Db2 PVU vs Authorized User licensing.
Db2 can be licensed per core or per named user, and the right metric depends entirely on the shape of your estate. Pick wrong, or let the deployment drift away from the metric you bought, and the gap becomes an audit finding. Independent and buyer side. Not affiliated with IBM.
Two metrics, two shapes of risk.
Db2 editions are offered under Processor Value Unit licensing, which counts the cores the database can use, and under Authorized User licensing, which counts named individuals with access. PVU is the natural fit for high-throughput databases serving large or anonymous user populations, where counting people is impractical. Authorized User fits a contained, identifiable group of named users on a smaller footprint. The two are not interchangeable, and each carries a different audit exposure.
How Authorized User is actually counted.
Authorized User is a per-person metric with a catch: it usually carries a minimum number of users per core or per server, so it does not stay cheap as the hardware grows. IBM counts every individual authorized to access the database, directly or indirectly, including service accounts and people reaching Db2 through an application tier. The frequent finding is undercounting indirect access, where users hitting Db2 through a front-end application were never counted as authorized users at all.
- PVU counts cores the database can use, at roughly 70 PVU per Intel core
- Authorized User counts named people, often with a per-core minimum
- Indirect access through an application tier still counts toward the user total
- The metric on the entitlement must match the metric the deployment fits
When the metric and the estate drift apart.
A deployment licensed per Authorized User when it was a small departmental database becomes a problem when the same database is later exposed to a wide user base, or moved onto larger hardware that triggers the per-core minimum. Conversely, a PVU entitlement on a lightly used database with a handful of named users may be more than the estate needs. Audits catch the first case as a shortfall; the second is an optimization opportunity that only surfaces when someone reconciles the metric to the actual usage.
What this means under audit.
A Db2 finding usually reduces to a metric question: were you counted on the right basis, and was the count done correctly. Under Contain, Reconcile, Challenge, Settle, the Reconcile step rebuilds the deployment against the entitlement metric on file, counts authorized users including indirect access where that metric applies, and recalculates PVU with sub-capacity where that metric applies. Establishing the correct metric and an accurate count is what turns an opening claim into a defensible number.
License Db2 on the right basis.
Our audit defense rebuilds your Db2 deployment against the entitlement metric, counts indirect access correctly, and challenges the finding on the facts. 48 hour mobilization on notice.
Get audit help now →The IBM Audit Brief
Audit triggers, ILMT pitfalls, and settlement tactics for IBM software buyers.
Independent, buyer side IBM software audit defense and negotiation. Not affiliated with IBM Corporation.