Why Broadcom Demands a Different Kind of SAM

Before Broadcom, VMware was a vendor most enterprises managed casually. Perpetual licenses sat in spreadsheets. Socket-based counting was straightforward. Audits were infrequent and generally non-confrontational. Symantec endpoint licensing was tracked through management consoles with minimal complexity. CA Technologies mainframe products were managed by the mainframe team in relative isolation. None of these vendors demanded the kind of disciplined, enterprise-wide Software Asset Management that Oracle and Microsoft have forced on organizations for decades.

That era is over.

Broadcom's acquisition of VMware, combined with its existing ownership of Symantec and CA Technologies, has created a licensing environment that is fundamentally different from what came before. Perpetual VMware licenses were discontinued overnight. The licensing metric shifted from simple per-socket counting to core-based subscriptions with aggressive minimums. VMware's portfolio of 150+ SKUs was compressed into four primary offerings, making it nearly impossible to map legacy entitlements to new structures without detailed analysis. Symantec and CA products are being pushed into new bundles and subscription terms that alter the commercial relationship with every renewal.

The strategic implication for CIOs is clear. Broadcom must now be treated as an audit-prone mega-vendor on par with Oracle or Microsoft. The SAM practices that were adequate when VMware was VMware, when Symantec was Symantec, and when CA was CA are no longer sufficient. A proactive, cross-portfolio SAM program is the difference between controlled costs and compliance exposure that materializes at the worst possible time.

The overarching principle: proactive management is exponentially cheaper than reactive audit defense. Broadcom's stringent compliance approach, combined with the massive cost of VMware environments and the complexity of cross-portfolio licensing, makes SAM governance a board-level concern. Every enterprise running Broadcom software should assume an audit will come and should be able to produce comprehensive compliance evidence on short notice.

VMware Under Broadcom: Core-Based Licensing and the End of Simplicity

The shift from sockets to cores changes everything about how you track VMware. Under the old model, you counted physical CPU sockets. A two-socket server needed two socket licenses. Simple. Under Broadcom, VMware licensing is based on CPU cores, with two critical rules that inflate costs beyond what the raw core count suggests. First, each physical CPU is counted as at least 16 cores, even if the processor has fewer. An 8-core CPU still requires 16 cores of licensing. Second, Broadcom requires a minimum of 72 cores for any VMware order. A single 8-core server requires paying for 72 cores of licensing. These two rules mean that smaller deployments, edge environments, and remote office configurations face dramatically higher per-workload costs than under the old socket model.

SAM teams need to leverage vCenter Server as their primary tracking mechanism. vCenter maintains an inventory of all ESXi hosts including physical CPUs and cores per host. Integrating vCenter data with the SAM database ensures core counts for every cluster are current. Schedule monthly reports on CPU core counts and compare them against purchased subscriptions. Monitor vCenter's license portal for non-compliance indicators. Broadcom will notice overuse at renewal or audit time whether you notice it first or not.

Hyperthreading requires careful attention. VMware defines licensing in physical cores, meaning two vCPUs equal one core when hyperthreading is enabled. SAM teams must track the difference between active and subscribed cores. Companies may have excess licensed cores if environments do not match 16-core pack bundles neatly, or they may be under-licensed if hyperthreading creates confusion about actual core consumption. The distinction between physical cores and logical processors is where compliance gaps quietly develop.

Legacy entitlements are negotiation leverage. Preserve them. Many enterprises hold historic VMware licenses acquired before the Broadcom acquisition: ROBO kits, vCloud Suite bundles, NSX enterprise agreements, promotional SKUs. Broadcom's SKU simplification means some of these legacy entitlements have no direct equivalent in the new portfolio. VMware's ROBO licensing, for example, allowed a fixed number of VMs per remote site for a flat price. That model has no 1:1 replacement under Broadcom's per-core subscriptions. These historical license records become vital negotiation leverage when discussing migration paths and pricing. Centralize all pre-acquisition license documents in your SAM repository: license agreements, VMware license keys, support renewal quotes, and SKU lists from past ELA deals. Flag any legacy VMware products marked as End-of-Sale.

The simplified SKU portfolio creates a mapping challenge. Broadcom reduced VMware's portfolio to four primary offerings: Cloud Foundation, vSphere Standard, vSphere Enterprise Plus, and add-ons. Advanced functionality like vSAN and NSX is now included in bundles or sold as add-ons rather than standalone products. SAM teams need to create an internal license mapping matrix: list each VMware product the organization uses and determine which new bundle or add-on it falls under. Update the CMDB with new product names, versions, and SKU codes. Watch for bundle component overlap. If you purchase Cloud Foundation (which includes vSAN), do not also separately count a vSAN license.

Under Broadcom, letting support lapse on a subscription means losing the license. You cannot legally use subscription software without an active subscription. This is fundamentally different from the old perpetual model where lapsing support meant losing updates but keeping the right to run the software. SAM teams must manage renewal calendars with the same urgency they bring to lease expirations or insurance renewals. A missed renewal deadline does not just mean a gap in support. It means a compliance violation.

Audit Readiness: Assume It Is Coming

Broadcom is widely expected to take a much tougher stance on VMware license compliance than VMware ever did as an independent company. Industry observers have drawn direct parallels to Oracle's audit practices. Enterprises should operate under the assumption that a VMware audit or true-up request will happen within the next couple of years and should be prepared to respond with comprehensive evidence on short notice.

Implement quarterly internal compliance checks. Each quarter, run a reconciliation of total licensed cores versus actual cores in use, plus any additional features that may have their own licensing implications. Maintain a comprehensive repository of license evidence: purchase records, activation codes, deployment data, architecture diagrams. Run scripts to capture usage metrics. Export vCenter licensing tab data or use PowerCLI scripts to list hosts and CPU counts. Archive with timestamps as point-in-time proof.

Control new deployments through SAM review. Adding ESXi hosts, enabling features, or spinning up vCenter instances should trigger a SAM review before the deployment proceeds. The most common source of compliance gaps is not deliberate overuse. It is organic growth that happens without license verification. A data center team adds three hosts for a project. A development team enables a feature for testing. Nobody checks whether the licensing covers the addition. By the time the audit arrives, the gap has been accumulating for months or years.

Consider a mock audit. Engage a Broadcom licensing specialist to conduct a mock audit and optimization review before Broadcom does it for real. A specialist can spot mismatched license keys, identify opportunities to convert to a more cost-effective bundle, and quantify your compliance position. The cost of a mock audit is a fraction of the cost of discovering a compliance gap during a vendor-initiated audit when your negotiating position is weakest.

Need Help Navigating Broadcom's Licensing Changes?

Our independent Broadcom advisory team provides audit defense, contract negotiation, and optimization support for VMware, Symantec, and CA Technologies. We help enterprises understand their compliance position, prepare for audits, and negotiate from a position of data-driven insight. No vendor affiliations. Fixed-fee engagements.

Book a Confidential Call →

Symantec and CA: The Overlooked Compliance Risks

VMware gets the headlines, but Symantec and CA Technologies create their own compliance challenges under Broadcom's ownership. Enterprises that focus exclusively on VMware SAM while neglecting Symantec endpoint compliance and CA mainframe licensing are leaving significant risk unmanaged.

Symantec endpoint licensing requires accurate device and user counts. Most Symantec security products are licensed per device or per user. SAM teams should use Symantec's management consoles, whether cloud portal or on-premise SEPM, for real-time data on devices reporting in versus licenses applied. Set up automated monthly exports comparing devices in use to licenses installed. Symantec Encryption Management Server includes a built-in license dashboard that warns when counts are exceeded. Leverage these early warning systems rather than discovering overages during renewal negotiations.

The critical dynamic with Symantec is that IT deployments often run ahead of licensing. When IT deploys endpoint protection to 500 new laptops, SAM needs to know immediately whether the license pool can absorb the addition. If only 400 licenses are available, the true-up must happen before Broadcom discovers the gap. Integrating security console reports into the SAM process closes the loop between deployment activity and license compliance.

Symantec renewal calendars demand early attention. If an endpoint security subscription lapses, agents may stop receiving updates, creating a security gap alongside the compliance gap. Broadcom strictly enforces renewal dates and in some cases has refused to renew for smaller customers, instead pushing new licenses at higher cost. Start renewal discussions early. SAM should own the renewal calendar for all Symantec products and initiate the process months in advance. Track bundled security suites carefully. DLP modules may come as part of a suite. Proxy or web security services might be combined. Know exactly which components the entitlement covers under any bundle. Deploying a component you think you have but that is not included in your edition is an avoidable compliance trap.

Legacy Symantec perpetual licenses are a strategic asset. If the organization purchased Symantec products before Broadcom with perpetual rights, those licenses should be treated as a separate category with strategic value. Broadcom's model is moving everything to subscription. Broadcom has honored existing perpetual licenses as long as maintenance fees are paid. But version upgrades may only be available to subscribers, effectively forcing a migration. SAM should identify all perpetual Symantec licenses and coordinate with the security team. Any major version upgrade should go through SAM to ensure license entitlements cover the change.

CA mainframe licensing operates on its own metrics and requires specialized tracking. CA mainframe products (CA 7 Workload Automation, CA DB2 tools, CA Endevor) are typically licensed by mainframe CPU capacity: MIPS, MSU, or defined capacity units. SAM should work with the mainframe capacity planning team to capture current utilization metrics. If a CA product license allows usage on an IBM z/OS LPAR up to a defined capacity, monitor whether peak usage has exceeded that threshold. Mainframes produce detailed SMF records that can be used for license compliance reports.

Broadcom's Mainframe Consumption Licensing (MCL) program offers usage-based subscriptions across their mainframe portfolio. If the organization adopts MCL, track actual usage versus committed baseline for value assessment and true-up readiness. For CA enterprise DevOps and distributed tools like CA Automic Automation, CA APM, CA Rally, and CA Service Management, identify how each is licensed: named users, concurrent users, server-based, or agent-based. Broadcom has converted many to subscription. Ensure an inventory of where each tool is deployed and how many users or agents are configured. Broadcom bundles multiple CA products into single renewals ("mainframe portfolio renewal"), which simplifies contracting but obscures per-product cost visibility. Keep internal records per-product. If you drop a product later, you need to know its portion of the bundle cost for negotiations.

SAM Tools: Making Them Work for Broadcom's Portfolio

The three enterprise SAM platforms most commonly deployed in Broadcom environments are Flexera One (FlexNet Manager), ServiceNow SAM Pro, and Snow License Manager. Each can achieve the core goals, but each requires specific configuration to handle Broadcom's licensing nuances.

Flexera has the most mature SKU recognition for Broadcom. Flexera's product use rights libraries have been updated for Broadcom's 2024 changes. It integrates with vCenter via API and offers specific license metric templates for VMware core-based models. It also supports custom metrics for CA mainframe models. Flexera is the strongest choice for complex, heterogeneous environments with multiple vendors, but it requires dedicated SAM admin expertise to configure and maintain effectively.

ServiceNow SAM Pro excels at process integration. If the organization already runs ServiceNow for ITSM, SAM Pro provides a direct CMDB-to-compliance pipeline with automated workflow triggers (threshold alerts, new deployment notifications). It can pull mainframe MIPS from CIs. The advantage is a single platform for ITSM and SAM. The limitation is that Broadcom-specific metrics (the 72-core minimum, the 16-core floor) may require manual setup, and the content library should be checked for the latest Broadcom SKU codes.

Snow License Manager has the most accessible dashboards. Snow integrates with vSphere for host and cluster details and provides user-friendly dashboards showing compliant or over-licensed status. It combines manual data with discovered data and offers strong usage tracking for user-based applications like Symantec. Mainframe tracking may require an add-on module, and the Snow research team's updates for Broadcom portfolio changes should be applied promptly.

Regardless of which tool you use, the configuration is what matters. Discovery and inventory must detect all Broadcom software: server software (CA app servers, SEPM), client software (Symantec agents), and infrastructure (ESXi hosts). Network appliances (Blue Coat ProxySG) may need manual entry. Entitlement import must load all Broadcom purchase records. SKU import for Broadcom/VMware SKUs must be current so the tool knows what each entitlement represents. For older CA products, create custom license records with the correct metric. License reconciliation rules must reflect Broadcom policies: the 72-core minimum, the 16-core per-CPU floor, and any user-based license counts for Symantec. Integration with CMDB and procurement ensures that new purchases are logged immediately and new deployments trigger SAM notification. Dashboards should be configured for three views: Broadcom VMware license position (total cores in use versus licensed), Symantec endpoint compliance (devices versus licenses), and trend reporting to spot approaching limits before they become violations.

Governance: The Cross-Functional Discipline That Makes Everything Else Work

SAM tools and audit readiness practices are necessary but insufficient. Without a governance framework that connects SAM with procurement, legal, finance, and IT operations, the organization cannot sustain compliance and cost control across Broadcom's portfolio. Every optimization effort will be temporary. Every audit preparation will be reactive. Every renewal negotiation will start from a position of incomplete information.

Establish a governance board. Form a subcommittee under IT governance specifically focused on VMware, Symantec, and CA license management. Include the SAM manager, IT operations (data center, security, mainframe), procurement, legal, and finance. Meet quarterly to review Broadcom license utilization, compliance risks, remediation decisions, and upcoming renewal timelines. This board ensures that license management is not siloed within the SAM team but connected to the business functions that generate license demand and authorize spending.

Centralize all Broadcom entitlements in one location. Store all Broadcom contracts, license keys, and entitlement information in a single repository. Update it every time licenses are purchased. Maintain a high-level summary document with a snapshot of all Broadcom entitlements, covered sites, quantities, and expiration dates. This summary should be accessible to the governance board and producible on short notice if Broadcom initiates an audit.

Involve procurement and legal early. Broadcom's contracts often include auto-renewal clauses, strict late penalties, and non-transferability provisions. Legal should review all terms. Procurement should begin renewal discussions 90+ days in advance, not in the final weeks before expiry when leverage is weakest. M&A implications require special attention. Broadcom licenses may not automatically transfer in an acquisition scenario, and post-acquisition compliance exposure can be substantial if license rights are assumed rather than verified.

Finance must understand the renewal calendar. Broadcom subscriptions create predictable annual costs, but those costs require budget allocation for renewals and potential cost increases. Finance should understand the renewal calendar, anticipate Broadcom's standard escalators, and build contingency budget for potential audit settlements or true-ups. The shift from perpetual licenses (capital expense) to subscriptions (operating expense) also changes the financial reporting treatment, which finance teams need to plan for.

Conduct internal license audits at least twice a year. Simulate a Broadcom audit: gather deployment evidence, reconcile with entitlements, and address any overuse immediately. Internal audits serve three purposes. They maintain visibility into the actual compliance position. They control costs by identifying waste before it compounds. And they demonstrate due diligence that strengthens the organization's position if Broadcom initiates a formal audit. An enterprise that can produce comprehensive, timestamped compliance evidence on demand is an enterprise that Broadcom's audit team cannot easily leverage.

Treat Broadcom with the same diligence historically reserved for Oracle and Microsoft. Broadcom's stringent compliance approach, combined with the massive cost of VMware environments, the complexity of cross-portfolio licensing spanning virtualization, security, and mainframe, and the aggressive commercial terms embedded in subscription agreements, makes SAM governance a board-level concern. The CIOs who recognized this early and built appropriate governance structures are the ones whose organizations will navigate renewals and audits from a position of strength rather than scrambling to understand their own estate under pressure.