The free Db2 bundled with Cognos and its scope limit.
Cognos ships with a Db2 license, but a restricted one, licensed only to support Cognos itself. Point that Db2 at anything else and the entitlement does not cover it. Bundling misuse is a named IBM audit trigger.
Bundled entitlements are one of the most misunderstood features of IBM licensing, and the Db2 that comes with Cognos is the textbook case. Cognos Analytics includes a Db2 license so the platform has a database to run its content store and supporting functions. The license is real, it is included, and it is genuinely free. What it is not is a general purpose Db2 license. It is restricted to use in support of Cognos, and the moment that database serves another workload, the restriction is breached.
IBM lists bundling misuse, using the Db2 bundled with Cognos beyond its allowed scope, as one of the recognized audit triggers, alongside support non-renewal, three or more years since the last audit, heavy use of high-risk products, and requesting support for an unlicensed product. It appears on that list because it is common and easy to do unintentionally. A database administrator sees a working Db2 instance and uses it for a second application, not realizing the license that came with it does not stretch that far.
What the bundled license actually permits
The exact terms live in the License Information document for the Cognos version you hold, and they should be read rather than assumed. The consistent principle across versions is that the bundled Db2 is licensed to support the bundling product, Cognos, and nothing more. That typically means the Cognos content store, audit, and related repositories. It does not mean a shared enterprise database, a data warehouse, or a home for other applications that happen to need a database.
How the scope gets breached
- Hosting a second application's tables in the same Db2 instance because it is already running
- Using the bundled Db2 as a general reporting or staging database
- Letting other teams connect to it for convenience over time
- Promoting the instance into a shared service after the original Cognos project ends
How we defend it
The defense starts with reading the actual License Information terms for your Cognos entitlement and mapping what each bundled Db2 instance is doing against them. Where usage is genuinely confined to Cognos, we document it so the no charge position holds. Where a bundled instance has taken on outside workloads, we separate the in-scope use from the out-of-scope use, so any finding is sized to the actual breach rather than to the whole instance, and we reconcile against any full-use Db2 entitlement already held that could cover the overflow. Frequently the exposure is far smaller than IBM's opening position once the bundled and full-use boundaries are drawn correctly.
The Db2 bundled with Cognos is free only while it serves Cognos. Read the License Information terms, keep each bundled instance confined to Cognos, and if it has drifted, scope the finding to the actual outside usage rather than conceding the entire instance to a full-use charge.
A bundled Db2 instance in scope?
Our Audit Defense engagement reads the License Information terms, maps each instance against them, and scopes any finding to the real breach rather than the whole database.
See Audit Defense →The IBM Audit Brief
Audit triggers, ILMT pitfalls, and settlement tactics for IBM software buyers.
Independent, buyer side IBM software audit defense and negotiation. Not affiliated with IBM Corporation.