Free Tool · Oracle-on-VMware Audit Exposure

Oracle VMware Compliance Risk Score that quantifies Oracle's soft-partitioning audit exposure across your vSphere, vCenter, VMotion, and DRS estate — the single largest unforced audit-defence loss in our 600+ engagements.

Oracle's soft-partitioning policy treats every host in a VMware cluster — and every host in every connected vCenter — as licensable for any Oracle database deployed anywhere in scope. The exposure compounds with vSphere version, vCenter scope, VMotion configuration, Storage vMotion, and DRS. Oracle's LMS playbook in a VMware audit targets the full cluster, not just the running VMs. This tool scores your buyer-side exposure so you walk into the audit with the evidence pack already built. Independent. Forensic. 100% buyer-side.

Former Oracle insiders25+ years600+ engagements$1.8B advised$500M+ verified savings100% buyer-side

Your VMware-Oracle estate

All inputs stay in your browser. Defaults model a mid-market estate with 2 vCenters and Oracle Database EE.

vSphere 6+ enables Storage vMotion across vCenter — expands Oracle's claim further.
Oracle's LMS treats Enhanced Linked Mode (ELM) as connecting all vCenters into one VMotion fabric.
The full host count Oracle will claim is licensable — not just the cluster running Oracle.
The hosts where Oracle VMs run. Buyer-side defence position is to license only these.
Oracle counts physical cores × Core Factor. Modern x86 = 0.5. ARM = 1.0.
Options multiply the exposure. Database EE + 3 Options ≈ 4× exposure per core.
Storage vMotion across vCenter is Oracle's strongest scope-expansion lever.

Oracle VMware audit risk

Buyer-side defensible position
Oracle's likely audit claim
Exposure delta (back-licence + support)
Risk band

Indicative model based on Oracle's soft-partitioning policy and Core Factor 0.5 for modern x86. Bring it to us for a forensic VMware audit defence.

VMware configurationOracle's scope claimBuyer-side defenceRisk level
Single isolated cluster, no shared storageThat cluster onlyCluster-only licensingLow
vSphere 5.x, no VMotion across clusterCluster + connected DRSAffinity rules + documented isolationMedium
vSphere 6+ with VMotion across clusterAll hosts in vCenterSub-cluster pinning + evidence packHigh
vSphere 6.7+ with Storage vMotion cross-vCenterAll hosts in ELM topologyDocumented physical/network isolationCritical
vSphere 7+ with NSX cross-vCenterAll hosts in NSX domainHard partitioning carve-outCritical
vSphere 8 with vMotion Notification APIFull ELM fabricMigration to OCI Dedicated Region or hard partitioningCritical
Already received an LMS or GLAS audit notice referencing VMware in scope?Our former Oracle insiders defend Oracle VMware audits, build forensic evidence packs, and push back on Oracle's soft-partitioning scope claim. We have closed multi-million-dollar VMware exposures at zero back-licence.
Defend an Oracle VMware audit →

How the Oracle VMware compliance risk score is calculated

The Oracle VMware compliance risk score quantifies the gap between the buyer-side defensible position — license only the hosts actually running Oracle workloads — and Oracle's audit-time claim under the soft-partitioning policy, which targets every host in every connected vCenter. The calculation uses Oracle's Processor Metric: physical cores × Core Factor × Database EE list price. Options are stacked on top. The Core Factor for modern x86 is 0.5; the Core Factor for IBM POWER and ARM is 1.0; the Core Factor for SPARC varies.

The buyer-side defensible position assumes affinity rules pin Oracle VMs to a named sub-cluster, the documented evidence pack proves no VMotion or Storage vMotion can move Oracle workloads outside that sub-cluster, and the audit-defence team challenges Oracle's "all hosts in vCenter" scope claim. The Oracle claim assumes Oracle's full soft-partitioning scope plus Storage vMotion expansion plus ELM connectivity. The delta between the two is the exposure — back-licence plus 22% support for the audit period plus 4–8% annual uplift for the unpaid years.

The risk band is calibrated: 0–25% of buyer position = low (cluster-isolation working), 25–100% = medium (typical exposure on a single vCenter with VMotion enabled), 100–300% = high (multi-vCenter ELM with Storage vMotion), 300%+ = critical (NSX cross-vCenter or vSphere 8 vMotion API estate). For the forensic methodology, see the Oracle audit defence guide.

Oracle's soft-partitioning policy — what the audit team actually argues

Oracle's soft-partitioning policy is published in the Oracle Partitioning Policy document on Oracle's website. It is a policy document, not a contract — but Oracle's LMS and GLAS audit teams treat it as binding in audit. The buyer-side counter is that the policy is non-contractual and cannot be retroactively applied to a licensed estate.

Oracle's audit-time argument in a VMware scenario typically follows this sequence:

  • vCenter inventory: Oracle requests the full vCenter inventory under the audit clause. Every host in every connected vCenter is identified.
  • VMotion history: Oracle requests the vCenter VMotion log going back to the start of the audit period. Any historical VMotion of an Oracle VM to a non-pinned host is treated as evidence the entire vCenter is in scope.
  • Storage vMotion: Oracle requests Storage vMotion configuration. Any cross-vCenter Storage vMotion expansion is treated as evidence the full ELM is in scope.
  • DRS rules: Oracle requests the DRS affinity rule export. Any "should" rule (vs "must" rule) is dismissed as non-binding. Only hard "must" rules are accepted as constraining scope.
  • NSX: Oracle requests NSX topology. Cross-vCenter NSX is treated as expanding scope across the NSX domain.

The buyer-side defence is to build the evidence pack before the audit notice arrives — documented affinity rules with "must" enforcement, vCenter segregation, Storage vMotion disabled across vCenters, DRS hard rules, and the formal architectural decision record. Without the evidence pack, the audit defence is reactive and the scope-expansion battle is usually lost.

For the buyer-side evidence-pack methodology, see the Oracle compliance review service.

Planning a VMware-Oracle audit defence and need the soft-partitioning evidence pack built?We build forensic VMware Oracle compliance reviews, document the affinity-rule enforcement, and prepare the audit-defence pack before the LMS notice arrives. 100% buyer-side.
Build a VMware Oracle compliance evidence pack →

The three architectural moves that cut Oracle VMware exposure to zero

Three architectural moves that close Oracle's soft-partitioning exposure permanently:

  • Migrate Oracle workloads to OCI Dedicated Region or OCI Compute. Oracle's own cloud has explicit BYOL terms that bypass soft-partitioning. The host-pinning argument disappears because OCI's tenancy model is contractually defined. For migration economics, see the OCI advisory service.
  • Migrate Oracle workloads to a hard-partitioned platform. IBM LPAR, Oracle VM Server with hard partitioning, Solaris Zones with capped resource pools, and Oracle Linux KVM with hard CPU pinning are all on Oracle's hard-partitioning list. Hard partitioning is contractually recognised and Oracle cannot expand scope to other hosts.
  • Replatform off Oracle to PostgreSQL or a cloud-native database. The exposure goes to zero when the Oracle workload is decommissioned. PostgreSQL with EDB or Citus, AWS RDS for PostgreSQL, Azure Database for PostgreSQL, and Google Cloud SQL for PostgreSQL all eliminate the VMware exposure entirely. See the Oracle to PostgreSQL migration guide.

For estates that cannot replatform inside the audit horizon, the practical move is to segregate the Oracle estate onto a small dedicated VMware cluster with no VMotion connectivity to the broader fabric, document the isolation in writing, and migrate the workload to OCI or a hard-partitioned platform over the next 18–24 months.

Anonymised case: $14.2M VMware claim defended to $0 back-licence

A North American manufacturer received an LMS audit notice referencing an Oracle Database EE deployment running across a 6-host vSphere cluster. Oracle's audit team expanded scope to 84 hosts across 3 connected vCenters under Enhanced Linked Mode and Storage vMotion. The initial Oracle claim was $14.2M in back-licence plus 4 years of unpaid support uplift. We built the forensic evidence pack: documented "must" affinity rules going back 5 years, vCenter segregation architectural decision records, Storage vMotion configuration showing the Oracle cluster's storage was isolated, and the formal architectural review confirming the Oracle hosts had not been targets of any VMotion outside the named sub-cluster. After 9 months of forensic audit defence, Oracle closed the audit at zero back-licence. The defence cost was a fraction of the original Oracle claim, and the customer retained full architectural flexibility on the non-Oracle estate.

For comparable VMware audit-defence outcomes, see the Oracle Licensing Experts case study library.

Related guides and tools

Pillar Guide

Oracle audit defence complete guide

LMS, GLAS, USMM, the 45-day notice, and the buyer-side defence playbook.

 Tool

Oracle Audit Risk Assessment

Score your overall Oracle audit exposure across Database, Java, and Middleware.

 Service

Oracle Cloud & OCI Advisory

BYOL portability, OCI migration, and the path off VMware-Oracle soft-partitioning exposure.
Free Briefing

The Oracle audit intelligence briefing

Get the weekly Oracle Licensing Briefing — VMware soft-partitioning tactics, audit-defence playbook updates, and Oracle commercial moves from former Oracle insiders.

Buyer-side intelligence only. No Oracle reps. Unsubscribe any time.