IBM ILMT Sub-Capacity Licensing: The Complete Enterprise Compliance Guide

IBM's sub-capacity licensing model is one of the most powerful cost optimisation mechanisms available to enterprise IBM customers — and one of the most frequently misunderstood. In a virtualised environment, sub-capacity licensing allows organisations to pay only for the processor capacity actually allocated to IBM software, rather than the full capacity of the physical server. The difference can be enormous: a physical server with 2,000 Processor Value Units (PVUs) running IBM software on a 4-vCPU virtual machine might qualify for just 400 PVUs under sub-capacity rules.

The mechanism that makes this possible — and the mechanism IBM requires to prove it — is the IBM License Metric Tool (ILMT). Since May 2023, IBM has closed virtually all exceptions to ILMT's mandatory deployment. Every organisation running IBM sub-capacity-eligible software in a virtualised environment must deploy ILMT, maintain 100% coverage of IBM software hosts, and produce quarterly compliance reports retained for a minimum of two years.

This paper is a definitive operational guide for enterprise IT, procurement, and ITAM leaders responsible for maintaining IBM sub-capacity compliance. It covers the technical requirements, the most common compliance gaps, the audit consequences of non-compliance, and the cost optimisation opportunities that a correctly implemented ILMT programme creates.

IBM's standard licensing metric for server software is capacity-based. For products licensed by Processor Value Unit (PVU), the number of PVUs required is determined by the type and number of processor cores on the server where the software is installed. IBM publishes a PVU table that assigns a PVU value per core based on processor model and architecture — values range from 70 PVUs per core for lower-specification x86 processors to 120 PVUs per core for high-performance processors.

Full Capacity vs Sub-Capacity

Under full-capacity licensing, an organisation must licence all processor cores on the physical server where IBM software is installed — regardless of how many cores are actually available to the IBM workload. This is straightforward to calculate but commercially punitive for virtualised environments, where IBM software may be deployed on a small VM within a large physical host.

Sub-capacity licensing changes the calculation: instead of licencing the entire physical host, the organisation licences only the virtual processors (vCPUs or virtual cores) allocated to the virtual machine or LPAR running the IBM software. The eligible virtualisation technologies for sub-capacity licensing are defined by IBM's Passport Advantage Agreement (PAA) and include VMware ESXi, IBM PowerVM, and a range of other approved hypervisors.

Eligible Products and Metrics

Sub-capacity licensing applies to IBM products licensed by PVU that are deployed in IBM-defined eligible virtualisation environments. The IBM Passport Advantage programme lists over 500 products eligible for sub-capacity licensing. Common enterprise products include IBM Db2, IBM WebSphere Application Server, IBM MQ, IBM DataStage, IBM FileNet, IBM ILOG CPLEX, and dozens of others across analytics, integration, and data management.

Products licensed by RVU (Resource Value Unit), per-user, or per-seat metrics are not subject to the same sub-capacity rules. IBM Cloud Paks, licensed by Virtual Processor Core (VPC), have their own measurement framework via the IBM License Service (ILS) rather than ILMT — though the compliance obligations are equally stringent.

The IBM License Metric Tool is the authorised mechanism for documenting sub-capacity licence usage. IBM provides ILMT free of charge to sub-capacity licensees through the IBM Passport Advantage portal. Structurally, ILMT is an agent-based software asset management tool that discovers IBM software installations, measures the virtual processor capacity allocated to each installation, and generates the quarterly compliance reports that serve as audit evidence.

ILMT Architecture

ILMT operates on a server-agent model. A central ILMT server (running on Linux or Windows) receives data from lightweight agents deployed on every host in the environment. The ILMT server correlates agent data with IBM's software catalogue, applies the appropriate PVU values from IBM's published table, and calculates the maximum observed sub-capacity usage within each reporting period.

The ILMT server stores a rolling history of capacity data. The sub-capacity report it generates reflects the peak observed PVU usage across the reporting period — not an average, and not the current usage at the time of report generation. This is critical: if a workload temporarily expanded to use more vCPUs at any point during the quarter, that peak drives the licence requirement for the entire quarter.

Scanning Cadence

IBM specifies minimum scanning frequency requirements for ILMT to remain in a compliant state. Specifically:

• Software inventory scan: At least once per week per endpoint. This scans for installed IBM software and compares against the software catalogue.
• Capacity scan: At least once per month per endpoint, and additionally whenever infrastructure changes occur (new VMs, vCPU reallocation, hypervisor migrations).
• Additional scans: IBM recommends triggering additional capacity scans after any infrastructure event that could change the allocated vCPU count for IBM software hosts.

Approved Alternatives to ILMT

IBM accepts two alternatives to ILMT for sub-capacity reporting. IBM BigFix Inventory — an enterprise-grade ITAM platform built on the IBM BigFix platform — provides equivalent ILMT functionality with additional capabilities for broader software asset management. Selected versions of Flexera FlexNet Manager Suite with IBM sub-capacity modules have also been accepted in specific contractual arrangements. Both require formal approval from IBM. Any organisation considering an alternative to ILMT should obtain written confirmation from IBM that the alternative tool is accepted under their specific Passport Advantage agreement.

IBM's sub-capacity licensing terms are explicit: ILMT must be installed on every physical or virtual machine within the enterprise where IBM sub-capacity-eligible software could be or is installed. There is no concept of partial coverage — 95% coverage is not compliant. Any machine excluded from ILMT scanning, for any reason, invalidates the sub-capacity claim for the entire reporting period.

What 100% Coverage Means in Practice

For a large enterprise with thousands of servers across multiple data centres, public cloud tenancies, and managed service provider environments, achieving and maintaining 100% ILMT coverage is operationally challenging. Key requirements include:

• All physical servers, virtual machines, and LPARs where IBM software is installed must have an active ILMT agent deployed and communicating with the ILMT server.
• Agents on machines that have been offline for more than 30 days without an inventory scan create compliance gaps for those periods.
• Test and development environments are not exempt. If IBM sub-capacity-eligible software is installed in a dev/test VM, that VM requires ILMT coverage.
• Cloud environments (AWS, Azure, GCP) running IBM software via bring-your-own-licence (BYOL) require ILMT agents if the workloads are on non-sub-capacity-exempt instance types.
• Third-party managed environments running IBM software on your behalf are your compliance responsibility — your vendor's infrastructure must also be covered.

Exclusions and Exceptions

IBM has progressively tightened the list of exclusions since the May 2023 policy update. The following environments were historically exempt but are now generally subject to full ILMT requirements:

• IBM Cloud Virtual Servers (in most cases, IBM Cloud now provides its own sub-capacity tracking mechanism, but BYOL workloads on non-IBM cloud require ILMT).
• Organisations with fewer than 1,000 PVUs of IBM software were historically considered for exceptions — IBM has largely eliminated these exceptions in current policy.
• Trial and Proof of Concept deployments lasting fewer than 90 days may qualify for specific exemption treatment, but this must be documented and agreed with IBM in advance.

The sub-capacity compliance report generated by ILMT is the documentary evidence that demonstrates IBM licence compliance. IBM requires that this report be produced at least once per quarter — and that each quarterly report be retained for a minimum of two years from its generation date.

Report Content and Structure

The ILMT sub-capacity report is generated directly from the ILMT console as a structured report format. It contains:

• A summary of all IBM products detected in the environment and the applicable licence metric for each.
• The peak observed sub-capacity usage (in PVUs, VPCs, or other applicable metrics) for each product during the reporting period.
• A coverage status indicator showing the percentage of endpoints with compliant ILMT agents.
• The start and end dates of the reporting period.
• Hardware inventory details for all scanned endpoints, correlated with the IBM PVU table values.

Report Generation Timing

IBM does not mandate a specific calendar quarter for reporting — the obligation is to produce a report covering any continuous 3-month period, at minimum. However, best practice aligns reporting quarters with the calendar year (Q1: Jan–Mar, Q2: Apr–Jun, etc.) to simplify audit preparation and ensure consistent historical records.

Retention Requirements

Two years of quarterly reports must be retained and producible within a reasonable timeframe in the event of an IBM audit request. Reports should be stored in a secure, accessible repository — ideally with version control and access logging to demonstrate the integrity of the audit trail. Reports deleted, corrupted, or otherwise unavailable during an audit are treated by IBM as non-compliance evidence for the corresponding periods.

Best Practice: Monthly Interim Reports

While IBM mandates quarterly reports as a minimum, we strongly recommend that organisations generate ILMT reports monthly. Monthly reporting provides earlier visibility into licence consumption trends, reduces the risk of a surprise quarter-end peak, and creates a more defensible audit trail that demonstrates proactive compliance management. The marginal operational cost of monthly versus quarterly reporting is minimal — the ILMT report generation is automated once configured.

Across more than 120 IBM compliance engagements, Redress Compliance has identified seven recurring failures that create material compliance exposure. These are not theoretical risks — they are the specific issues IBM auditors focus on and the gaps that result in audit settlements.

IBM audit teams are skilled at identifying ILMT compliance gaps, and the consequences of a failed sub-capacity audit are severe. IBM's standard position when ILMT compliance cannot be demonstrated is to calculate licence requirements at full capacity — the most expensive possible metric — for the entire period during which compliant ILMT data does not exist.

Full-Capacity Back-Billing

If ILMT was not deployed, or coverage was incomplete, IBM will typically back-bill full-capacity licence fees for the period in question, plus the full annual maintenance (S&S) on those licences. For large IBM software estates, full-capacity back-billing for a 2-year audit lookback period can generate claims in the millions of pounds or dollars. Redress Compliance has seen IBM audit claims in the range of £500,000 to £8M arising primarily from ILMT compliance failures rather than genuine software overdeployment.

Back-Maintenance on Licence Deficits

IBM's standard maintenance rate is approximately 20% of licence value per annum. Any retroactive licence requirement identified in audit carries retroactive maintenance charges at the same rate for the lookback period. A £2M licence deficit identified in audit can generate a further £800,000 in retroactive maintenance charges over a 2-year lookback.

IBM's Audit Evidence Standards

IBM auditors apply a specific evidence hierarchy when assessing sub-capacity compliance claims. At the top is a complete, unbroken set of quarterly ILMT reports covering the full audit period. Where reports are missing or coverage is incomplete, IBM auditors apply assumptions that are almost always unfavourable to the auditee. IBM does not accept verbal assurances, informal records, or third-party tool outputs as substitutes for ILMT reports in formal audit settings.

ILMT is not just a compliance mechanism — it is the most powerful IBM cost optimisation tool available to enterprise buyers. A correctly implemented ILMT programme actively monitors IBM software usage and creates opportunities to reduce licence requirements through infrastructure optimisation.

VM Right-Sizing for IBM Software

ILMT data reveals the actual vCPU consumption patterns of IBM software workloads. Many organisations provision VMs with more vCPUs than IBM software actively uses — each unnecessary vCPU adds directly to the PVU licence requirement. ILMT reports showing consistently low CPU utilisation provide the evidence base for a vCPU reduction exercise that directly reduces licence costs.

Workload Consolidation

ILMT data enables infrastructure architects to identify IBM software workloads that could be consolidated onto fewer virtual machines, or relocated to lower-PVU hosts (for example, moving from high-PVU Intel Xeon servers to lower-PVU ARM or entry-level x86 configurations). These decisions, driven by ILMT data, can generate material licence savings without any change to the IBM software footprint itself.

Non-Production Licence Optimisation

IBM offers non-production licences at a significant discount (typically 50% of production pricing) for development, test, and training environments. ILMT data allows organisations to definitively categorise each IBM software deployment as production or non-production, ensuring that the correct licence type is applied and that organisations are not paying production rates for non-production workloads.

Identifying and Decommissioning Unused Deployments

ILMT scans detect all IBM software installations across the estate — including software that is installed but never used, forgotten deployments from legacy projects, and residual installations from migrations. Each of these represents unnecessary licence cost. ILMT data provides the evidence needed to decommission unused deployments and remove the corresponding licence requirement.

A European manufacturing company with operations across 12 countries received an IBM audit notification citing concerns about sub-capacity licence compliance across their Db2 and WebSphere Application Server estate. IBM's preliminary assessment — based on their own records of entitlements versus the physical server specifications the company had registered — suggested a licence deficit of approximately £3.2 million.

Challenge

The client had deployed ILMT three years earlier but had not maintained it consistently. Agent coverage had degraded to approximately 62% of IBM software hosts due to infrastructure growth outpacing agent deployment. Quarterly reports had been generated only sporadically — 6 reports existed for the preceding 12 quarters. IBM's position was that the sub-capacity claim could not be supported for the periods without compliant ILMT evidence, and demanded full-capacity fees for those periods.

Approach

Redress Compliance engaged 60 days before the formal audit response deadline with a three-track remediation programme. First, we conducted an emergency ILMT agent deployment to bring coverage to 100% across all IBM software hosts, generating a compliant baseline from which to demonstrate current usage. Second, we worked with the client's virtualisation team to reconstruct historical vCPU allocation data from VMware vCenter logs, providing partial independent corroboration of sub-capacity usage for periods without ILMT data. Third, we conducted a full entitlement reconciliation — analysing the client's Passport Advantage purchase history against actual deployments to identify credits, migration entitlements, and cross-product licence transfers that reduced the gross deficit figure.

The entitlement reconciliation alone reduced the assessed deficit by £890,000, identifying licence migration credits that IBM's opening audit position had not accounted for. The vCenter reconstruction provided supporting evidence that reduced IBM's retroactive full-capacity claim for periods without ILMT data, resulting in a partially accepted sub-capacity position for 7 of the 6 deficient quarters.

Outcome

The audit was settled at £1.1 million — a reduction of £2.1 million from IBM's initial claim. The settlement included a structured ILMT compliance programme with agreed milestones for ongoing monitoring. The client implemented ILMT as a managed service component with automated agent deployment on all new VMs and monthly report generation.

Redress Compliance is a Gartner-recognised, 100% buyer-side enterprise software licensing advisory firm. We have no commercial relationships with any software vendor — our only client is the enterprise buyer.

Our IBM licensing advisory practice specialises in sub-capacity compliance programme implementation, ILMT health assessments, IBM audit defence, and licence optimisation. We have completed over 120 IBM engagements across EMEA and North America, including deployments ranging from 500 PVU environments to global estates exceeding 200,000 PVUs.

IBM Licensing Advisory Services · All White Papers · Enterprise Spend Navigator Newsletter