vSphere. Where most audits begin.

vSphere is the most-deployed VMware product and the entry point for most Broadcom audits. The per-core licensing model, the post-acquisition minimum-core uplift, and the vSphere Foundation bundle have re-set every customer's compliance position. We defend, assess, and negotiate the vSphere estate.

How vSphere licensing changed.

Under Broadcom, vSphere is no longer sold as a perpetual per-CPU product to most enterprise buyers. Renewal motion is into vSphere Foundation (VVF) or VMware Cloud Foundation (VCF), priced per-core on a subscription basis, with a per-CPU minimum core count introduced after the acquisition. Customers with legacy entitlement carry continuing compliance obligations that have moved further out of step with the current commercial model.

The result is a much wider gap between what a buyer thinks they own and what an auditor will say they are using. That gap is where exposure sits.

What auditors look for first.

Broadcom's audit process around vSphere is structured. The auditor will ask for vCenter inventory exports, cluster configuration, host CPU and core information, edition records, support entitlement history, and recent vCenter and ESXi build versions. From that data they reconstruct used cores against entitled cores, by edition, by host, by cluster.

Most of the contested exposure shows up in a small number of repeat issues. Those are described below.

Three vSphere audit traps.

Per-core uplift on legacy hosts

Hosts originally licensed per-CPU on dense modern processors are re-measured per-core at minimum-core thresholds, producing a large theoretical shortfall on what was previously a compliant deployment.

Edition mismatch in lab and DR

Standard edition entitlements used in production with Enterprise Plus features enabled — or DR hosts running an edition the contract does not entitle — appear as edition uplift claims.

Decommissioned hosts still entitled

Hosts in vCenter but disconnected, decommissioned, or repurposed still count in the auditor's deployment view unless the buyer can prove decommission timing with contemporaneous records.

Defences we use in vSphere engagements.

Each defence below has been used to reduce a real claim. The combination varies by contract, but the same set of contractual and technical levers appears in almost every vSphere audit.

Per-CPU vs per-core entitlement preservation under master agreement

Minimum-core threshold applicability to legacy entitlements

Edition-feature usage challenge under telemetry methodology

Decommission-date evidence from change management records

Cluster reconfiguration timing and audit cut-off

Sub-capacity rules under historical EULA versions

Support entitlement separation from licence entitlement

Disaster recovery and standby exemption claims

Development and test environment treatment

Affiliate, subsidiary, and divested-entity scope challenges

Public cloud BYOL treatment under VCF rules

True-up window and notice-period challenges

Patch and upgrade telemetry interpretation disputes

vCenter inventory accuracy and stale-record exclusion

VVF / VCF bundle attribution where edition is already entitled

Foundation bundle proration on partial-year usage

Where the savings tend to land

In documented vSphere engagements the largest single reduction usually comes from the per-CPU vs per-core preservation argument. The second largest comes from contesting decommissioned-host inclusion. The third comes from edition-level reconciliation under the actual telemetry methodology applied. Most vSphere audit claim reductions are achieved without challenging the auditor's right to audit at all — they are won inside the methodology.

vSphere licensing questions.

Do we have to convert to vSphere Foundation or VCF?

Not necessarily. Customers with perpetual vSphere entitlement and active support contracts retain certain rights. Whether to convert depends on edition, cluster architecture, future roadmap, and the commercial terms on offer. The conversion decision should be modelled, not assumed.

How does the per-core minimum work?

Broadcom applies a minimum core count per CPU when sizing subscription licences. On older or smaller-core processors this is mostly invisible. On consolidated modern hosts it can change the licence count meaningfully. The contractual basis differs by entitlement vintage and is contestable in audit.

Can we keep running ESXi without renewing support?

Existing perpetual entitlements remain valid for use, subject to the original licence terms. Loss of support means no new patches, no upgrades, and no entitlement to new product versions. The compliance position is unchanged by support lapse, but the security posture is not.

Will an audit cover only vSphere, or the whole VMware estate?

Audit scope is set by the audit clause in your contract. Broadcom typically scopes broadly — vSphere, vSAN, NSX, VCF — and we negotiate scope down at the protective-response stage. Narrow scope is one of the highest-value early defences.

Should we engage now or wait for the audit letter?

Engage before the letter where possible. A pre-audit assessment lets you remediate quietly. Once the formal audit window opens, remediation options narrow and price points stiffen.

vSphere. Where most audits begin.

How vSphere licensing changed.

What auditors look for first.

Three vSphere audit traps.

Defences we use in vSphere engagements.

Where the savings tend to land

vSphere licensing questions.

vSphere audit on your desk?
Don't reply alone.

vSphere. Where most audits begin.

How vSphere licensing changed.

What auditors look for first.

Three vSphere audit traps.

Defences we use in vSphere engagements.

Where the savings tend to land

vSphere licensing questions.

vSphere audit on your desk?Don't reply alone.

vSphere audit on your desk?
Don't reply alone.