VMware audits were rare under the pre-acquisition company. Under Broadcom, audit activity has increased, the audit clauses customers signed years ago are being read more aggressively, and a set of configurations that were previously fine now produce exposure. This article maps the audit posture customers should expect and the defence framework that holds up.
Under VMware as a standalone company, formal licence audits were uncommon. Customer-vendor disputes were typically resolved through commercial dialogue, often at renewal, and audit clauses in the EULA went unused for years at a stretch. Broadcom inherits the same EULA language but applies it differently. Audit activity has measurably increased since the acquisition closed, and the audit framework Broadcom uses is more disciplined and more closely aligned to enforcement than to commercial resolution. The change in posture is more important than any single clause.
Five trigger patterns recur across the audit activity we see. First, customers who declined to convert from perpetual to subscription at SnS expiry. Second, customers running aggressive consolidation pre-renewal — the consolidation itself draws scrutiny. Third, customers who switched to a competitor product (Nutanix, Hyper-V, Proxmox) for part of the estate while keeping VMware elsewhere. Fourth, M&A activity producing visible footprint changes. Fifth, large customers whose renewal pricing has been under significant negotiation pressure — audit and renewal often run on parallel tracks.
Three configurations consistently produce the largest audit exposure. First, low-core CPUs licensed under the new 16-core minimum — customers running 8-core or 10-core hosts have a structural mismatch with the new model. Second, mixed perpetual-and-subscription estates where the perpetual licences are not unambiguously tied to specific hosts. Third, NSX or Aria Automation deployed in production but licensed only at the VVF level, where the entitlement explicitly excludes those components. The third pattern is particularly common where teams deploy components technically before procurement catches up.
The first 30 days drive outcome more than any other phase. Get the response framework right early.
The VMware EULA — now the Broadcom EULA — contains standard audit language: right to audit on reasonable notice (typically 30 days), customer obligation to provide reasonable assistance, audit findings drive a true-up. Three nuances determine how the clause runs in practice. First, the scope — whether the audit can examine the full estate or only specified product lines. Second, the notice — whether Broadcom must engage a named third party (KPMG, Deloitte) or can self-audit. Third, the dispute mechanism — whether findings go through a defined escalation before becoming contractual liability. Negotiating these three points at initial contract is the single best audit insurance.
Audit teams concentrate on four data sets. First, host hardware inventory — CPUs, cores per CPU, count of hosts. Second, software entitlement records — which licences are owned, in what edition, with what entitlement levels. Third, deployment evidence — what is actually running, what features are configured, what is in production vs lab. Fourth, configuration drift — usage of NSX features, vSAN consumption, Aria components in production. The data they want is essentially what Aria Operations can produce in five minutes if it has been deployed and configured properly. Customers without that telemetry are in a weaker position to dispute findings.
The single highest-leverage period in any audit is the first 30 days. Three actions matter most in that window. First, designate a single accountable owner inside the customer for the audit response, with clear instruction that no data leaves the company without their explicit approval. Second, narrow the scope in writing — respond to the audit notice with a scope clarification that defines which entities, which sites, which product lines. Third, engage independent advisory before any data is shared with the auditor. Customers who share raw data in the first week consistently end up with the largest claims.
If the audit identifies a shortfall, Broadcom will propose a true-up to bring the customer into compliance. The proposal is almost always priced against current list, not the rate the customer would receive at a negotiated renewal. The negotiation work is to convert the audit true-up into a forward-looking subscription deal where the same dollars secure a longer entitlement at better unit rates. Customers who treat the true-up as a settlement number tend to overpay; customers who treat it as the starting point of a commercial restructure tend to extract value.
VMware does not recognise soft-partitioning for the purpose of reducing licence count — if a vSphere host has 32 cores, the licence count is 32 cores regardless of any resource pool, virtual host group, or DRS constraint. Customers who attempt to argue partial licensing on the basis of virtual constraints lose this argument every time. The conversation should be about physical core count and bundle selection, not partition logic.
The full response framework that holds up against Broadcom, Oracle and Microsoft auditors.
Three approaches consistently fail in VMware audits. First, denying the audit clause is enforceable — it is, in nearly all jurisdictions, and arguing this wastes credibility on the substantive findings. Second, providing partial data sets that don't reconcile — the auditor will reconcile against their telemetry estimates, and partial customer data invites worst-case inferences. Third, escalating to executive levels at Broadcom mid-audit — the audit teams operate with explicit independence from sales, and executive intervention rarely changes audit findings.
Across the VMware audit defence engagements we have run in the past 18 months, the average claim reduction from initial audit assertion to final settlement is 64%. The customers who achieve outcomes meaningfully better than that consistently share three traits: early independent engagement, controlled data disclosure, and a credible renewal alternative that makes the true-up commercially valuable to Broadcom rather than purely punitive.
Our audit defence practice is led by former vendor auditors who now work for buyers exclusively.
Weekly compliance intelligence for IT leaders.