IBM this week rolled out a feature-filled upgrade to its mainframe operating system, z/OS, focused on pumping up Big Iron availability, management and security. The general idea is to help customers reduce costs and improve services, said Jim Porell, Distinguished Engineer of System z.
While the new features are many, I have focused in on five key enhancements in z/OS V1.11, with a network focus of course, that could interest mainframe customers the most. They include:
Failure avoidance: Porell likened this new feature as an early warning light for mainframe customers. Basically the predictive failure analysis feature offers users clear notifications when system trends that can cause system or application problems are approaching. "For example we know what will happen of the mainframe starts using too much common storage or if you have too many jobs running at once and the systems can tell the operator of impending problems," Porell said. Such warnings can be sent to a mainframe console or an IBM/Tivoli management application that could automate a response before an issue leads to a bigger problem, Porell said.
Central security: A z/OS Communications Server feature promises to simplify the deployment of network security policies. This feature lets users more easily set up a centralized policy center using the mainframe's Resource Access Control Facility (RACF). RACF is the mainframe's central security administration application. In the past users had to set IPSec VPN security policies on individual applications or databases be here we now have a central front end to simplify policy management, Porell said.
Central security part II: Related to the policy enhancements, the z/OS V1.11 has new key generation and archival functions that let users generate and recover private keys from PKI Services. Support for new SSL VPN functions will be integrated in z/OS and updates to IBM/Tivoli Directory Server for z/OS are intended to help simplify the migration of security-related LDAP-based applications to z/OS, integrate them with the RACF system and ultimately enable unified enterprise-wide identity and access management, IBM said. When customers have hundred or thousands of end-users they want to encrypt end-to-end that can get very expensive and complicated, Porell said. Now with this security key function, which is basically free to the mainframe customer, they can efficiently manage certifications and the entire PKI operation from one place.
Avoiding the storm drain: The z/OS Communications Server has been enhanced with better intelligence to automatically distribute workloads across multiple mainframes in a group, or what's known in IBM parlance as a Parallel Sysplex. The idea here was to give z/OS better ability to find the least utilized machine in a Parallel Sysplex environment (which can include up to 32 mainframes). The feature is important in data recovery or disaster recovery applications where one systems could get overwhelmed, Porell said.
Nasty storage build-up: z/OS got improved internal storage monitoring and management support that lets customers monitor the storage used by particular sockets-based applications that, according tot IBM build up excessive amount of data on their send or receive queues. The idea is here is to keep the network running smoothly and divert or better control such traffic during periods where traffic volume peaks and storage is constrained, IBM said.
While those are five significant enhancements among many, Porell noted that a recent agreement with Intellinx could also interest mainframers looking to bolster regulatory compliance. Basically Tivo for the mainframe, the company's Intellinx zWatch for IBM System z lets customers take a snapshot of all business transactions performed on the mainframe, generate a detailed audit trail and detect suspicious activity Porell said.
The idea is to give customers a forensic tool that can be used for detecting and preventing fraud and data leakage and for managing investigations in financial and healthcare companies for example in real time, Porell said.
Layer 8 in a box
Check out these other hot stories: