Friday, February 19, 2016

IBM z13s Systems improves hybrid cloud security/attracts developers for mid-range!

By Rich Ptak

IBM announces its latest z System, the IBM z13s, with some good news. They have 50 net-new clients, a 35% year-over-year revenue increase and a 36% increase in MIPS shipped. All clear evidence of continuing mainframe market momentum. To continue the trend, IBM is targeting specific markets and attracting developers to write z System apps via innovative tie-ins with firms like Rocket Software. First, the IBM z13s.

The IBM z13s addresses a growing mid-sized market demand for integrated, affordable security. IBM’s Center for Applied Insights reported in Feb. 2016 that: “70% of front runners say that their hybrid cloud environment is causing them greater security concerns.”  Further documentation comes from on-going reports of data/security breaches and hacks of on-premise and off-premise systems. Data vulnerability, with the need to secure and assure its integrity, is of increasing concern. Further aggravating the problem is the easy creation of API-driven apps with ever more integrated services.

Security has been a mainframe strong-point since its earliest days. It remains the gold-standard benchmark for secure operations. But, the growth of cloud changed the nature of a secure environment. Types of attacks, data breaches and potential opportunities for security failure have grown along with style, speed and transaction volumes.

The z13s delivers new, enhanced security features optimized for hybrid clouds. These range from hardware-implemented advanced, platform-optimized[1] cryptography to sophisticated, intelligent security services, such as z Systems Cyber Security Analytics to warn of malicious activity, and IBM Security QRadar® to separate event anomalies from potential threats. While designed for hybrid cloud environments, some services extend to the end-points as they operate across private and public platforms.

Network vulnerabilities, attacks on data integrity, the growth of APIs, microservices and adoption of different hybrid cloud architectures add to the difficulty and complexity of providing all the solutions and services necessary to secure the operating environment. The combined result is a profusion of increasingly sophisticated industry-specific attacks. Addressing all of these in a timely manner exceeds the resources of any single company. Therefore, to complement and augment its own ongoing development efforts, IBM is cultivating and working with a growing ecosystem of leading edge industry partners and collaborators.  Three[2] mentioned in the announcement are:
  1. BlackRidge Technology – that extends security out to the network edge to authenticate a user BEFORE a connection is made.
  2.  Forcepoint’s Trusted Thin Client – that secures data at the endpoint, its most vulnerable point.
  3. RSM Partners – provides a view of the organizations overall mainframe security with penetration testing, security reviews, dashboards, etc.

 More information appears in the announcement press release, such as implementation details on integrated hybrid-cloud focused security enhancements. You can read the full announcement here[3]. But, there is more important news.

More good news missing in the Press Release!
The release doesn’t discuss IBM efforts “to bring IBM z to the forefront of innovation.” These are efforts to make it easier for developers (especially non-mainframe experts) to access z System capabilities and assets. Three tactics apply:
  1.   Leveraging APIs as the common language in a diversified world.
  2.    Delivering federated analysis via a hybrid cloud.
  3.     Leveraging cloud to become a managed service provider.

IBM is exposing z capabilities as APIs and microservices using a common API bus (IBM Strongloop, API Connect). Connecting the systems allows developers to leverage the strengths of Systems of Engagement (SoE – distributed, Linux on z[4]) and Systems of Record (SoR) environments. Having single channel API connectivity to all system types allows for application development without requiring z specific skills. Add existing open source capabilities, analytics, MobileFirst along to Cloudant NoSQL, etc. for node.js development, and the attraction of Linux on z as a SoE becomes obvious.

Development and testing are simplified, benefiting IT. Mobile apps more easily access SoR. Hybrid cloud applications are easier to build and deploy. APIs make it easier to leverage z scalability, reliability and availability. Having the full-range of Spark capabilities on z/OS allows sophisticated, real-time analytics as data remains in-place on its system of origin. This applies across platforms, operating environments and data types. Faster node.js runtime environment performance benefits developers. IBM quotes some users: “My run time got reduced from 20 sec down to 80-120 ms”. And, “With the simplicity to setup and the cheap cost, how could you not consider using it:”

Business benefit with reduced time-to-market. DevOps skills are more efficiently applied and effective due to transparent access across platforms. New revenue streams in response to business opportunities are developed faster. Speedy data access and intelligent analytics accelerates creation of new services using current data.

To attract those unfamiliar with the mainframe, IBM introduced something completely new. In an agreement with Rocket Software, every z13 now includes an entitlement to a non-production Rocket Data Virtualization[5] license. Developers get unrestricted development and testing capabilities to access and unlock mainframe data via modern APIs; again, no z Systems skills required.

We could continue. But, our point is that IBM provides a range of capabilities that make the mainframe more attractive and easier to use in today’s dynamic, highly competitive environment. It delivers on its commitment to support new services and capabilities on both z/OS and Linux. Its API oriented, hybrid cloud-focused strategy significantly lowers barriers to entry for developers and IT staff unfamiliar with mainframe specifics. Cloud-based services and access to mainframe capabilities dramatically lowers the cost of learning about and experimenting with the mainframe.  A winning strategy to attract a variety of customers.

All this is included in an entry-level priced IBM z13s with planned availability in March, 2016.  If this sounds good to you, find out more about the IBM z Systems family at and about IBM Security at

[1] Including hardware–accelerated cryptographic coprocessor cards with faster processors and more memory to process more transactions faster thereby lowering costs.
[4] For example: mixed workload z13s configurations running SOE apps on Linux on z, where the client can take advantage of hypersockets and colocation with z/OS.