RSS

Tag Archives: compliance

Hybrid, Dedicated, and Shared Scenarios…

27 Aug

There are three deployment options for service providers – Hybrid (mix of on premise and cloud) Dedicated, and Shared.  In this article, we will break each one down to explain how they work and the options available.

Dedicated Scenario – (3 options available)

Option 1
Your customer decides to bring their own software (such as Exchange) and infrastructure (Windows) via their own volume licensing agreement. They do not have software assurance on the software. Can they do this?

Yes. Why? Everything is dedicated. Server, virtual machine all dedicated to one single organization. Software Assurance is NOT required.

Option 2
Your customer decides to bring the software but the hoster will provide the infrastructure in a dedicated environment. Again, customer does not need Software Assurance if it’s a dedicated environment. In this scenario, the hoster (you) will provide the Windows license via SPLA and not report the other applications the customer brings over since it is already covered via their own volume licensing agreement. This is applicable, it’s dedicated (VM and physical servers)

Option 3
Your customer is a healthcare company that needs a dedicated environment due to regulatory compliance. They do not own any software; they would need the hoster to supply the software licenses. Can they (the hoster) do this? Yes, the hoster would report everything under SPLA. The hoster (you) CANNOT use your own volume licensing agreement to provide the solution but you can certainly provide SPLA. Please be aware that if you own a volume licensing agreement, you cannot use the same hardware your volume licensing agreement resides as your hosted solution.

Also keep in mind that SPLA is non perpetual, when the customer leaves, they can no longer use the software they were accessing.

Summary of Dedicated –
Dedicated is applicable for both SPLA and end customer owned volume licensing. Dedicated also means dedicated hardware and dedicated VM’s. In dedicated environments, the end customer DOES NOT need software assurance. From a compliance perspective, it is defined as the following:

“Any hardware running an instance of Microsoft software (OS or application) must be dedicated to a single customer. For example, a SAN device that is not running any Microsoft software may be shared by more than one customer; since, a server or SAN device that runs Microsoft software may only be used by one customer.” (source: Microsoft VDA FAQ)

Hybrid Scenarios – 3 options available

Option 1
You decide to offer your customer a shared infrastructure but they want the same applications to run on premise. A good option would be to have the customer purchase the server applications (think Exchange, SharePoint, Lync) with software assurance (SA) and run them on premise. You (the service provider) would run the same applications in your shared environment BUT report the SAL for SA SKU. Much cheaper option than standard SPLA prices. I wrote about this here This also works well for Disaster Recovery options.

Option 2 (not really a hybrid but just go with it)
You can use license mobility. Microsoft likes to define this as a “hybrid option” but to me, hybrid insinuates the ability to run on premise and in your cloud. License mobility is a SA benefit for certain applications (SQL, CRM, SharePoint, Exchange, Lync) that allows customers to leverage their investment in SA and transfer those licenses into a hosters shared infrastructure. Reason why I don’t think this is truly a hybrid is the customer is TRANSFERRING licenses into your datacenter. This means that if a customer wants to move back to their own datacenter, they have to wait 90 days. (transfer license rule). With SAL for SA, nothing is being transferred. Windows does not have mobility rights, this will need to be reported under your own SPLA. I wrote about license mobility many times – here’s an article for your review – here You can also check out the Microsoft site for more of a definitive definition http://www.microsoft.com/licensing/software-assurance/license-mobility.aspx

Option 3
Good Ole’ SPLA. Customer can run their own servers on premise, you just report SPLA licensing in your shared environment. The new SPLA agreement even allows you to run SPLA software on customer owned hardware as long as you still manage it.

Shared Scenarios – 2 options

Option 1
License Mobility – see above

Option 2
SPLA. We all know what that is.

Summary

I hope this brings a bit more clarity. Sorry if some things are redundant but at the same time, some things are simply worth repeating. Here’s the takeaway – customer’s can always bring licenses into your datacenter. There is no law of the land that prohibits this. What is prohibited is the way you deploy the technology. There is only one option to install customer owned licenses in a shared environment and that is license mobility. Again, (here I go being repetitive) if Microsoft allowed customer owned licenses to be installed in shared environments than why would they create license mobility?

If you still have trouble comprehending all this, shoot me an email located at the top right of this page. One general rule of thumb – if it’s shared – 90% of the time SPLA is required.

Thanks for reading

SPLA Man

 
15 Comments

Posted by on August 27, 2014 in Compliance, License Mobility

 

Tags: , , , , , , , ,

Self Hosted Rights and Office

04 Feb

The other day I was on a call with a customer who developed a financial application that takes a customer’s information and then reports it back from Excel.  The goal would be to have it deployed via a web browser, possibly using SharePoint.  Immediately I thought of Office Web App.  Browser based, users could not only read it but edit it as well, sounds like a perfect fit  What about the licensing?  Since this is their own Intellectual Property (IP) I thought of the self hosted rights for volume licensing.  SPLA might be too expensive since users could not be tracked. This is where we got stuck. 

Self hosted is a software assurance benefit. It allows volume licensing customers to host their application that runs on Microsoft technology to third parties. I included the terms and conditions directly from the Product Use Rights (PUR) at the bottom of this post (in case you are really bored) but in my opinion this will allow developers to continue to build their applications and utilize volume licensing that offers the greater discount.

As a SAM manager, I was engaged by the customer to review both past and current licensing.  Since this was a new offering, nothing was licensed or even deployed yet.   Whew…Rule #1 – before building a datacenter make sure the solution fits the licensing. Secondly, this is being provided as a service, not simply allowing external users to access.

What did we advise? In order for a solution to qualify as “self-hosted” all applications must be self hosted eligible. Unfortunately, Office does not qualify. Ugh. There goes that option. Now we must look at SPLA for everything (one unified solution as defined in the PUR). The problem with SPLA is you must license Office STD or PRO to enable Office Web Apps. To add more complexity, Office in a server environment is licensed by user (SPLA) Since user count is expected to be very high, this does not seem to be an economical solution. What I proposed was to get rid of Office. That’s right, I recommended they remove it from the solution and use Open Office. The solution worked and met the compliance guidelines set forth by Microsoft.

In conclusion, I hated my recommendation but went with it in order to be compliant. Microsoft Office is a superior product to “Open Office” If only Microsoft would allow Office to be self hosted eligible, I think it would benefit the service provider, Microsoft, and more importantly the end customer.

Bottom line- make sure if you have your OWN application (not license someone else’s) and you decide to use volume licensing to host, make sure all software is eligible or risk BIG compliance risk.

Thanks for reading.

SPLA Man

From the PUR
You must have the required Microsoft licenses and maintain Software Assurance coverage for:
• the Self-Hosted Applications run as part of the Unified Solution; and
• all access licenses used to make the Unified Solution available to external users (See Universal License Terms, Definitions).
All Microsoft software used to create and deliver the Unified Solution must:
• be licensed through a Volume Licensing program that is subject to these license terms (e.g., Enterprise Agreement, Select Plus Agreement, Open License Agreement) and not any other (e.g., Services Provider License Agreement, Independent Software Vendor Royalty License and Distribution Agreement); and
• be marked as ‘Yes’ for ‘Self Hosting of Applications Allowed’ in these license terms
Your software must:
• add significant and primary functionality to the Self-Hosted Applications that are part of the Unified Solution (dashboards, HTML editors, utilities, and similar technologies are not a primary service and/or application of a Unified Solution);
• be the principal service and/or application, and sole point of access, to the Unified Solution;
• be delivered over the Internet or a private network from your datacenter to end users. The Self-Hosted Applications component may not be loaded onto the end user’s device; and
• be owned, not licensed, by you, except that your software may include non-substantive third party software that is embedded in, and operates in support of, your software.

 
Leave a comment

Posted by on February 4, 2014 in Compliance, Self Hosted

 

Tags: , , , , , ,

How SAL Licenses Really Work

21 Sep

SAL (subscriber access licenses) can be complex and without question the number one underreported licenses under SPLA.  Why all the confusion stems from misinterpretation of the SPUR and/or bad advice.

When you report by user, you have to take in account each user that HAS access to the software, not who does.   Microsoft is not based on concurrent licensing.  I wrote about this prior, but thought it was worth repeating.  If you have 5 users that use the software, but 15 users can access at any given time, you must report all 15.  Seems ridiculous, but is 100% true.  Consider licensing by processor if user licenses become too difficult to track.

Read this section of the SPUR (use rights).  “You must acquire and assign a SAL to each user that is authorized to access your instances of the server software directly or indirectly, regardless of actual access of the server software.”  It’s the last part of that sentence that can get you in trouble “regardless of actual access of the server software” For a copy of the SPUR check out http://spur.microsoft.com/products.aspx

Thanks,

SPLA Man

 
6 Comments

Posted by on September 21, 2013 in Compliance

 

Tags: , , , , ,

Reporting SPLA Usage

16 Jul

Managing the SPLA program for as long as I have, I came to the conclusion that no one likes to report their SPLA.  For what it’s worth, Microsoft and resellers don’t like it either, but it’s the most important aspect of the SPLA program.  Here’s a list of reasons why you need to report on time.

  • It’s unlawful if you don’t report.  Think about this for a moment,  you did not pay for the licenses upfront, but you are charging customers for their access.  In some countries, that’s called stealing.
  • It is part of your signed North America SPLA agreement.   Page 11 section 11a –  “Customer must submit either a monthly use report or zero use report to its Reseller within 10 days after the last day of each month or on a date agreed to by the Customer and its Reseller.”
  • After the 10th, Microsoft runs audit checks.  This doesn’t mean you will automatically get audited, but it does mean Microsoft will be keeping a closer eye on what you report.
  • If you report on the 10th and your credit card has issues or you are on credit hold, the reseller cannot submit it to Microsoft.  That’s one reason you should report prior to the 10th to avoid any errors.
  • Make it routine – you pay your cable bill each month, you should pay your SPLA as well.
  • It’s the cost of doing business
  • Any way you slice it, you have to report something

I understand that no one likes to report.  In a lot of instances it’s your biggest cost as a company.  My advice is always report, the cost of your monthly licensing spend is a lot less than the cost of an audit!  Hope this helps.

Thanks for reading,

SPLA Man

 
4 Comments

Posted by on July 16, 2013 in Compliance, SPLA Reporting

 

Tags: , , , , ,

What’s Your Licensing Strategy?

14 Jun

I love the question “What’s your cloud strategy?” It’s the new ice breaker for salespeople around the globe. My thoughts? Why bother asking customers about their cloud strategy if it does not include licensing?  The BIGGEST mistake service providers (SPLA’s) make is selling a solution first and worrying about the licensing impact later. They build data centers, talk about virtualizing, even talk about the savings of cap ex vs. op ex, but never talk about the licensing until someone brings it up or they get audited. Just because the technology enables something, does not mean you can license that way.

VDI is a prime example of this. “You can host virtual desktops as a service right? Install the desktop OS on a server and stream it? Why not? The concept has been around for years. I ‘Googled’ VDI as a service and several companies are doing this…it must be right…right?” Wrong! Yes, technically speaking you can host virtual desktops using Windows 7/8. Licensing gurus and the product user rights and the audit team will disagree with you. Unfortunately there’s no way to do this under SPLA. Next question that comes up is “why?” Wish I knew the answer, perhaps Microsoft is looking out after the OEM manufactures, but then again they launched Surface.

Microsoft is auditing everyone. There are few guarantees in life, but one guarantee is not everyone under the SPLA program is licensing correctly. Just a word of advice, know the licensing before implementing a solution.

Thanks for reading,

SPLA Man

 
2 Comments

Posted by on June 14, 2013 in Compliance, License Mobility, SPLA General

 

Tags: , , , , ,

Tips & Tricks of SQL 2012

11 Jun

“What’s the least favorite licensing topic at Microsoft?” If you answered SQL, you would probably be correct. It’s not overly complex, but can be very confusing; especially as it pertains to virtualization. To add to the confusion, Microsoft changed the licensing terms with the release of SQL 2012 and discontinued several products altogether. For service providers, this confusion can escalate to over/under licensing and ultimately compliance risk. Here’s a list of common mistakes service providers make with licensing SQL.

1. They have Vmotion set up in which virtual machines are moving from host to host simultaneously. Be careful! Check out license mobility rights in the SPUR and read my previous blog license mobility Virtual Machines can move from host to host but it cannot be active on two separate hosts at the same time.

2. They have a customer bring SQL into their environment (end customer owns SQL via a separate volume licensing agreement) and the service provider dedicates the virtual machine to the customer but not the physical hardware (hardware is shared). The end customer would need to have software assurance for SQL in order to take advantage of license mobility and the service provider would need to report Windows under SPLA. This is called License Mobility with Software Assurance.

3. Sign a new SPLA agreement after December 31, 2012 and continue to license SQL by processor. Once you sign a new or renew your old SPLA agreement, you are forced to license by the core, not processor. Check out my blog Why Timing Is Everything

4. They license (1) 2 core pack of SQL 2012. The minimum you need to license/report is (2) 2 core packs or 4 cores per processor. Under no circumstance can you report only two cores.

5. They don’t report SQL at all. I hear this all the time. “My customer does not directly access SQL and therefore I do not need to report it.” Wrong. If customers indirectly access any application it must be licensed. Ask yourself, “If I remove this product from my hosted solution, would it still work the same?” If you answer “no’ it needs a SPLA license.

6. Report SQL Web to support a line of business application.  SQL Web is designed for websites/web applications, not line of business applications.

Just thought I would try to answer common questions around SQL. Hope this was helpful.

Thanks for reading,

SPLA Man

 
3 Comments

Posted by on June 11, 2013 in SQL 2012

 

Tags: , , , , ,

SPLA Compliance Audit- How Not to be the Chosen One!

05 Mar

If you recently went through an audit or just nervous about being notified, I outlined ten steps that service providers can take to arm themselves more efficiently and be compliant.

  1. If you are running Microsoft software, you must license Windows.  All Microsoft software runs on a Windows OS.
  2. If you are licensing SharePoint- SharePoint requires SQL and Windows.
  3. Reporting SharePoint Enterprise you must license SharePoint Standard
  4. Installing Office on a server requires Remote Desktop (RDS) licenses.  Office and RDS licenses should match (cannot have more Office licenses than RDS licenses)
  5. If you have customers bringing licenses into your hosted environment you need to host it in a physical and dedicated environment.  (nothing shared among other customers)
  6. If you are reporting user licenses (SAL- Subscriber Access License) you need a license for each user that has access.  For example, if you have 10 totals users in the month of May and only 4 actually use or access that software, you must license all 10.  SPLA user licenses are similar to your cable bill; your cable provider is going to charge you regardless if you turn your TV on or not.
  7. If you have customer owned licenses in your environment, you must keep all relevant documentation.  This includes enrollment information, start date, end date, and who they bought the licenses from.
  8. Renting out a PC make sure the PC has an OEM license preinstalled.
  9. No virtualizing/streaming Windows desktop OS from a datacenter.
  10. You can install your server on a customer premise, but do not install SPLA software on your customer’s server!

This is not bulletproof by any means.  Use this as a guide when looking at your own environment.  Look at it from the auditors eyes.  What information would they need to verify that I am compliant? The SPUR (Service Provider Use Rights) is the best reference when it comes to Microsoft SPLA.  You can download a copy here.  If you have trouble sleeping at night; this is a must read.

Thanks for reading,

SPLA Man

 
1 Comment

Posted by on March 5, 2013 in Compliance

 

Tags: , , , , , , , , , , , , , , , , , , , ,

Newer posts