Preparing for VMware License Audits Under Broadcom: Risks, Traps & Defense

Preparing for VMware License Audits Under Broadcom

Introduction – The New Audit Reality

VMware customers are bracing for a new era of software audits under Broadcom’s ownership.

Ever since Broadcom acquired VMware, audit anxiety has been on the rise. Companies that have never faced a VMware audit before are now receiving surprise audit notices and even aggressive tactics, such as cease-and-desist letters for lapsed support.

Broadcom’s message is clear: comply with our licensing or face the consequences.

What’s different now? In the past, VMware audits were infrequent and relatively predictable. Under Broadcom, the compliance environment is zero tolerance.

Broadcom is pushing all VMware users toward subscription models and higher-cost bundles, using audits as a form of leverage.

CIOs and IT Asset Managers report sharper enforcement of every license term – from CPU core counts to whether you applied patches after your support contract expired. If you’ve recently received an audit letter from Broadcom (or fear one is coming), you’re not alone.

The good news: with the right preparation, you can defend your organization.

This guide provides a practical, VMware-specific audit defense plan – including steps, checklists, negotiation levers, and preventive controls – to help you navigate a Broadcom audit like a pro.

We’ll break down the common compliance traps to avoid, how to self-audit before they do, exactly what to do when an audit notice arrives, and how to negotiate a settlement on favorable terms. Throughout, the tone is strategic yet skeptical of vendor tactics, putting you back in control. Let’s dive in.

VMware Compliance Risks & Traps

Broadcom’s auditors will be on the lookout for classic VMware licensing pitfalls.

These are the common compliance “traps” where many enterprises unknowingly drift out of compliance. Identifying these now – and fixing them – is your best defense.

Below, we detail each risk with examples, followed by a quick-reference table of signals to detect and ways to fix each issue.

• CPU/Core Metric Drift: VMware’s licensing used to be based on the number of CPUs (up to 32 cores each). If you’ve added new hosts with more cores per processor, you might be under-licensed. Example: You upgrade your ESXi hosts from 16-core CPUs to 64-core CPUs, but still assign one license per CPU – now each CPU actually requires two licenses under the new rules. Over time, core count creep can leave you far out of compliance. Adding hosts to clusters without buying additional licenses is another form of drift.
• Edition Misuse (Feature Enablement Without Rights): This happens when advanced features from a higher edition are enabled on a lower edition license. Example: You purchased a vSphere Standard license, but someone enabled Distributed Resource Scheduling (DRS) and host power management (features only available in Enterprise Plus). Or you enabled vSAN on a cluster without vSAN licenses, assuming it was included. These “Enterprise Plus” capabilities on a Standard license create a clear compliance gap – essentially using a product edition you didn’t pay for.
• Mixed Licensing in Clusters: VMware often requires uniform licensing across clusters for certain features to be valid. Mixing editions or support levels in the same environment can violate policy. Example: Half of the hosts in a cluster have Enterprise Plus, and the other half only have Standard – yet the cluster utilizes an Enterprise Plus feature, such as virtual distributed switches. Hosts with lower licenses are not entitled to this feature. Similarly, mixing different support levels (some hosts on Basic support, others on Production) in linked systems is against VMware policy. Auditors will flag inconsistencies in licensing or support contracts within a single deployment scope.
• Unlicensed vSAN or NSX Usage: VMware vSAN (software-defined storage) and NSX (network virtualization) are licensed separately from vSphere. It’s easy to forget that enabling vSAN on a cluster or deploying NSX network segments requires specific entitlements. Example: An administrator turns on vSAN to test it, and it remains in use for storing VMs – but no vSAN license was ever purchased for those hosts. Or NSX was deployed for network automation in a lab, but found its way into production VMs. In an audit, any vSAN datastore or NSX-managed network in use without a corresponding license will be counted as a compliance gap.
• Aria/vRealize Suite Undercount: VMware’s management products (now under the Aria brand, formerly vRealize) are often licensed based on metrics such as the number of VMs, OS instances (OSI), or CPU. A common trap is undercounting your usage. Example: You have vRealize Operations monitoring 500 VMs, but only purchased a 300-OSI pack. Or your Aria Automation deployment manages more nodes or cloud instances than you’re licensed for, due to environment growth or connecting an extra vCenter. These tools may not warn you until an audit highlights the issue. Misconfigurations in usage metering can also lead to under-reporting actual consumption.
• Horizon View Overages (EUC Licensing): VMware Horizon for virtual desktops/apps is licensed per named user or concurrent user. It’s easy to exceed these limits if not closely managed. Example: You bought 100 named-user licenses for Horizon, but over a year 150 distinct employees and contractors received VDI accounts – meaning 50 users had no license. In a concurrent-user model, your peak usage may have reached 120 simultaneous users, despite owning 100 concurrent licenses. Also, failing to purge inactive users from the Horizon roster can artificially inflate your “named users” count over time. Any use of Horizon beyond the license count (or use of a feature edition you didn’t buy) is low-hanging fruit for auditors.
• Trial or NFR Keys in Production: Using evaluation, trial, or “Not for Resale” license keys in a production environment is a serious compliance no-no. Example: A team deployed vRealize Log Insight using a 60-day trial key and never swapped in a purchased license – the software continued to work, but now it’s unlicensed after the trial expired. Or a partner-supplied NFR license for vSphere was used to stand up a production workload to save cost. Auditors can discover expired trial license traces or NFR keys, and will treat active usage as unlicensed deployment.
• Legacy or Expired Entitlements in Use: This issue arises during upgrades or when support lapses. Example: You upgraded from vSphere 6 to vSphere 8 using your old license keys, unaware that the licensing terms had changed (such as core limits per CPU) – you may now actually need more licenses. Another example: your support contract expired last year, but you continued downloading and installing new patches and versions released afterward. Running software builds released outside of your support period is considered unlicensed usage under Broadcom’s policies. Additionally, using old “Socket” licenses in an environment that now requires “Core” licenses (following Broadcom changes) would be deemed non-compliant.

Each of these risks has clear signals and mitigation steps.

The table below summarizes how to spot these traps in your environment and how to fix or avoid them:

How to use the table: If any “signal” sounds familiar in your environment, investigate it now. Each trap can be detected with the right tools or reports, and early remediation will save you pain (and money) once auditors arrive.

In short, understand the difference between deployment and entitlements.

A proactive internal review of these common pitfalls can catch most compliance issues before Broadcom does.

Self-Auditing Your VMware Estate

The best defense is a good offense – in licensing terms, that means audit yourself before the vendor does. Conducting a thorough self-audit of your VMware deployment will reveal any compliance gaps on your own terms.

Here’s a step-by-step playbook to measure your environment against your entitlements:

1. Inventory All VMware Deployments: Begin with vCenter and related management tools to create a comprehensive inventory. Export a list of all ESXi hosts with details (number of CPU sockets, cores per socket, and clusters they belong to). Note which vCenter Servers you have and any linked VMware products (vSAN-enabled clusters, NSX managers, etc.). Essentially, document what is running and where it is located. Don’t forget ancillary products, such as vRealize/Aria suite components, Horizon servers, and any VMware appliances in use.
2. Capture Features and Configurations: For each environment, record which features are active. Example: Is DRS enabled on a cluster? Are there any vSAN datastores? Is NSX providing networking? List out features such as vMotion, HA, DRS, vSAN, and NSX for each cluster or host. This will let you map features-in-use to the edition or licenses required. Also note VMware product versions and editions (Standard, Enterprise Plus, Horizon Advanced, etc.) that are running.
3. Gather Usage Metrics from Management Tools: If you use Aria/vRealize Operations, Automation, or Log Insight, retrieve their current usage metrics. For instance, how many VMs or OS instances is vRealize Operations actually monitoring? If you have vRealize Network Insight or Aria Operations for Networks, how many devices or network flows do you manage? Similarly, from Horizon, pull reports on the total number of named users provisioned and peak concurrent usage in recent months. This data shows your consumption of licenses in those products.
4. Compile Entitlement Evidence: Next, collect proof of all VMware licenses and rights you own. This includes license keys (from your My VMware portal or license files), purchase orders and invoices, Enterprise License Agreements (ELAs), and support contracts. Be sure to note quantities, product names/editions, and any special terms (such as agreements allowing DR use or any exceptions). Normalize this data in one place – for example, create a spreadsheet listing each license entitlement (product, edition, quantity, contract number, etc.). This is your baseline of what you are allowed to use.
5. Map Deployed vs. Licensed: Now reconcile the deployment info (steps 1–3) against your entitlements (step 4). For each product or feature, are the numbers aligned? Examples: X vSphere hosts deployed vs Y licenses owned – hopefully Y ≥ X. If you have 200 total CPU licenses and your inventory shows 210 CPUs in use, there’s a 10 CPU shortfall. Check core counts: if licenses are per-CPU up to 32 cores, and some CPUs exceed that, account for the additional licenses needed. Do the same for vSAN (clusters with vSAN on vs. vSAN licenses), NSX usage vs NSX licenses, Horizon users vs Horizon licenses, etc. Identify any variances where deployment exceeds entitlement.
6. Produce a Variance Report: Document the gaps uncovered. For each variance, note the severity (e.g., 10 extra CPUs unlicensed, vSAN running on 2 clusters with no license, 50 more Horizon users than licensed). Also list any “gray areas” – e.g., features enabled that you’re unsure about license requirements. This internal report is intended for your eyes (and possibly leadership) only, to facilitate planning of remediation. It’s essentially a list of compliance risks to address.
7. Remediate and Optimize: Before an official audit occurs, address the issues identified in your variance report. There are two ways to remediate a gap: true-down or true-up. True-down means adjusting your usage to fit your licenses (e.g., turning off an unlicensed feature, removing or isolating an unlicensed host). True-up means acquiring additional licenses to cover the shortfall. Often you’ll use a mix of both: disable anything obviously unauthorized (like trials or enterprise features you didn’t mean to use), and budget for additional licenses where you genuinely need the capacity. This is also the time to clean up items such as old VM snapshots of software, decommission unused VMs or hosts, and ensure that all trial software is either removed or properly licensed.
8. Document Your Findings: Create a one-page self-audit summary that could be shown internally (or even to auditors if needed) showing “Deployed vs Licensed” for each major product, and note that gaps have been addressed or are in progress. Keep your evidence of compliance (from step 4) updated with any new purchases made during the remediation process. Essentially, build an evidence vault that contains: the list of what you have deployed, what you’re entitled to, and proof of any corrections (such as new license purchase records or screenshots showing a feature that is now disabled).

Performing this self-audit quarterly or at least annually is highly recommended. It not only prepares you for potential audits, but it also flags internal misconfigurations or over-provisioning that you can correct to save costs.

Think of it as your licensing health check. By measuring yourself first, you transform a looming audit from a chaotic scramble into a more routine true-up exercise on your own timeline.

(Tip: Consider using VMware’s own tools like vCenter’s reports, VMware’s Usage Meter, or third-party Software Asset Management tools to automate some of these steps. The key is that you trust the data and understand where it might be incomplete. Always double-check automated outputs, especially for complex metrics like NSX or vRealize usage.)

What an Audit Notice Looks Like (and How to Respond)

When a VMware audit notice arrives from Broadcom, it typically comes in an email or formal letter titled something like “VMware License Review” or “Software Compliance Verification.”

This communication informs you that your organization has been selected for an audit and will reference the audit clause in your VMware license agreement.

Key elements to expect in the notice:

• Scope Definition: The notice may specify which products are in scope (e.g., vSphere, vCloud Suite, Horizon), or it may be broad. It will typically list the entities (your company name and any subsidiaries) and the timeframe to be reviewed (often current deployments, but note that VMware’s EULA allows auditing of usage within the last two years of the license term).
• Auditor Involvement: Broadcom may conduct the audit with its internal team or appoint a third-party audit firm (like one of the “Big Four” or a specialist firm). The letter will often name the auditing company and the main contact (e.g., a “license compliance manager”) in charge. Take note of who is asking – an official VMware/Broadcom representative or an outsourced auditor – so you can verify their credentials.
• Response Timeline: You’ll likely be asked to acknowledge the notice and possibly provide initial data or schedule an opening meeting within a short window, such as 5-10 business days. The clock starts ticking upon receipt, so you can’t ignore it. However, you usually have a bit of time (a few weeks) before you must deliver large data sets – the initial 5-day window is often just to respond and plan the next steps.
• Data & Access Requests: The notice may outline what information or access the auditors will need. This can range from running a VMware-provided script to export vCenter usage data, to sending them license keys and purchase records, or even granting them remote read-only access to systems. Important: The initial notice might be vague (“we will work with you to gather required information”). More specifics often come later via a questionnaire or a scoping call. Be prepared: they’ll eventually want items such as ESXi host lists, vCenter inventories, license assignments, and usage reports for all VMware products in use.

How to respond:

Begin on a cooperative but controlled note. Here’s a checklist for your immediate actions once you receive the audit notice:

• Acknowledge and Request NDA: Respond in writing within the requested timeframe, formally acknowledging the audit request and requesting a non-disclosure agreement (NDA). In your response, state that you are willing to cooperate. At the same time, request a Non-Disclosure Agreement to protect sensitive data. (If the notice didn’t include an NDA, you should insist on one before any detailed data exchange. This ensures that any information you share won’t be used outside the audit or disclosed improperly.)
• Verify Scope and Legitimacy: Politely confirm the scope of the audit. Ask for clarification if it’s not explicit: Which VMware products and which business units or geographies are included? This prevents “scope creep.” Also, verify the auditor’s authority – ensure the audit firm or team is authorized per your contract. It’s fair to request that in writing if it’s not clear. For example, “Please confirm the audit covers only our on-premises VMware vSphere and vRealize deployments, as our SaaS services are out of scope.”
• Designate a Single Point of Contact: Choose an internal lead (often someone from IT asset management or compliance) through whom all communications will flow. Inform the auditor that “Going forward, please include [Name, Title] as the primary point of contact for all audit coordination.” This keeps messaging consistent and prevents auditors from bypassing ITAM and contacting random administrators. Also, keep communications in writing (via email) as much as possible, so you have a clear paper trail.
• Freeze and Record the Environment State: As soon as you receive the notice, take a snapshot of your current deployment. This means exporting a fresh inventory from vCenter (hosts, VMs, configurations) and noting key settings. This protects you because your environment may change during the audit – you want a record of what existed at the start of the audit. For instance, if later some unlicensed VMs are deleted or a host is added, you have evidence of the original state to avoid confusion or accusations of tampering. Preserving evidence is a smart move to prevent “spoliation of evidence” claims.
• Communicate Internally: Alert your internal stakeholders (IT operations, procurement, legal, and anyone who manages VMware tech) that an audit is underway. Assemble your audit response team. Typically, you’ll involve an IT asset manager or SAM specialist to gather data, a virtualization lead (for technical info), someone from legal (to review communications and NDA), and procurement or finance (for any entitlement records). Have a kickoff with them to assign tasks (e.g., who will pull the vCenter data, who will retrieve contracts, etc.). Emphasize that all external communication goes through the designated POC.
• Plan the Data Delivery Strategy: Before handing anything over, decide how you will gather and provide data. You may receive an official questionnaire or a script from the auditor – review these carefully. If a proposed audit tool or script raises security or privacy concerns, you can negotiate to run it yourself or provide equivalent data in your own format. (For example, if the script collects more info than necessary, offer to provide a filtered report that contains just the needed fields.) Always maintain control: comply with reasonable requests but within the bounds of your internal policies and the contract. It’s acceptable to push back on overly broad data collection – for instance, “we prefer not to grant direct access to production systems, but we will run the approved tools and send you the outputs.”
• Negotiate the Timeline if Needed: If the proposed schedule is too aggressive (e.g., requiring huge data dumps in one week), you can request a reasonable extension. Communicate early: “We are compiling the requested information and expect to deliver it by X date.” As long as you show you’re working in good faith, auditors often allow some flexibility. Just don’t go silent or ignore deadlines – that raises red flags. Always get any timeline adjustments confirmed in writing.

Here is an example of an audit notice acknowledgment email incorporating some of the above points:

Subject: RE: VMware License Review Notice – Acknowledgment and Next Steps

Dear VMware Compliance Team,

We acknowledge receipt of your audit notice dated October 1, 2025 regarding VMware software usage. <u>[Company Name]</u> is committed to cooperating fully, in line with our license agreement.

To facilitate a smooth process, we propose putting a mutual Non-Disclosure Agreement in place to protect any sensitive data shared. Please let us know if we should initiate an NDA or if you have a standard version.

Also, could you please confirm the scope of the review (e.g., specific VMware products or business units) and the identity of any third-party auditors involved? This will help us ensure we gather all relevant records.

We will designate <u>[Point of Contact Name]</u> as our primary liaison for this audit. Kindly include them (cc’d here) in all communications.

Our team is currently compiling the requested information. We will be in touch within the next few days to agree on secure transfer methods and scheduling.

Thank you, and we look forward to working with you under appropriate confidentiality protections.

Sincerely,
<br> [Your Name]
[Your Title], [Company]

Sending such an email promptly checks several boxes: it shows cooperation, asserts confidentiality needs, clarifies scope, and sets the tone that you’ll be organized and diligent.

Bottom line: Treat the audit notice with urgency but not panic.

Respond methodically, obtain protections (e.g., NDA), and then manage the process on your terms as much as possible. The auditors will sense that you are a well-prepared customer, which often leads them to be more reasonable as things unfold.

Evidence Pack: What to Prepare in Advance

A key to surviving any audit is providing exactly what the auditors need – and nothing more. By preparing a comprehensive “evidence pack” in advance, you can respond quickly and confidently.

Here are the artifacts and documentation you should have ready (or start gathering as soon as an audit is announced):

• Current Deployment Inventory: A frozen snapshot of your VMware environment (as mentioned earlier). For each vCenter, maintain an export/list of all ESXi hosts, including their CPU details (model, cores, etc.), the clusters to which they belong, and any enabled features (such as vSAN status and DRS status). If you have multiple vCenters or cloud/hybrid deployments, include them all unless the scope says otherwise. This inventory should be time-stamped (e.g., “Inventory as of Oct 5, 2025”) to avoid confusion later.
• License Assignment Reports: Generate a report from vCenter or the VMware licensing portal to show which license keys are assigned to specific hosts or systems. This ties your entitlements to deployments. For example, a screenshot or CSV showing “Cluster X – 10 CPUs – using Enterprise Plus License Key ABC123 (valid for 8 CPUs, overused by 2)” can be very illustrative. If licenses are managed in vCenter, you can display the number of licenses in use versus the number available. Do this for vSphere, and note any license keys in use for vSAN, NSX, etc. Similarly, document any license keys in use for other products. Essentially, document how you thought your environment was licensed before the audit findings.
• Proof of Entitlements: Collect all relevant contracts, purchase records, and license certificates. This includes:
  • VMware license purchase agreements and order forms (with quantities and dates).Enterprise License Agreement (ELA) documents are required if you have an enterprise or bulk deal.Support and Subscription (SnS) contracts and renewal quotes/invoices (to show the support level and the duration).License keys or files – often a spreadsheet from the My VMware portal listing all your keys and what they’re for.Any special amendments or side letters (e.g., a contract that gives you rights to use a different metric, or extra time after support lapse to purchase backdated support).
  Keep these organized and ready to present to auditors to prove ownership of licenses. If an auditor claims you are missing licenses, your own records should be able to counter with, “Actually, here is PO#12345 for 50 more vSphere CPUs purchased last year.”
• Product-Specific Usage Data: For each non-vSphere product in scope, prepare the usage metrics:
  • vRealize/Aria Operations: export a report of how many objects/VMs are being monitored.Aria Automation/vRA: number of managed endpoints or blueprints in use.vRealize Log Insight/Aria Logging: number of OSI being logged, or GB of logs if that’s a metric.NSX: number of sockets or cores NSX is deployed on, or number of VM endpoints it’s managing (depending on NSX licensing metric).Horizon: an official report of named users (maybe an LDAP integration report) and the peak concurrent usage logs. Horizon has an admin console where you can view licensing information – use that to demonstrate that you’ve tracked your usage.
  Having these ready not only speeds up your response, it shows auditors that you actively measure usage (which might make them slightly less combative if they see you have it under control).
• Configuration Evidence: If a compliance issue arises around a specific feature, be ready to show configuration screenshots or logs:
  • For example, if auditors say, “We think you enabled vSAN on Cluster ABC without a license,” you can provide a screenshot of Cluster ABC settings that shows vSAN is disabled (if you turned it off before the audit) or indicates when it was disabled.
  • If an issue concerns DR site usage, consider having architecture diagrams or failover test logs ready to demonstrate how those servers are utilized (to argue for any necessary exceptions).
  • Essentially, capture any setting that could be in dispute: e.g., DRS enabled (yes/no), NSX components installed (yes/no), Horizon licensing mode (named vs. concurrent) configuration, etc.
• Remediation Logs and Change Records: In case you identified a compliance gap and fixed it around the time of the audit notice, document it. Auditors might still count the shortfall if it existed at notice time, but showing prompt remediation can aid negotiations. Example: If you discover 20 VMs running on an evaluation license and immediately power them off or license them, keep a log (change ticket or email) stating that on X date, those VMs were decommissioned. This can be used to argue they were not meaningful production use or that you took good-faith action to comply as soon as you realized.
• Communications Archive: Maintain copies of all correspondence with VMware/Broadcom regarding licensing. This includes any prior emails from account managers regarding licenses, approvals for additional usage, or support tickets that may contain relevant guidance. Sometimes, customers have an informal OK from a VMware rep to use something temporarily – if you have it in writing, that’s part of your defense evidence.

When you hand over evidence to auditors, provide only what is requested and relevant. It’s wise to stage the data: provide high-level inventories and entitlement proofs first, and let them request more detailed information if needed.

For instance, you might first share “We have 100 CPU licenses and 98 hosts – here’s the breakdown per cluster” rather than dumping raw logs of every VM. Always accompany data with context or a summary to prevent misinterpretation.

By preparing this audit evidence pack in advance, you avoid scrambling under deadline pressure.

It also allows you to pre-review everything for accuracy – you never want to hand over incorrect data that makes you look under-licensed more than you actually are. Double-check counts and cross-verify the information in your evidence before submission.

Pro tip: If possible, do a dry run with your internal team – simulate that you’re the auditor and see if the evidence pack would convince you that everything is in order.

This exercise may reveal gaps (e.g., “We said we have 50 licenses for NSX, but I only see 40 in the spreadsheet – where are the other 10?”) that you can resolve before the real auditors raise it.

Negotiating VMware Audit Findings

After the data collection phase, the auditors will compile their findings. You’ll receive an audit report, or at least a summary of alleged compliance gaps, often accompanied by a hefty bill for licenses and back-maintenance fees.

This is where negotiation begins. Do not simply accept the findings at face value – treat the initial report as a starting point.

Here’s how to approach the negotiation of audit results:

• Review and Validate Every Claim: Scrutinize the audit findings line by line. Check for errors or overcounts. Auditors can make mistakes, such as counting decommissioned systems, including development/test systems that might be licensed differently, or assuming every powered-off VM requires a license. Prepare a rebuttal for each disputed point:
  • Example: If they say you have 120 ESXi hosts but you know five are retired, show records that those hosts were decommissioned (or are non-production hosts under a different license).
  • If they counted all CPU cores without recognizing the old 32-core-per-license rule, please clarify how your licenses were applied under the terms at the time of purchase.
  • If they flag “unauthorized use of NSX on 10 hosts,” but those were a proof-of-concept in an isolated lab, gather evidence (network diagrams, lab reports) to argue they shouldn’t count as production usage.
• Contest Grey Areas with Evidence: There will be areas where compliance is not black and white. Use your documentation to argue your case. Common grey areas:
  • DR and Passive Systems: If some installations are strictly for disaster recovery or cold standby, highlight that they are not running active workloads and see if the auditor will exclude them or count them differently. VMware has had DR licensing policies (like “if VM is off on DR site except during test, you might not need full license”) – bring up those conditions if applicable.
  • Developer and Test Environments: If you used developer licenses or eval versions in non-production scenarios, explain that context. If the EULA requires non-prod licenses for that, maybe you missed it – but you might be able to negotiate to purchase those at the standard price in the future rather than being penalized for the past.
  • Bundle Interpretation: VMware bundles (like vCloud Suite) can make counting tricky. If you own a bundle, ensure the auditor isn’t double-counting its components. For example, vCloud Suite includes vSphere and vRealize under one entitlement – ensure they are properly credited.
  • Metric Definition Disputes: If a product’s metric is unclear (OSI vs. VM vs. core), ensure the auditor used the correct one as specified in your contract. If not, push back with the contract language.
• Acknowledge Undeniable Shortfalls: While you should challenge inaccuracies, also be ready to concede on true gaps you know are real. If you indeed found that you were short 10 licenses and the audit confirmed it, acknowledging that this can be expedited can build goodwill. You can say, “We agree there is a shortfall of 10 vSphere licenses on Cluster A, and we intend to rectify that.” This focuses negotiation on how to rectify, rather than if.
• Negotiate the Remedy, Not the Facts: In most cases, the goal of a VMware audit (especially under Broadcom) is to sell you more licenses/subscriptions, not to collect a one-time penalty. Use this to your advantage:
  • True-Forward Purchase: Propose that instead of paying any punitive fees, you will purchase the necessary licenses to become compliant moving forward. Essentially, turn it into a sales transaction. Often, vendors will waive back-dated maintenance fees or penalties if you agree to a new purchase that covers the shortfall.
  • Bundle into Renewal/ELA: If your VMware contracts are up for renewal soon or you can enter an Enterprise License Agreement, leverage that timing. For example, “We’ll commit to a three-year Enterprise Agreement including these additional licenses.” This way, Broadcom secures a longer commitment from you (which they prefer), and you may secure better pricing or concessions by making it part of a larger deal.
  • Cap Future Increases: As part of the settlement, negotiate price protections. If you must upgrade editions (for example, from Standard to Enterprise Plus) or switch to a subscription, request a cap on the annual price increase or a discount that aligns with your budget expectations. Broadcom has been raising prices, so locking in rates or a reasonable cap (such as no more than a 5% increase per year, or tying it to an inflation index) can save you significantly in the long run.
  • Penalty Waivers for Commitments: Explicitly request waiver of any penalties or back-support fees in exchange for your agreement to promptly purchase licenses or commit to subscription. Frame it as “We prefer to invest our budget in future use rather than pay for past gaps. If Broadcom can waive retroactive fees, we can expedite an order for the needed licenses.” Often, they will agree because a sale looks better than a fine.
• Use Leverage and Alternatives: If the audit demands are exorbitant (we’ve seen companies quoted millions, leading to 1000% cost increases), you may need to apply pressure:
  • Involve senior management on both sides. Having your CIO or CFO engage with VMware/Broadcom account executives can sometimes shift the discussion from “pay up” to “let’s find a reasonable solution to maintain the relationship.”
  • Gently remind them of your customer value: If you’re a significant client or considering expanding your footprint (or conversely, considering moving away from VMware), make that clear. “We want to continue our strategic partnership with VMware, but such an outcome would force us to evaluate alternative platforms.” This signals that they risk losing future business if the settlement isn’t palatable.
  • Be ready, in the worst case, to escalate or seek legal counsel. Suppose you truly believe the audit is flawed or the terms are unfair. In that case, a lawyer’s letter or involvement in legal matters can slow down the process and facilitate a fairer negotiation. This is a last resort, but it’s there.
• Document the Agreement: Once you resolve (e.g., you agree to purchase X licenses or pay $Y to close the audit), get all terms in writing. Ensure it states that this purchase or action fully resolves the audit findings. Also, document any special terms agreed: e.g., “Broadcom will not charge back maintenance for period X” or “Customer will upgrade all hosts to subscription by date Y and Broadcom considers the matter closed.” Having a clear closure letter or addendum is crucial so it doesn’t come back to haunt you later.
• Learn for Next Time: As part of negotiation, you can also request contract adjustments to prevent similar issues in the future (more on that in the next section). For instance, if a particular use case was contentious, negotiate clarity into your contract now. Example: “We want it noted that our cold DR servers are excluded from license counts unless activated for more than 30 days.” If you obtain that in writing, the next audit will take it into account.

Remember, an audit is a business negotiation wrapped in the guise of compliance.

By staying calm, being factual, and proposing constructive solutions, you can often turn a potentially punitive situation into a manageable commercial outcome.

Aim for a win-win: you become compliant and maybe modernize your licensing, while Broadcom makes a sale and keeps you as a customer.

(One more tip: if you feel out of your depth, consider bringing in a third-party licensing consultant at the negotiation stage. Firms experienced in VMware audits are familiar with common concessions and can communicate on your behalf. Their fee can be worth it if they save you a hefty sum or get a better deal.)

Contract Hardening for Next Time

Once you’ve been through an audit (or if you’re proactively renewing contracts now), it’s time to strengthen your license agreement to protect against future surprises. Many organizations don’t realize that some audit terms are negotiable.

While Broadcom may not grant all requests, you lose 100% of the shots you don’t take.

Here are key audit clause “hardeners” and protections to consider adding to your VMware contracts:

• Audit Frequency Cap: Ensure the contract specifies the frequency of audits. For example, “Vendor may audit no more than once in any 12 months.” This prevents continuous or overlapping audits. If Broadcom has already audited you this year, you don’t want another audit notice six months later.
• Notice Period and Timing: Add language requiring reasonable notice and business-friendly timing. Example clause: “Audits require at least 30 days written notice and will be conducted during normal business hours in a manner that does not unreasonably interfere with Customer’s operations.” This gives you breathing room to prepare when an audit is initiated, and a buffer to organize your team.
• Tool and Data Consent: Reserve the right to use any audit tools and collect data. Example clause: “Any audit shall be performed with tools or scripts approved by Customer, and Customer may elect to generate and provide data itself rather than live access. Audit scope will be limited to data strictly necessary to verify license compliance.” This ensures you don’t have unknown programs rummaging through your environment or excessive data being taken. It gives you the contractual right to say “we’ll run the script and give you the output” or to refuse invasive tools.
• Confidentiality and Use of Findings: Strengthen confidentiality beyond the basic NDA. Spell out that the information gathered can only be used to verify compliance and cannot be shared or used for a sales advantage. Example clause: “All information obtained in an audit is deemed Confidential Information and shall not be disclosed to any third party or used outside of the audit process. Vendor will not use audit data to solicit additional sales unrelated to remedying compliance.” This aims to prevent, for example, the sales team from using your usage data to upsell you on totally unrelated products later.
• Cure Period for Compliance Gaps: This is a significant one – you want the opportunity to address issues before being penalized. Example clause: “If any license deficiencies are found, Customer shall have 60 days to acquire additional licenses or otherwise cure the shortfall before Vendor pursues any legal remedies or penalties.” This means that if you are found short, you receive a grace period to purchase what you need, effectively making an audit a true-up exercise rather than a punitive action. It can save you from immediate breach of contract claims.
• Limit Retroactive Charges: Vendors sometimes attempt to charge backdated support or usage fees for periods during which you were out of compliance. Negotiate this down or out. Example: state that if you purchase licenses to cover the gap, that is the sole remedy, with no additional penalty fees. Or cap the look-back: “Vendor may only charge maintenance fees for up to one year past if non-compliance is found” – so you don’t get a bill for five years of back-support.
• Audit Cost Responsibility: VMware’s EULA says if you’re 5% or more out of compliance, you might pay audit costs. You could negotiate a more lenient term, such as raising the threshold or removing it altogether. Possibly: “Audit expenses will be borne by Vendor unless non-compliance exceeds 20% of licenses” (or remove the clause entirely). Broadcom might not easily agree, but it’s worth discussing if you have negotiating leverage (like a big renewal).
• Specific Exclusions or Terms: If you have contentious issues (such as DR usage or third-party cloud use of VMware), address them in the contract. For example, “Up to X inactive disaster recovery hosts may be excluded from licensing until activated for production use.” Or if you use VMware in a third-party cloud or as a service you provide, ensure your contract covers that usage (or you have the right VMware Cloud Provider licensing). Custom terms can save huge headaches later by clarifying how to count licenses in special scenarios.
• Price Protection Clauses: Outside of the audit clause itself, when renewing, try to include caps on price increases. Broadcom is known for price hikes, so negotiate something like: “Renewal pricing increases shall not exceed the lesser of 7% or the local CPI inflation rate.” If you switch to a subscription, consider fixing the rate for a multi-year term. Additionally, if you’re converting from perpetual to subscription due to Broadcom’s model, consider negotiating credit for your existing investment (e.g., a discount on the subscription for the first term, acknowledging the value of your perpetual licenses).
• True-Up Rights: If possible, bake in a “softer” compliance mechanism. For instance, a clause that allows you to self-report and purchase additional licenses within a period without penalty. This is more common in Microsoft/Oracle deals. Still, you can attempt something analogous: “Customer may periodically (quarterly/annually) report additional usage and purchase licenses at standard rates to cover it, which shall be deemed compliance.” The idea is to frame compliance as an ongoing business process, not a legal battle.

Not all these will be accepted by Broadcom, but even one or two can make a huge difference. It often depends on your spend and leverage – for a strategic or large customer, the vendor might agree to tweaks to secure a big renewal.

If you’re a smaller customer, focus on the essentials, such as a notice period, some confidentiality, and a short cure window clause; those are easier requests.

In practice:

The time to negotiate these is either during an ELA renewal or when settling an audit. After an audit, you might say, “I’ll buy this $1M in licenses, but I need the contract updated so we don’t have a fire drill next year again.” Ensure that those promises are in writing in the settlement or renewal paperwork.

By hardening your contract now, you regain some control over yourself. It’s like installing better locks after a burglary – you want to make any future audit far less painful by having clear rules of engagement that favor you more.

Your legal and procurement teams should be involved in writing and reviewing these clauses. It’s an investment in peace of mind for the years to come.

Worked Scenario – vSphere Shortfall & Feature Drift

To illustrate the concepts above, let’s walk through a hypothetical (but very realistic) scenario and how an organization could handle it:

Scenario:
ACME Corp has an Enterprise License Agreement for VMware that includes 100 CPU licenses of vSphere Enterprise (not Enterprise Plus) to cover their main data center. Over the course of two years, they expanded their infrastructure to 120 physical CPUs across various hosts. Still, they never officially added licenses – they figured they had a buffer and would sort it out later. At the same time, an administrator enabled Distributed Resource Scheduler (DRS) and Distributed vSwitch on their clusters to improve performance and management, not realizing that these features require the Enterprise Plus edition. Essentially, ACME was now running 20 unlicensed vSphere CPUs and using two Enterprise-Plus-only features on all 120 CPUs.

Audit Notice:
In 2025, Broadcom initiates an audit. ACME’s self-check (after notice) confirms: yup, 20 more CPUs than licenses, and a feature edition gap (Enterprise vs Enterprise Plus).

The audit report returns a finding that confirms this, indicating ACME is out of compliance. Broadcom’s initial demand: purchase 20 more vSphere licenses and pay for an edition upgrade for all 120 licenses to Enterprise Plus (with backdated support fees for the period those features were used without entitlement).

The raw cost of this demand is very high – much more than ACME’s annual IT budget could absorb at once.

Here’s how ACME negotiates and resolves it:

• Immediate Fixes: As soon as ACME realized the issue (even before the auditors completed their work), they took action. They disabled DRS on clusters and reverted to standard vSwitch networking to fall back into compliance with Enterprise edition features. This was a tough call internally (some performance impact), but it was important to show good faith. They also isolated a few test/dev hosts and removed them from clusters to reduce the count of hosts using those features. These steps didn’t entirely solve the license shortfall, but at least stopped further “drift.”
• Negotiation Stance: ACME openly acknowledged to Broadcom that they had a shortfall and were prepared to purchase additional licenses. However, they pushed back on the retroactive aspects. They argued that the Enterprise Plus features had been enabled inadvertently and were now turned off, so an immediate full upgrade might not be necessary or fair, considering the penalties. They provided logs showing the date when DRS was disabled (shortly after the audit notice) to prove swift compliance action.
• Proposed True-Up Solution: ACME proposed true-upping in the future rather than paying for the past. They offered to purchase the 20 additional vSphere licenses needed to cover the CPU gap and to upgrade to the Enterprise Plus edition for those 20 (but not all 120) immediately. For the remaining 100, they would plan an upgrade in the next budget cycle. Essentially, a phased approach: “We’ll buy some now, and more later,” aiming to reduce immediate cost.
• Broadcom’s Counter: Broadcom, pushing its subscription model, countered with an offer: instead of buying perpetual licenses, ACME could transition all 120 CPUs to a subscription bundle (VMware Cloud Foundation, which includes Enterprise Plus functionality and more) for a 3-year term. They offered a slight discount if ACME completed this conversion now and said they would waive any penalty fees if ACME signed by the end of the quarter.
• Resolution: ACME evaluated the subscription offer and used it as leverage. They came back with a request: they would agree to move to subscriptions covering all current usage plus the 20 growth CPUs (so 120 CPUs worth of VMware Cloud Foundation subscription), but needed a price lock and some flexibility:
  • They negotiated a cap on annual price increases for the renewal after 3 years.
  • They managed to get Broadcom to agree to include an extra 10% headroom (effectively 132 CPUs) in the subscription to accommodate minor growth, given the sudden cost increase – this was presented as a compromise instead of securing a steep discount.
  • They ensured the contract amendment stated this subscription purchase resolves the audit with no further fees or penalties. They established that any future compliance issues during the term would follow normal true-up processes (i.e., basically treating it as a fresh start).
• Outcome: ACME signs the deal, converting to a subscription model. The immediate financial impact is still significant, but by negotiating, they avoided paying retroactive support for the 20 unlicensed CPUs and a separate edition upgrade charge for past use of DRS. Instead, they rolled everything into one new agreement. ACME’s CIO also took the opportunity to insert some audit clause improvements in the new contract (for example, a clause about a 60-day cure period, since Broadcom was keen to close the sale).
• Post-Settlement Actions: Following this, ACME implemented stricter internal controls. They set up an automated quarterly report from vCenter to track host counts and feature usage. They made it policy that no cluster changes (such as enabling a feature) occur without a license compliance check. They also trained their VMware administrators about the differences between editions, so that nobody would casually enable something like DRS without proper clearance. Essentially, ACME turned this painful lesson into improved governance.

This scenario highlights several key points. First, even if you make a mistake (as ACME did by over-deploying and using unlicensed features), vendors often prefer a forward-looking solution (buy more product) to punitive action.

Use that to shape the resolution. Second, by negotiating and not simply agreeing to the first demand, ACME saved money and got better terms. Broadcom wanted them on subscription, and ACME leveraged that desire to get concessions (price caps, no penalties, some extra capacity).

Finally, ACME didn’t stop at putting out the fire – they invested in processes to prevent a recurrence. That’s the hallmark of a mature software asset management practice.

Preventative Measures & Governance Cadence

With the audit over (or ideally even before it begins), the real goal is to prevent future compliance issues. This requires ongoing vigilance and baked-in processes.

Here’s a checklist of preventative measures and governance practices to keep your VMware licensing shipshape:

• Regular Internal Audits: Conduct mini-audits on a routine schedule, such as quarterly or at least biannually. Review your VMware deployments against your licenses, as described in the self-audit section. Frequent checkups mean any drift is caught early, when it’s easier (and cheaper) to correct. Treat it as part of IT operations hygiene.
• Golden Configuration & Feature Controls: Establish baseline configurations that align with your entitlements. For instance, if you don’t own Enterprise Plus, consider setting a policy in vCenter to prevent enabling Enterprise Plus-only features. Some organizations use scripts or vCenter alarms – for example, an alarm if someone attempts to activate DRS without the correct license. You can also restrict who has permissions to change cluster settings. The idea is to technically enforce compliance wherever possible, rather than relying solely on human memory.
• Change Management with License Checks: Integrate license impact analysis into your change management process to ensure seamless integration. Whenever there’s a request like “add X new ESXi hosts,” “enable vSAN on cluster,” or “deploy new NSX instance,” have a checkbox or approval step that involves the IT asset manager or licensing specialist. They should verify if licenses are available for that change. This way, no one inadvertently deploys beyond your entitlement. It’s similar to how you wouldn’t deploy hardware without verifying budget – don’t deploy software capabilities without verifying license coverage.
• Horizon and User Management Hygiene: If you use Horizon or any user-based licensing, implement a joiner/mover/leaver process to manage those licenses. Ensure that when people leave the company or no longer need VDI, their accounts are promptly removed or deactivated to free up that license for someone else. Periodically (say monthly or quarterly) run an audit of Horizon accounts against HR records to catch stragglers. Also consider tying Horizon entitlements to AD groups that are regularly reviewed. In short, keep your user count accurate and justified at all times.
• Track and Limit Trials/Evaluations: Implement a strict policy that requires any trial software in a production environment to be tracked centrally. Ideally, avoid using eval licenses in prod entirely. If absolutely needed (say for a POC), mark the expiration date on your calendar and have a plan: either procure a real license or uninstall it by that date. Also, educate all admins that throwing an NFR key on a prod system is a fireable offense (or at least a big no-no). It’s harsh, but you need everyone to respect the risk.
• License Entitlement Repository: Maintain what we mentioned as the evidence vault – a well-organized repository of all license contracts, keys, and records. Assign an owner (or a small team) responsible for updating this whenever new licenses are purchased or environments change. This repository should be reviewed at least annually to ensure it remains up to date. It will save you a massive amount of time during an audit, and it helps new team members quickly understand the current license position.
• Compliance Calendar: Create a calendar for critical licensing dates and tasks. This includes support contract renewal dates (to avoid accidental lapses), the 180-day compliance report submissions (if applicable), setting reminders a month in advance, EULA notice periods (if any), and planned internal audit dates. By having a calendar, you won’t miss deadlines, such as forgetting to send a required usage report or renew support (which, as we’ve seen, Broadcom might use as a reason to take action).
• Training & Awareness: Invest in some internal training. Ensure that your VMware administrators and architects are aware of the new strictness in Broadcom licensing. For example, brief them on the 32-core-per-CPU rule, the fact that all hosts in a cluster need the same licensing for features, etc. It’s much easier to prevent a compliance issue if the people operating the environment understand the boundaries. Consider a quarterly brown-bag session or update memo on “License Compliance 101” tailored to your VMware setup.
• Monitor Usage with Tools: Utilize available tools to continuously track license usage. VMware’s vCenter offers basic license reporting, while third-party tools and VMware’s own vRealize/Aria Suite products can also help track usage. Even simple scripts, such as those that count VMs or check for feature flags, can be scheduled to run and alert you. Some companies set thresholds – e.g., if license usage reaches 90% of entitlement, trigger an alert to review whether more licenses are needed or if something needs to be turned off.
• Governance Reviews: Include license compliance in regular IT governance meetings or ITAM reviews. For instance, quarterly ITAM review meetings can include a 10-minute segment: “Are we within compliance on VMware and our other major software?” Keeping it as a recurring agenda item signals its importance and keeps management informed.
• Plan for the Future: Strategically, continue to evaluate your dependence on VMware. Broadcom’s policies are unlikely to become more lenient, and costs may increase. This doesn’t mean you must jump to another platform, but having a roadmap (like phasing to cloud or alternate virtualization for some workloads) can be part of your risk management. If nothing else, it gives you leverage as a customer. And if you do intend to migrate some systems off VMware, that plan should inform how many licenses you truly need to renew or buy in the future.

In essence, make compliance part of business as usual. It’s not a one-and-done project after an audit; it’s an ongoing practice.

The organizations that fare best in vendor audits are those that can almost predict the outcome because they continuously track their performance internally. You want to reach a point where an audit merely formalizes what you already know, with no major surprises.

By following a prevention cadence and cultivating a culture of compliance, you’ll not only avoid the nasty audit surprises but also potentially optimize your software spend (no more over-buying “just in case” or under-utilizing licenses). It’s a win-win for your peace of mind and your budget.

Related articles

• VMware vSphere Compliance Best Practices
• Navigating a VMware (vRealize/Aria) Suite Audit
• VMware Horizon and EUC Audit Considerations Under Broadcom
• Engaging with Broadcom on VMware Audit Resolution

FAQs

Q: Are VMware audits really more aggressive under Broadcom now?
A: Yes – by most accounts, VMware audits have become more frequent and hard-nosed since the Broadcom acquisition. Broadcom has a track record of squeezing more revenue from acquired products. Many customers who VMware did not previously audit have received audit notices in the past year. The tone is also tougher: Broadcom is quick to send legal notices for things VMware previously overlooked (like using software after support expiration). In short, VMware under Broadcom is behaving more like Oracle or SAP in terms of license enforcement. Companies should assume an audit will happen and prepare accordingly.

Q: What data and systems will auditors ask for during a VMware audit?
A: Expect to provide a comprehensive view of your VMware deployment. Common requests include: exports from vCenter of all hosts and clusters, details of all VMs (sometimes even a list of all VMs running), license keys in use and where they’re applied, evidence of how many CPUs/cores per host, any output from VMware’s “license usage” utilities or scripts, and usage reports from any VMware tools like vRealize/Aria or Horizon. They may also want to see contracts and proofs of purchase for your licenses. In some cases, auditors will request access to run a script on vCenter or collect logs. Always ensure you understand what a script does before running it. They shouldn’t need access beyond read-only data collection. You’ll also likely fill out a questionnaire detailing your environment (number of vCenters, versions, products in use, etc.). It’s a thorough inspection – basically, if it’s VMware and in your environment, assume you’ll need to account for it.

Q: Can I get a grace period or “true-forward” instead of paying back penalties if we’re out of compliance?
A: Often, yes. While it’s never guaranteed, many software vendors (Broadcom included) prefer selling you new licenses over imposing fines. Suppose an audit reveals that you are short. In that case, you can usually negotiate a settlement in which you agree to purchase the necessary licenses (or subscriptions) in the future. In return, the vendor waives penalties or back-charges. Essentially, you’re given a chance to true-up rather than pay “damages.” The key is to negotiate this explicitly. Ask for concessions such as a waiver of backdated maintenance or one-time penalty fees if you promptly sign an order for the shortfall. The vendor will want that sale booked, so they have an incentive to agree. Additionally, having a cure-period clause in your contract (as discussed) formally grants you a grace window to address issues. But even if it’s not in the contract, you can request it during negotiation. Just approach it in good faith: acknowledge the gap and demonstrate your readiness to resolve it by purchasing what’s needed – most vendors will prefer a cooperative customer purchase over a dispute.

Q: How do I restrict the scope of an audit to certain vCenters or clusters?
A: At the outset, clarify the scope in writing with the auditor. If the notice says “VMware products” generally, you can ask, “Does this include all global locations? Development and production?” Sometimes they might agree to focus on, say, production environments only, or a certain region, especially if you make a case that data privacy laws require separate handling for certain data (like EU vs US). However, be aware that VMware’s contract gives them the right to audit all use of their software, so they are not obliged to narrow the scope if they suspect something. The best you can do is negotiate a practical scope; for example, you may want to exclude lab environments that are segregated, or agree to sample a few clusters if you have many that are identical. Another way to “restrict” scope is via the data you provide – you might aggregate data at a level that answers the question without showing every detail of every cluster. Always discuss and get agreement if you take that approach. Finally, if there are parts of your environment that you truly cannot allow auditors to access (for example, a classified network), you can work out alternative verification methods for those areas (such as running the tools and attesting to the results). In summary, you can influence scope through clear communication, but you may not be able to outright refuse certain areas if they insist it’s in scope. Use diplomacy: “We believe these 10 clusters are all identical config – can we provide one example and extrapolate?” Auditors might agree to reduce their workload, too.

Q: Will VMware/Broadcom give us a break if we’re only slightly out of compliance?
A: It depends on what you mean by a break. If you’re only 2-3% over on usage, they might not charge you for the audit costs (since sometimes contracts say you pay audit costs if non-compliance is over 5%). They may still require you to buy the licenses for that overage, though. No vendor formally states, “We allow a 10% free pass,” but in practice, small gaps can be handled more leniently during negotiation. The key is to show you’re on top of it, and it was an honest oversight. They might, for example, give you a short window to correct it before finalizing the audit report. Or they might offer to align the purchase with an upcoming renewal rather than immediately. However, you shouldn’t count on any free pass – technically, any unlicensed use constitutes a contract breach. The safest plan is to assume you must cover even 1 unit of shortfall. If they choose not to enforce something minor (like one unlicensed dev VM), that’s gravy. Always communicate and ask – if you’re really close to compliant, sometimes saying “we noticed we’re just a few licenses short and are ready to order them – can we consider the audit closed with that?” will do the trick.

Q: What if we simply cannot afford the remediation that Broadcom asks for?
A: This is a tough situation, but not the end of the road. First, don’t panic and don’t simply refuse – that could escalate the situation legally. Instead, be transparent with the vendor about your budget constraints and explore alternative options. Can the purchase be phased over multiple quarters or years? Will they accept a partial true-up and then agree to re-evaluate in 6 months? Sometimes, if you truly can’t pay it all at once, the vendor would rather get something than drive you to bankruptcy or court. Another angle: consider swapping products or downsizing. Perhaps you could negotiate dropping support for some lesser-used products to offset the cost of licensing the critical ones. Also, elevate the conversation – involve your executives to talk to theirs, explaining the genuine hardship and proposing a partnership approach (e.g., extended payment terms, financing options, etc.). In parallel, you should indeed explore other solutions: can you rapidly shut down or migrate some VMware workloads to reduce the need for licenses? (E.g., move non-critical ones to a cheaper hypervisor or cloud temporarily.) Use that as negotiating leverage: “If we can’t reach a manageable number, we will have to migrate X% of our systems off VMware because we simply can’t pay this.” While it’s a risky bluff if you can’t actually do it, showing you have a plan B might soften their stance. Lastly, if it’s truly unworkable, consulting legal counsel is wise – sometimes they can negotiate settlements or at least delay things to give you breathing room. Remember, Broadcom ultimately wants revenue, not to punish you; if you make a good case that a gentler approach will still result in revenue (perhaps spread out or slightly reduced), they will often find a way.

Read about our Broadcom Audit Defense Service.

Do you want to know more about our Broadcom Audit Defense Services?

Please enable JavaScript in your browser to complete this form.

Name *

Email *

Company

Message *

Submit