IBM / ILMT Pillar
IBM ILMT comprehensive pillar.
The single source of truth for IBM ILMT operation in 2026. Architecture, scanner coverage, reporting, sub capacity rules, audit defense, and the buyer side framework that holds up under audit.
The single source of truth for IBM ILMT operation in 2026. Architecture, scanner coverage, reporting, sub capacity rules, audit defense, and the buyer side framework that holds up under audit.
The single source of truth for IBM ILMT operation in 2026. Architecture, scanner coverage, reporting, sub capacity rules, audit defense, and the buyer side framework that holds up under audit.
IBM License Metric Tool is the difference between sub capacity and full capacity licensing on every virtualized IBM workload in your estate. The total cost gap is rarely small. The discipline required to maintain the entitlement is what most enterprises underestimate.
This pillar consolidates everything we have learned across hundreds of IBM engagements into the canonical buyer side reference. It walks the architecture, the operations, the audit gates, and the operating model. Use it as the standard your team builds against.
Before sub capacity, IBM software on a virtualized host required licensing the entire underlying physical host. As virtualization scaled, the cost became unsustainable. Sub capacity entitlement allows licensing the resources actually allocated to a partition. ILMT is the proof point.
IBM audits use ILMT as the first gate. A compliant deployment preserves the sub capacity entitlement. A non compliant deployment, even on a small subset of hosts, can collapse the entitlement on those workloads and the cost difference is significant.
Every enterprise running eligible IBM software on virtualized infrastructure is in scope. The list is long. WebSphere, MQ, DB2, Informix, Tivoli, and many others.
ILMT has evolved across multiple major versions. The 2026 baseline is the version most enterprises are now running or migrating to.
Older ILMT versions are no longer supported for new sub capacity reporting. Plan upgrades carefully. Lost historical data during upgrade is a common audit issue.
IBM publishes a list of products eligible for sub capacity. The list changes. Keep a current copy in your records and verify before any new IBM software deployment.
ILMT audit gates and required state
| Gate | Required state | Recommended cadence | Common failure mode |
|---|---|---|---|
| Installation | Installed before sub capacity workload deployment | Once, verified annually | Installed late on new environment |
| Scan frequency | Every 90 days minimum | Monthly | Subset of hosts misses scans |
| Coverage | Every eligible host, all environments | Quarterly reconciliation | Containers and migrated VMs missed |
| Reports retention | At least 2 years | Quarterly verification | Lost during ILMT upgrade |
| Sub capacity report accuracy | Accurate PVU and metric values | Quarterly sign off | Stale or missing fields |
| Cloud and container coverage | First class scope | Quarterly review | Treated as exceptions |
ILMT is a server, agent, and reporting architecture. Each component has a placement rationale.
Single server per environment is typical. Place in a network segment that can reach every agent. Plan high availability for large estates. Back up regularly.
Agents are deployed on every host running eligible IBM software. The deployment plan should cover physical, virtualized, container, and cloud environments. No exceptions.
The ILMT backend is a database. The retention policy on that database is the retention policy on your audit defense. Treat it like an audit log.
Installation is straightforward at small scale. The complexity at enterprise scale is in coverage planning and operations handover.
ILMT must be installed before any sub capacity workload begins reporting. A gap of even a few weeks at the start can become an audit issue years later.
Stand up the server. Deploy agents in a controlled rollout across environments. Confirm reporting for each environment before declaring it covered.
Coverage gaps are the most common audit issue across our portfolio.
Every eligible host gets an agent. No sampling. Reconcile against the CMDB or hypervisor inventory quarterly.
Container coverage is the fastest growing gap. ILMT supports Kubernetes and OpenShift scanning. The deployment pattern is different from VMs.
Public cloud workloads running eligible IBM software are in scope. Marketplace images sometimes ship with agents pre installed. Confirm.
Scan operations is where most enterprises slip over time. The technology works. The operating discipline is what fades.
Quarterly is the contractual floor. Monthly is the recommended operating cadence. Reconcile the scan list against the host inventory quarterly to catch new hosts.
Failed scans are not benign. Investigate every scan failure within ten business days. Document the resolution. The documentation is itself audit evidence.
Reports are the artifact auditors ask for first. Their absence is taken as failure.
Sub capacity reports for every eligible product on every eligible host. Generated at least every ninety days. Retained for at least two years.
We recommend an internal sign off each quarter by the IBM software owner. It is the cheapest single control against audit risk. It also catches gaps before they accumulate.
The rules behind sub capacity entitlement are precise. Knowing them is the price of holding the discount.
Processor Value Units are the licensing metric for many IBM products. Each processor type has a PVU rating. Multiply by allocated cores to get the license requirement for a workload on a partition.
Sub capacity is available only on supported virtualization technologies, with ILMT in place, and with reports retained as required. Any one of those falling away can collapse the entitlement.
The standard guidance from many resellers is that the IBM-mandated ninety day scan floor is sufficient for sub capacity compliance. We disagree. In every ILMT audit defense we have run in the last two years, the gap was created by a host enrolled mid quarter that crossed the ninety day boundary before the next scheduled scan. Monthly scan cadence with automated enrollment of every new host inside seven days of provisioning is the only operating discipline that survives an audit cleanly. Quarterly cadence is an audit trap dressed up as operational efficiency.
Source: Redress Compliance advisory engagement file, 2024 to 2025.
Sub capacity is the largest single discount IBM gives. ILMT is the price of admission. Run it like a regulated control, not an IT project.
An audit is the test of your ILMT discipline. The posture you bring matters as much as the data.
Quarterly internal sign off, current report archive, and an up to date inventory mean an audit is a verification exercise, not a discovery exercise.
Auditors ask first for ILMT install confirmation, scan history, coverage list, and sub capacity reports. Bring those four artifacts to the kickoff. The tone of the audit changes when you arrive ready.
Findings are negotiated against the facts. Documented quarterly sign offs, scan failure investigations, and inventory reconciliation give you the basis to contest soft findings.
ILMT upgrades are the moment most enterprises lose historical reports. Treat the upgrade like a regulated change.
Before any ILMT upgrade, confirm the retention plan for historical reports. Migration paths vary. The wrong path can drop history quietly.
Run the upgrade in staging first. Confirm reports survive. Confirm scan history is intact. Then move to production.
These are the two fastest growing gaps in ILMT coverage across our portfolio.
IBM software on EC2, Azure, GCP, and IBM Cloud is in scope. Deployment patterns vary by cloud and instance type. Verify scanner reach on every workload.
OpenShift and Kubernetes container environments running eligible IBM software are in scope. Treat them as first class, not exceptions.
An ILMT operating model that holds has four standing components.
One person, usually in the IBM software or SAM team, owns ILMT health. Without a single owner, coverage decays quietly.
Quarterly inventory reconciliation, scan failure review, retention check, and internal sign off. The cadence is the discipline.
Sign offs, change records, and upgrade plans live in a single governance pack. The audit is then a verification of the pack.
Every IBM sub capacity audit. It is the first artifact auditors request and the gate to the sub capacity entitlement.
For IBM sub capacity entitlement, yes. Third party tools may support inventory and operations, but the entitlement is tied to ILMT or its successor IBM offerings.
It depends on the pattern. A single missed scan is rarely fatal. A pattern of missed scans can collapse the entitlement on the affected workloads.
Yes. Containers running eligible IBM software are in scope. This is one of the fastest growing audit findings.
Any of the three works. What matters is a single named owner, a quarterly cadence, and a governance pack the audit team can produce on demand.
Plan retention before the upgrade. Test in staging. Confirm reports survive. Document the migration path. This is where most enterprises lose history.
Sometimes. Some marketplace images ship with agents pre installed. Verify on every deployment. Do not assume.
Sometimes, by negotiation. The negotiation is much easier when the failure was isolated and the broader ILMT discipline is documented.
ILMT posture, sub capacity rules, PVU mechanics, ELA renewal moves, and the buyer side framework across the full IBM and Red Hat estate.
Used across more than five hundred enterprise engagements. Independent. Buyer side. Built for procurement leaders running the next renewal cycle.
Sub capacity is the largest single discount IBM gives. ILMT is the price of admission. Run it like a regulated control, not an IT project.
500+ enterprise clients. 11 vendor practices. Industry recognized. One conversation can change what you pay for the next three years.
Monthly buyer side briefings on IBM and Red Hat pricing, audit, and renewal moves.
