentation for Oracle workloads is essential for any mobility company.
Redress provides end-to-end audit defence: independent licensing assessment, data submission management, Oracle LMS finding challenges, formal response preparation, and settlement negotiation. All services are fixed-fee with no commercial ties to Oracle. Average claim reduction across 80+ enterprise audits: 72%. European presence (Dublin office) with global delivery.
This article is part of our Oracle Pricing & Negotiation pillar. Explore related guides:
Redress Compliance has helped hundreds of Fortune 500 enterprises — typically saving 15–35% on Oracle renewals, ULA negotiations, and audit defense.
100% vendor-independent · No commercial relationships with any software vendor