Latest ITAM News

Oracle Verified SAM Tools: Buy With Eyes Wide Open

Managing your IT assets, particularly your software and cloud licenses, has become a top priority for most organizations looking to avoid costly non-compliance problems. Going out of bounds with your licensing can not only cost you money but it can force you into a position where you are buying products you have no intention of using.

Managing Oracle licenses are particularly difficult as their product set is extremely complex. This difficulty is magnified by Oracle’s unclear licensing policies which are constantly under revision and re-interpretation. To “help” you manage your assets, Oracle LMS started a “Verified By Oracle Program” for certain software tools. On the surface this sounds great. A vendor endorsement of a SAM tool can be a very good thing. In this case, however, looks can be deceiving and you really must go into these purchases with your eyes open.

First, let’s ask, what exactly is Oracle endorsing in this program? To answer that let’s look at typical SAM tool functionality. At a very high-level SAM tools claim to do some or all of these functions:

1. Discovery – going out and finding the software.
2. Data collection – pulling back raw data that can be analyzed.
3. Inventory – Creating a list and quantity of software installed/in use.
4. Compliance Report – comparing what you use to what you are licensed and showing the delta.
5. Optimization – analyzing your deployment and presenting alternative configurations that will reduce your software license and cost needs.
6. Reporting – Producing usable reports for all levels of an organization for superior decision making.

These are the basic functions of SAM tools. Some claim to do more and some claim to do less. So what do you get when you use an Oracle verified tool? Does Oracle accept the information and reports contained in all six functions above? The simple answer is, no. In fact, Oracle only accepts the data collection information from #2 above. These tools are designed to pull the same information Oracle will pull when Oracle does an audit. That’s it. Nothing more.

This means if your Oracle verified SAM tools says you are using 100 database licenses, Oracle may not accept that. Oracle reserves the right to do their own analysis on usage. This puts the SAM tool customer at great risk when sending information to Oracle. Your tool may say a product is not in use, but when Oracle does their analysis of the same data set, Oracle may say that product is in fact being used. What’s more, Oracle may be right.

Even worse, your SAM tool may tell you that you are using too many licenses, and therefore you have a non-compliance issue. Before you run to Oracle and buy more licenses, an expert should review your situation to determine whether the tool is counting false positives, or that your contracts with Oracle actually allow that usage with no additional purchases. We see this quite frequently in clients with virtualization or restricted use licensing.

Oracle does not as a policy accept a tool’s analysis of usage, nor does Oracle accept a compliance report from a tool vendor. One tool vendor (in the Oracle verified program) told me that Oracle demanded the tool vendor remove the word “compliance” from their reports. The tool vendor complied because they wanted to remain in this Oracle program.

In general, having a SAM tool is better than not having a SAM tool. Having one that’s “verified by Oracle LMS” does not have any real benefits when compared to SAM tools that are not verified by Oracle. Each tool has its own strengths and weaknesses that must be properly vetted before selection and implementation. SAM tools are great for getting a handle on what software is deployed on your environment and collecting data for expert analysis of your Oracle position – they are not a one button solution, particularly for Oracle.

Why should you listen to me? Well, I used to run the Oracle Contracts, and Business Practices organizations globally, including global ownership of the license auditing process. For the last 8 years I’ve been on the other side of the table at Palisade Compliance helping clients with their Oracle licensing and contracting challenges. Palisade is completely independent of Oracle and all tool vendors. We’ve worked with clients who used all the big SAM tool vendors and that gives us a unique perspective on the things they do well, and the areas where they struggle.

The biggest hurdle client executives have with SAM tools are expectations. They expect a ‘Verified’ tool to solve all of their Oracle issues with the press of a button. As with everything to do with Oracle, unless you are willing to spend a lot of money on software you may not need, the reality is far more complex.

About Craig Guarente

Craig Guarente is the CEO of Palisade Compliance