Concerns over support for VMware recently made the headlines following a critical vulnerability and the subsequent patch, which was limited to certain versions of the product. Now, it appears that VMware users may well face audits from Broadcom, which purchased the virtualisation software company in 2022 for $69bn.
Broadcom ended the sale of perpetual software licences in 2024. Its stated goal has been to move customers to a recurring revenue stream by providing VMware products as a service. Until now, those organisations that purchased perpetual licences received support for VMware products covered by the support contract. However, Broadcom now appears to be making it very clear to customers that they can no longer renew these contracts.
According to a letter posted on the ARS Technica website, customers that opted not to transition their perpetual licences to subscriptions are now facing “cease and desist” notices from Broadcom. The letter states that since the customer has not purchased a new subscription, support for the perpetual VMware licence will no longer be available.
The letter states: “VMware, therefore, immediately demands that all use of support services associated with VMware software, including maintenance releases/updates, minor releases, major releases/upgrades extensions, enhancements, patches, bug fixes or security patches (with the exception of zero-day security patches for vSphere 7.x and 8.x, CVSS score greater than or equal to 9.0, so long as those are generally provided by VMware at no cost) be ceased.”
In a LinkedIn post, Barry Pilling, principle consultant at Belittle, wrote: “These letters serve as a reminder of the contractual terms, indicating that customers are no longer entitled to various software updates and patches once their support term ends, except for critical security patches.”
Although Broadcom is legally able to assert this position regarding support for perpetual VMware licences, Pilling said: “We have already seen several customers in receipt of audit notifications from Broadcom and it now appears that the net is being cast even wider in an effort to generate further revenue.”
Pilling noted that some VMware customers have reported receiving letters just days after their support contracts lapsed, which he said suggests that Broadcom is taking a stringent approach to software auditing, which could pave the way for more audits.
What seems to be clear from the letter and IT asset management experts such as Pilling is that while VMware customers can continue using their existing perpetually licensed products, once support expires, they must either migrate to a subscription-based model or use third-party support to receive updates.
Looking at existing VMware deployments, software licensing consultant, Redress Compliance said that owning software outright is no longer an option: “It’s now either ‘rented’ via subscription or goes unsupported.”
As Computer Weekly has previously reported, it is possible for IT department to continue using VMware on a perpetual licence basis, even if the product is unsupported, if the virtualisation environment can be secured.
Third-party support providers such as Rimini Street or Spinnaker Support have expanded their VMware support services to help VMware customers keep their existing configurations secure, even if no new patches are being made available. And in certain cases, where an organisation needs to expand its VMware footprint, IT departments can also source perpetual VMware licences from the used software market, which can then be supported using third-party providers.