>
Journal · Db2
Db2

Db2 bundled with other IBM products scope limits.

Db2 travels inside a long list of IBM products, supplied under a restricted use license rather than a full one. The bundled copy is entitled to support its parent product and nothing else. Cross that line and a free database becomes a paid finding.

May 2026 · 6 min read · Db2

How bundled Db2 is licensed

When Db2 ships inside another IBM program it carries a restricted, or limited, use grant. That grant lets the parent product use Db2 as its data store. It does not grant a general purpose database you can point other applications at. The restriction is set out in the License Information document for the parent product, and that document, not assumption, is the controlling reference.

This is why the bundled copy costs nothing extra to run within scope and a great deal to run outside it. The moment a workload that is not the parent product reads from or writes to that Db2 instance, the use leaves the grant and becomes unlicensed standalone Db2.

The breach pattern auditors look for

  • A second application is connected to the bundled instance for reporting or integration.
  • The bundled database is promoted to a shared enterprise data store.
  • Schemas or tables unrelated to the parent product are created in the instance.
  • The instance outlives the parent deployment and keeps running standalone.

Each pattern converts a restricted use entitlement into a claim for full Db2 licensing, counted in PVU across the cores where the instance runs. Because the instance was never tracked as a licensable Db2 deployment, ILMT may also have missed it, compounding the finding with a sub-capacity exposure.

How to defend a bundled Db2 claim

Read the parent License Information document

The scope of the grant is defined by the parent product, so the defense starts there. Confirm exactly what the restricted use grant permits before accepting that any given use falls outside it. Auditors sometimes read the boundary more narrowly than the document does.

Map every connection to the instance

Establish what actually touches the bundled database. Many alleged breaches turn out to be parent product components, supported integrations, or administrative access that sits inside the grant. Only genuine out of scope use should ever enter the finding.

What this means under audit

Bundled Db2 findings are often built on the broadest reading of the grant and the assumption that any connection is a breach. Tested against the parent License Information document and a real map of what touches the instance, most of the claimed exposure narrows sharply, in line with the 30 to 92% reduction range our engagements deliver.

Related reading
IBM Db2 Licensing and Audit DefenseThe Free Db2 Bundled With Cognos and Its Scope LimitBundling Misuse: Using Db2 Beyond the Cognos ScopeDb2 Advanced Enterprise Server Edition Licensing
Talk to Audit Defense →Get audit help now

The IBM Audit Brief

Audit triggers, ILMT pitfalls, and settlement tactics for IBM software buyers.

IBM Audit

Independent, buyer side IBM software audit defense and negotiation. Not affiliated with IBM Corporation.

Services
Audit DefenseAudit NegotiationILMT RemediationSub-Capacity Defense
Products
WebSphereDb2CognosCloud Pak
Company
AboutContactJournalWhite Papers
Independent. Not affiliated with IBM Corporation.Buyer Side · Est. 2019