VMware License Agreement: The Key Clauses That Decide Audit Outcomes

The VMware Master Software Licence Agreement (MSLA), the Enterprise Licence Agreement (ELA), and the Broadcom-era subscription order forms each contain a handful of clauses that decide audit outcomes more than any other contract language. This guide walks through those clauses, what they actually say, how Broadcom interprets them, and how to negotiate them when a new contract is on the table or an audit is on the horizon.

We have written this guide for licensing managers, procurement officers, and in-house counsel who must read VMware contracts as their daily work. The legal analysis we present is informed by the contractual interpretations that have prevailed in audit settlements; it is not legal advice and should be reviewed by counsel before being relied on for any particular contract.

How VMware licensing contracts are structured

VMware contracts have, since at least 2018, followed a layered structure. At the top is a master agreement — historically the MSLA or an ELA umbrella — that sets the framework. Beneath the master is an order form (or quote, or schedule) that identifies the specific products, quantities, and terms. Beneath the order form are the product-specific terms, which historically lived in product guides and are now consolidated into the Broadcom Master Subscription Agreement (MSA) and the associated Service Description.

When Broadcom auditors invoke the audit right, they invoke a clause that lives somewhere in this layered structure. Identifying the operative clause is the first task. The audit clause in a 2016 MSLA reads very differently from the audit clause in a 2024 Broadcom MSA, and the audit clause in an ELA umbrella is different again. Each layer can supplement or override the layers above it. Contractual interpretation in a VMware dispute is, in our experience, primarily a question of layering.

The audit clause

The audit clause is the most quoted and most contested provision in any VMware contract. Pre-Broadcom MSLAs typically permit the licensor to audit no more than once per twelve months, with at least thirty days written notice, during normal business hours, at the customer's principal place of business, by a mutually agreed independent third party, with the licensor bearing audit cost unless the audit reveals under-compliance of more than five percent.

Broadcom-era subscription agreements typically delete most of those protections. The Broadcom MSA permits audit at the licensor's discretion, on commercially reasonable notice (often interpreted by Broadcom as ten days), by the licensor's nominated representative (which can include Broadcom employees), with the customer bearing cost in any case of under-compliance. The frequency limit and the third-party requirement are typically absent.

What to negotiate

If a new Broadcom subscription contract is on the table, negotiate back into the audit clause the protections that pre-Broadcom MSLAs contained: a frequency limit of no more than one audit per twelve months; a notice period of at least thirty days; a third-party independent auditor requirement (with mutual approval); confidentiality protections including a named auditor confidentiality agreement; an under-compliance threshold below which the customer does not bear cost; and an explicit right to dispute findings before they become binding obligations.

The grant of licence

The grant of licence is the clause that identifies what the customer is permitted to do with the software. VMware grants vary by product family, by edition, and by entitlement type. A perpetual grant is typically described as "perpetual, non-exclusive, non-transferable" with use limited to the specific entity that purchased the licence. A subscription grant is typically described as "limited, non-exclusive, non-transferable" for the duration of the subscription term.

The grant of licence interacts with the use restrictions that follow it. The grant might permit use of vSphere; the use restrictions then limit the grant to a specific number of cores, a specific deployment, or a specific environment. The combination of grant and use restriction is what determines the contractual licensing position.

Transferability and corporate change

Most VMware grants are non-transferable without the licensor's consent. The interpretation of "non-transferable" has narrowed substantially under Broadcom. Pre-acquisition, VMware routinely processed transfers triggered by corporate acquisition, divestiture, internal reorganisation, or change of corporate name with minimal friction. Post-acquisition, Broadcom treats each of these events as a re-licensing trigger, sometimes asserting that the original entitlement was extinguished by the corporate event and a new subscription must be purchased.

The contractual position on transferability is rarely as one-sided as Broadcom asserts. Most master agreements permit transfer to an affiliate, transfer to a successor entity in connection with a sale of substantially all assets, and transfer in connection with a permitted assignment. Reading the specific transfer clause in the operative contract is essential before accepting Broadcom's position that a re-licensing event is required.

The use restrictions

The use restrictions in VMware contracts include the per-core counting rule, the 16-core minimum per CPU, the production-environment limitations on advanced features (DRS, vMotion, Storage DRS), the sub-capacity restrictions for partitioned environments, and the prohibition on using the software to provide services to third parties without a service provider licence.

Each of these restrictions has been the basis for a multi-million-dollar audit claim. The per-core counting rule is straightforward but frequently mis-applied by auditors who count cores on CPUs that do not run the licensed software. The 16-core minimum applies per CPU, not per host, and is frequently inflated by auditors who count host minimums incorrectly. The production-environment rule depends on the contractual definition of "production", which is rarely explicit and is therefore contestable. The sub-capacity restriction permits partitioning under specific conditions and the conditions are written into older entitlements in ways that Broadcom would prefer to forget.

The maintenance and support clauses

The Support and Subscription (SnS) clauses define what the customer is entitled to receive in exchange for the annual SnS fee. Pre-Broadcom SnS included access to all product updates, technical support at a defined service level, and the right to renew SnS at the prevailing list price subject to negotiated discounts.

Broadcom has narrowed SnS materially. SnS on perpetual entitlements is no longer renewable on the historical terms; Broadcom typically requires perpetual customers to convert to subscription to retain support. Where SnS continues, the service levels are unchanged but the scope of covered products has been reduced as products have been discontinued or bundled into VCF.

What expiry of SnS means contractually

The expiry of SnS does not invalidate the perpetual licence itself. A customer whose SnS lapsed in 2024 retains the right to use the perpetual entitlement in production on the version installed at SnS expiry. The customer loses the right to install new versions, the right to call Broadcom support, and the right to receive security patches. The right to run the installed version, on the installed hardware, in production, is preserved by the perpetual grant.

Broadcom has, in several audits we have supported, attempted to assert that an expired SnS extinguishes the perpetual entitlement. This is contractually incorrect under every VMware perpetual grant we have reviewed. The assertion is a negotiating position, not a contractual conclusion, and should be rejected.

The change-of-terms clauses

Most Broadcom-era subscription contracts include a unilateral change-of-terms clause that permits Broadcom to modify the master agreement, the service description, or the product-specific terms with notice (typically thirty days). This is a substantial departure from the pre-acquisition MSLA, which required mutual agreement to modify material terms.

The change-of-terms clause is among the most important provisions to negotiate. The clause as written permits Broadcom to modify pricing methodology, audit rights, transfer rights, and use restrictions during the subscription term. A customer who accepts the standard change-of-terms clause is, in effect, agreeing to a contract whose terms are subject to ongoing unilateral revision.

Where possible, customers should negotiate the change-of-terms clause to require mutual agreement for any material change, to permit the customer to terminate the contract without penalty if a material change is made, or to limit the scope of changes that may be made unilaterally.

The limitation of liability clause

The limitation of liability clause caps the licensor's exposure in any dispute. Standard limitations cap liability at the fees paid in the twelve months preceding the claim. The clause excludes liability for indirect, consequential, and special damages. The clause may include carve-outs for breaches of confidentiality, breaches of intellectual property warranties, and breaches of data protection obligations.

In an audit context, the limitation of liability clause matters because it caps the customer's exposure if the customer prevails in an over-collection dispute. If Broadcom collects a settlement amount that subsequently proves to have been over-collected, the customer's recovery is capped at the limitation amount. Negotiating a higher limitation, or carving out audit-related disputes from the limitation, is a sensible protection for customers exposed to substantial audit claims.

The governing law and dispute resolution clauses

VMware contracts typically nominate California law, with disputes resolved in the Northern District of California or in JAMS arbitration. The forum selection has practical consequences: California discovery rules are broad, the federal court has substantial experience with software licensing disputes, and JAMS arbitration is fast but limits the scope of discovery.

For customers headquartered outside the United States, the California forum is frequently disadvantageous. Negotiating to a neutral forum (London, Singapore, or a jurisdiction with established software dispute jurisprudence) is a sensible protection. Negotiating to international arbitration under ICC or LCIA rules is another option for customers whose principal operations are not in the United States.

How to read the contract in an audit

When an audit notice arrives, counsel should perform a structured reading of the operative contract before any substantive response is drafted. The structured reading covers, in sequence: the audit clause; the grant of licence; the use restrictions; the maintenance and support clauses; the change-of-terms clause; the limitation of liability; the governing law and dispute resolution. Each of these clauses informs the response strategy.

The structured reading typically reveals at least three points where Broadcom's audit position is contractually weaker than the audit notice suggests. Those points become the negotiation leverage. The audit defence is, in a substantial way, a contract interpretation exercise dressed up as a software compliance exercise. The lawyers who win Broadcom audits are the lawyers who read the contract first.

For a confidential review of a VMware or Broadcom contract, Contact us →. We work alongside in-house and external counsel and provide the licensing analysis that legal teams need to interpret the contract in the audit context.