buchachon - Fotolia

IBM z15 mainframe secures data across multi-cloud environments

IBM unveiled the latest in its line of mainframes capable of processing 1 trillion web transactions a day. The IBM z15 mainframe's software can manage data across multiple clouds.

IBM today premiered the latest member of its mainframe lineup, containing improved security software that builds on its existing Pervasive Encryption offering, improved methods of building cloud-native applications and added processing power that can support 2.4 million Linux containers on a single system.

The IBM z15 mainframe features the newly minted Data Privacy Passports technology, which provides IT mainframe administrators with more control over how data is stored and shared. It also offers the ability to provision data and revoke access to that data across hybrid multi-cloud environments, no matter where that data travels.

Addressing the issue of data increasingly either constantly moving around or residing in siloed environments, IBM introduced Trusted Data Objects (TDO) features designed to provide data-centric protection by staying attached to the data whenever it travels from point to point. The offering builds on the pervasive encryption technology that came bundled with the z14 mainframe over two years ago.

Middleware that controls and travels with data

It is this constant movement of data circulating among a user's business partners and other third parties that causes a majority of the recent data breaches, along with the growing adoption of multi-cloud environments, IBM said.

With Data Privacy Passports, users can enforce a companywide data privacy policy capable of surfacing different views of data to different sets of users on a need-to-know basis. The TDO technology can also be used to prevent collusion among data owners, which could lead to critical data falling into the hands of hackers.

"Think of it [Data Privacy Passports and TDO] as middleware that controls and travels with the data," said Ross Mauri, general manager of IBM Z. "Our clients might need to access data and analytic insights not in minutes, but maybe in a fraction of a second, along with the ability to control the privacy of that data at a very granular level."

Most analysts believe IBM is taking a step in the right direction by offering added protection for increasingly complicated cloud-based environments.

"A week doesn't go by when there's yet another security disaster exposing the data of millions of people," said Charles King, president and principal analyst at Pund-IT. "Data Privacy Passport appears to be a way to extend the security [of the z14's Pervasive Encryption scheme] to sensitive information like intellectual property or data subject to compliance protocols and regulations."

Reinforcing loyalty

Is it a quantum leap ahead of the z14? No. But the message should resonate with C-level executives. It assures them they are still investing in the system.
Mike ChubaManaging vice president, Infrastructure and Operations group, Gartner

Another analyst agreed that enhancing IBM's existing security technology is a good, if not necessary, thing to keep long-time mainframe users loyal to the platform -- particularly in a time when there are alternative technologies offered by a number of cloud-based competitors.

"The mainframe has long been a platform where security and transactional integrity has been paramount," said Mike Chuba, managing vice president in Gartner's Infrastructure and Operations group. "With this announcement, they continue to innovate, but is it a quantum leap ahead of the z14? No. But the message should resonate with C-level executives. It assures them they are still investing in the system."

Capable of carrying out 1 trillion web transactions a day, the IBM z15 mainframe performs 14% faster per core and offers 25% more system capacity than the z14, Mauri noted. The system also has 25% more memory, 20% more I/O connectivity and an availability of 99.999999%, the equivalent of three seconds of downtime per year, he added.

This combination of added raw processing power, increased reliability and the ability to handle millions of containers across multiple environments could help keep the mainframe relevant in the voraciously competitive hybrid cloud market, a key area of focus for the newly merged IBM and Red Hat.

The IBM z15 mainframe
IBM's new z15 mainframe is capable of 1 trillion web transactions a day.

Depending on the success the combined company has in delivering compelling cloud-based products and services over the next year, it could help stimulate mainframe sales and take shares away from the dominant share Intel-based servers have among large corporate data centers.

But Gartner's Chuba is not optimistic that whatever success IBM-Red Hat has will result in many net-new zOS-based mainframe sales, that most of the z15's potential success will be among users interested in Linux.

"Almost all of the new accounts over the past couple of years are users running Linux," Chuba said. "They are not attracting many zOS users in any meaningful way. It is clearly an uphill battle to win more of those users."

What could draw interest among both Linux and zOS-based mainframe users is Red Hat's OpenShift, expected to be available on the new system by the end of this year. Given the improved speed and capacity of the IBM z15 mainframe, some analysts said it might serve as a showpiece for how well it can run OpenShift and other strategically important software in the hybrid cloud.

"[The z15] will be positioned as the performance platform to run the Red Hat software stack," said Frank Dzubeck, president of Communications Network Architects Inc. "This system gives mainframe users a valid alternative to the Power series, which has grabbed a lot of attention lately because of its higher performance."

IBM's Sierra and Summit supercomputers, both powered by IBM's Power 9 chip, are currently the first and third fastest supercomputers in the world.

Besides improving the z15's chip speed, IBM has come up with a new compression technology that allows corporate users to get huge amounts of data on and off the mainframe. The new compression offering, called the Integrated Accelerator for z Enterprise Data Compression, delivers 30 times lower latency and up to 28 times less processor utilization by compressing web transaction data before it is encrypted.

"It's not unusual for significant cost to be incurred as data is moved on and off mainframes," Pund-IT's King said. "If you can dramatically reduce the size of the files you are sending, you can take a big bite out of the time it takes to move those huge chunks of data from one place to another."

Dig Deeper on Data center hardware and strategy