Skip to primary content
Skip to secondary content

Value-4IT Blog

zWorld Thoughts & Updates

Main menu

  • Blog Home
  • Value-4IT Home
  • Contact Us
  • Privacy
  • Legal

Monthly Archives: March 2016

z13s: An Affordable IBM Mainframe For Encrypted Hybrid Clouds?

Posted on 01/03/2016 by zman

Recent encryption trends indicate that ~50% of organizations transfer sensitive or confidential data to the cloud, whether encrypted or not; growing to ~75% of organizations in the next year or so. The number of organizations with an enterprise wide encryption strategy has risen slowly to ~35%. Seemingly ~40% of data at rest in the cloud is unprotected! One must draw one’s own conclusions as to why cybersecurity attacks are increasing in number, with the inevitable consequence of business data exposure!

Historically the enterprise class business deployed the best available IT infrastructure for their available budget. Generally this generated a modus operandi of quantifying the cost of computing power (I.E. Cost per MIPS), where business chargeback scenarios were both scarce and simply measured. From a business viewpoint, arguably the best measure of business cost is transaction based, where these external facing transactions deliver business value, both in terms of financial and reputation attributes. With the current digital data explosion, driven by Mobile and Social interfaces, the number of business transactions increases significantly, year-on-year, while the security exposure for the associated business data has never been higher. What is the feasibility of deploying a single footprint computing platform that delivers industry leading security, capacity and performance, while fully interacting with Hybrid Cloud topologies for rapid and agile Application Development and delivery?

Recently IBM announced the z13s, their latest addition to the System z server family. Some 13 months following the release of the Enterprise Class z13, the z13s offers a granularity of capacity from 10 MSU (~100 MIPS) for the 2965-A01 IBM z13s Entry Model to 884 MSU for the 6 Engine 2965-z06 IBM z13s. From a System z MLC software TCO viewpoint, an annual cost of ~£150,000 (~$200,000) applies for a 10 MSU (~100 MIPS) system configured with z/OS, CICS, DB2, WebSphere (MQ), Programming Languages (I.E. COBOL, Java, et al) and a modicum of Systems Management software. Therefore over a 3 year period, the realm of possibility exists for a commercial business to leverage from today’s unrivalled RAS (Reliability, Availability and Security) attributes of the z13s server, for ~£500,000. Even this cost base could be further optimized with use of specialty engines (I.E. zIIP, IFL) and current MLC pricing regimes (I.E. zNALC, zCAP, et al).

IBM state the z13s is enabled and optimized for hybrid cloud environments and can help secure critical information and transactions better than before. Clearly the IT landscape is rapidly evolving, with an ever increasing requirement for secure and timely access to increasing amounts of digital data, primarily from mobile devices. This paradigm shift of data creation and access dictates that cybersecurity is a fundamental and mandatory requirement for each and every organization, where the System z server has always delivered the highest levels of security, currently certified at EAL5+ (Common Criteria Evaluation Assistance Level 5+).

Businesses need to be flexible, dynamic and agile, being mindful of TCO optimization. It was forever thus, Information Technology teams must embrace social and mobile trends and the challenges they create. This requires new insights and ways to integrate these trends into existing processes and IT infrastructures. Incorporating these new insights and opportunities into business processes and associated IT disciplines helps the business grow and be competitive, while reducing cost and increasing efficiencies. Leveraging from technologies such as the latest z13s server can assist organizations in reaching this enterprise class infrastructure, but a combination of IT infrastructure management best practice and leading-edge technology is required.

The z13s is designed for the toughest real-time business challenges. It provides significant scalability attributes in terms of memory, I/O and single footprint CPU power that responds instantaneously to business processing fluctuations. Therefore the z13s helps organizations meet mission critical Service Level Agreements (SLAs), with real-time delivery and analytical insight for ever increasing amounts of business data and information, delivering an advantage of more timely business decisions. The flagship IBM z/OS Operating System supports the z13s processor topology, optimized for scalability, cost saving, advanced compression capabilities, reliability, availability and scalability. Delivered with the unparalleled System z security attributes, the z13s provides best in class data protection for business users, customers and partners alike.

For those organizations that have never considered a System z Mainframe before, the z13s delivers an eminently affordable IT platform that delivers a compelling infrastructure for today’s hybrid cloud environments. From a dispassionate viewpoint, some cloud deployments (I.E. IaaS, PaaS) dictate the utilization of 3rd party server resources, which of course simplifies IT infrastructure management. However, it can also expose the business to scenarios beyond their control, whatever the uptime promise of the 3rd party supplier.

Arguably for the digital business with significant user bases (E.g. Millions to Billions), the highest levels of security and data protection is required, safeguarding all parties concerned from the clear and present danger associated with cybersecurity attacks. Therefore the use of hybrid cloud can benefit from agile and rapid Application Development processes, using open source and COTS (Commercial Off The Shelf) code, as and when required, with a “fixed cost” System z platform cost. However scalable and flexible public cloud (E.g. Google Cloud Platform, Amazon AWS/EC2/VPC, IBM Bluemix, SoftLayer, et al) environments can be, they will always be a 3rd party service and only the business can decide their own TCO, balanced with the value of business data and users…

From a security viewpoint, the z13s server technology leverages from two cryptographic hardware features. Firstly, the Central Processor Assist for Cryptographic Function (CPACF) delivers cryptographic support for the Data Encryption Standard (DES), Triple DES (TDES), Advanced Encryption Standard (AES) data encryption/decryption and Secure Hash Algorithm (SHA). Secondly the Crypto Express5S (CEX5S) feature is packaged in a PCIe adapter card containing a Cryptographic Coprocessor Subsystem housed within a FIPS Level 4 physically secure enclosure (Security Module). CEX5S delivers secure cryptographic functions for banking, finance and high data security environments. The primary customer application within the CEX5S card is CCA (Common Cryptographic Architecture). From a usability viewpoint, z13 cryptographic features support Format Preserving Encryption (FPE), for common user identity data strings such as Social Security Number (SSN), Personal Account Number (PAN), et al, with specific support for the Visa Format Preserving Encryption (VFPE) standard.

Since its inception, the IBM Mainframe has always delivered consistently low transaction response times, especially when a workload grows, sometimes peaking with an abnormally high requirement. The evolution of the z13 architecture safeguards this industry leading transaction response time is maintained, even when applying the highest levels of EAL5+ security. It was forever thus for the System z platform, where marketing statements are supported by the requisite performance benchmarks, in this case detailing the many scenarios for z13 Performance of Cryptographic Operations.

In conclusion, whether an existing IBM Mainframe user or not, the TCO and indeed TCA (Total Cost of Acquisition) attributes of the System z platform reduce year-on-year. Such a cost profile includes the System z platform of worthy consideration for each and every business, with a workload requirement of ~100 MIPS (~10 MSU) or more. Moreover, the notion of decommissioning an IBM Mainframe for the modernization of a legacy workload should be consigned to history forever more. Quite simply because the System z platform is open to all the rapid and agile Application Development and Deployment techniques available to Distributed Systems platforms.

For your business, which do you consider first, the cost of your computing platform, or the value of your business service? With an ever increasing cybersecurity risk, the System z platform delivers a compelling cost ownership model for even an entry level workload of ~100 MIPS, leveraging from the most secure, reliable and scalable single server footprint. We should evolve our cost ownership models from cost per computing power MIPS, to the cost of each and every business transaction. If we can reduce transaction cost, while increasing business value and safeguarding our priceless business data, perhaps that is a computing platform cost versus value balance metric we can take forward forever more…

Posted in Mainframe Technology | Tagged Advanced Encryption Standard, AES, Availability, CCA, Central Processor Assist for Cryptographic Function, CEX5S, Cloud, Common Criteria Evaluation Assistance Level, Common Cryptographic Architecture, CPACF, Crypto Express5S, Data Encryption Standard, DES, EAL5+, Format Preserving Encryption, FPE, IaaS, Mainframe, MLC, PaaS, PAN, Personal Account Number, Reliability, Security, Social Security Number, SSN, System z, TCO, TDES, Triple DES, VFPE, Visa Format Preserving Encryption, z/OS, z13s, zCAP, zNALC

Recent Posts

  • Simplified Business Facing IBM Z Mainframe DevOps APM Problem Determination
  • IBM Z Mainframe Pre-Production Testing: Spring Into Stress Testing via zBuRST
  • Pervasive Encryption & Compression: Why z15 Upgrade Activities Are Optimal & Strategic
  • Simplifying Db2 for z/OS CPU Optimization: Eradicating Inefficient SQL Processing
  • Smartphone Security Dependency: Applying Mainframe Common Sense To Real Life…

Recent Comments

  • Jay Biggs on Extended Address Volumes (EAV): Pros & Cons

Archives

  • April 2022
  • April 2021
  • September 2020
  • May 2020
  • March 2020
  • June 2019
  • December 2018
  • November 2018
  • April 2018
  • February 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012

Categories

  • Application Development
  • Mainframe Personnel
  • Mainframe Software Costs
  • Mainframe Technology
  • Security Management
  • Storage Management
  • Uncategorized

Meta

  • Entries RSS
  • Comments RSS
Proudly powered by WordPress