① Product · BMC AMI Security
BMC AMI Security is licensed on mainframe MSU capacity, increasingly under zConsumption Licensing with an annual true up. The metric tracks the capacity it protects, not event volume, so the levers are the protected footprint, the consumption baseline, and the bundle it ships in.
BMC AMI Security is the security pillar of the BMC AMI (Automated Mainframe Intelligence) portfolio. It detects and responds to mainframe security threats, identifies stolen credentials and rogue users in real time, baselines behavior to surface anomalies, and streams security events into enterprise SIEM platforms. It is positioned around compliance with regulations such as DORA and the NIST Cybersecurity Framework, and around protecting z/OS estates from ransomware and data tampering. Important for buyers: it is almost always sold inside the broader BMC AMI bundle, so its licensing has to be read in that context, not as a standalone line.
BMC AMI Security is licensed on mainframe capacity measured in MSU. BMC increasingly offers it under zConsumption Licensing (zCL), a consumption model in which the charge is based on the prior year's actual z/OS MSU consumption with an annual true up on any overage, rather than a fixed full machine entitlement. Where a site has not moved to zCL, AMI Security is typically licensed on the authorized MSU capacity of the LPARs it protects. BMC has based its per MSU consumption conversion on a stated MIPS to MSU ratio for the machine models in scope, which makes the ratio applied and the consumption window used to set the baseline both material to the number.
| Attribute | Detail |
|---|---|
| Charge model | Capacity based, recurring; zCL consumption option |
| Metric | MSU (protected capacity) |
| zCL basis | Prior year actual z/OS MSU, annual true up on overage |
| Not priced on | Event volume, alert counts, or user numbers |
| Typical context | Inside the broader BMC AMI bundle |
The first cost driver is the protected MSU capacity, or under zCL the prior year consumption baseline, which can sit above what the security function actually needs to cover if it was scoped to the whole estate rather than the systems that genuinely require monitoring. The second is the bundle: AMI Security usually ships with AMI Ops, AMI Data, and AMI Storage, and a shared consumption commitment across that portfolio frequently sets the cost more than any single security line. The third is the true up mechanism under zCL, where overage in a peak year can lift the following year's baseline if the consumption window and ratio are not scrutinized.
AMI Security exposure sits in the gap between protected capacity, the consumption baseline, and what the bundle actually entitles. Common traps we see at pattern level:
Where exposure hides
Security is rarely cut for its own sake, but the licensing around it bends like any other capacity deal. The five levers that pay:
Buyer side levers
Mainframe security tooling is a competitive category: BMC AMI Security sits alongside offerings from other mainframe security vendors and, for some functions, capabilities native to the external security manager such as RACF, ACF2, or Top Secret. That makes the function more contestable than a database or transaction monitor, and a credible alternative can be a genuine lever, particularly where AMI Security overlaps with controls already in place. The caution is that ripping out a deployed security monitoring layer carries operational and compliance risk, so the realistic move is usually scope discipline and bundle negotiation rather than wholesale replacement. Price the alternative honestly and hold it in reserve.
The bundle and the baseline set the price.
Metric explainers: MSU explained, the MIPS to MSU conversion question, resetting the MSU baseline, and cost per MSU benchmarks. Sibling products: Control-M for z/OS licensing and Recovery Management for Db2 licensing. Hub and commercial: the BMC buyer side guide and BMC mainframe cost optimization.
Audit notice or renewal under 18 months out? We mobilize within 48 hours.