SAM (Software asset management) general question

I am performing research for a potential SAM use.  I understand that there are many different types of software license types (ie: enterprise, volume licenses, by cpu, by person, etc.).
I also understand that in using a SAM, the primary source of license "verification" would come from purchasing records (PO's, payment receipts, etc.) that would need to be integrated into the SAM system.
Lastly, I understand that, the most likely way to do a license compliance check is to basically match up the purchasing data collected and normalized against the discovery data that was collected and normalized.  Hopefully, everthing matches up close and that's great.

I have a couple of scenarios below that an experienced SAM (admin/manager) should be able to answer, either from direct experience or accepted practices.  I'm posting this with a high award because the accepted answer must be thorough, well expressed and should show true evidence of experience this this area. You're going to have to take some time to write up some detail so there is minimal ambiguity or mis-understanding.  If you are going to just point me to a SAM website resource, then please don't bother.

1) The original purchase data shows ABC software, version 2.1 and is correctly matched against discovery data but the software was later updated by the user to version 2.5 so what used to match now does not.  How is this reconciled and/or fixed?

2) An original software purchase for ABC software, version 3.1 is in the SAM system and matches up in a compliance check against discovery data.  The software is later replaced by a competitive purchase of DEF software version 4.5 at a significant lower than retail cost. Do any SAM systems allow for a way to indicate a competitive purchases replacing an existing software asset?  Otherwise, you end up with 2 purchasing records for both sw assets, 2 discovery sw assets, yet only one should be installed and licensed.
Who is Participating?
edster9999Connect With a Mentor Commented:
Hmmm - thats a question and a half :)

This is not the answer you are looking for - lets hope someone can give you something better.

To start with what you are asking is very close to impossible.
It is easy enough to scan all your pcs and record what software is installed and used - and what version numbers are installed.
This data can be kept in the scanning system or exported into a database (or even something strange like a spreadsheet).
It is fairly easy to track changes from scan to scan - but working out what is allowed or not allowed is the impossible or at least very difficult bit.
When they upgrade from version 2.1 to 2.5 there is no real way of checking if this is a free  upgrade or if it has to be paid for.
Every license is different.
Some software only charges you for major version upgrades (example from version 3.X to version 4.X and small upgrades like 4.0 to 4.1 are free).  Others charge for every version.  Others will give you any version for free once you have the software.

So where does this leave you ?  You need human input at this point.
Someone has to check each license for each version and each program, and update the database with flags so you know what is allowed and not allowed.
You then do a new scan and highlight any changes that are not marked as acceptable.
These will have to be investigated or paid for.

Your other point about 2 bits of software - again this has to be checked per license.
Some software will let you put it into a pool if you uninstall it and use it again later.
Some software is 'use it and loose it'.  Once you have had it on the machine and used it, you can only use it on that machine or by that user - so upgrading would waste the license.
Rich RumbleConnect With a Mentor Security SamuraiCommented:
I don't know anyone that uses or keeps good records, and I've been charged with auditing licenses and compliance for years. I am going to assume the OS, or the majority of the OS your looking to reconcile is Windows. You should also understand that "installed" and "present" might be interchangeable, and can throw your audit/reconciliation way off depending on the solutions or methods chosen. For example, users with no admin rights, they can't "install" firefox in the traditional location (c:\program files), but they can "install" it on their desktop. When you go to "add/remove programs" in the control panel FF isn't going to show up in that list. This holds true for other software as well, licensed software like winrar or winzip for example. Most times a registry entry is needed to enter a license key for software, not always, but often, and not being able to write to certain parts of the registry (being non-admins) means the software isn't actually using the license, even if the user is being prompted to enter it. It's not licensed until it's permanent, some write to the same dir as the program, some config file, but most programs try to write to some part of the registry. So is that really licensed or unlicensed software? hard to say in that case, I've been told it's unlicensed since it's self resetting, but again kooky.

1.) Version purchased vs Current version
This is hand reconciliation as pointed out before, your license for Adobe was for ver 10.0.0 and with the updates that come standard your on 11.2.3. You have to read the license to see if that is a natural progression, typically it is.
2.) Legacy software and Replacement software
Replacing Microsoft Office with OpenOffice, as long as the license for M$ office is valid, the two can live side by side with no conflict or needed resolution. As far as SAM software, I've never seen any good ones, you can do just as well with a spreadsheet as anything. Software is a balance sheet, you only need to current balance to be up to date, the legacy stuff is for records only.
Good points and pretty much all of what I assumed but I was hoping that someone out there might have known something different, like a robust SAM system that accounted for the two scenarios.  Both answers were good but I split points based on what I believed was fair.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.