IBM has a particularly big load of Big Data-related announcements this week (the first full week of October, 2015). It seems like a great time to take stock of what IBM has been up to lately.

  • IBM is unveiling Version 5.1 of the IBM DB2 Analytics Accelerator (IDAA) with new in-database analytics, in-database transformation, and accelerator-only tables. There’s literally nothing else like IDAA and its marriage of the world’s best, most secure Online Transaction Processing (OLTP) database with state-of-the-art, real-time analytics, warehousing, and business intelligence in a single, integrated information system. I literally don’t know of anybody who isn’t thrilled with their IDAA since it’s so thoroughly democratizing real-time, every-time analytics all the way out to end-users and mobile devices. This might be IBM’s biggest “killer app,” so do check it out.
  • Is DB2 12 here already? Almost. Yes, IBM is previewing its latest version of the flagship DB2 for z/OS. Among my favorite new features, DB2 12 will significantly improve its in-memory database capabilities and take more advantage of those many terabytes of system memory in the IBM z13 machines. There’s a great deal of emphasis on improved cloud provisioning capabilities including “SQL as a Service” (SQLaaS) RESTful interfaces. The new SQL TRANSFER OWNERSHIP statement is intriguing and mighty useful for maintaining security control over sensitive data. (And what isn’t sensitive data?) The efficiency improvements look unusually impressive, too, with IBM tossing out some bigger numbers than I’ve seen before. This’ll be a version you’ll have even more reason to get onto as quickly as possible even if only to pick up the efficiency gains, though you will likely have to allocate some more memory — an excellent trade to make. (Over-economizing on memory is false economy and a very bad idea.) If you’re interested in getting an early start on DB2 12 then IBM is putting out the call to sign up for the Early Support Program (ESP).
  • Version 8.8 of IBM’s Operational Decision Manager should be generally available in a couple months. Not only is this version particularly lucky in China, it’s particularly useful everywhere for its new “Decision Server Insights” feature that helps improve ODM’s ability to make snap decisions based on even complex rules and events. ODM for z/OS at least starts to imbue new, emerging cognitive computing and analytic capabilities into enterprise transactions and concurrent batch flows. As before it’s also a powerful, high performance way to cut down on application maintenance and, again, to democratize what used to be traditional application development. ODM is available for several platforms, but it’s an exceptionally strong fit with unique run-time benefits on z/OS and on Linux on z.
  • CICS Transaction Server Version 5.3 for z/OS is particularly notable for its new and enhanced cloud services capabilities, and the Java-related improvements are also impressive. No matter what programming languages you prefer — or non-programming approaches to building solutions — CICS TS probably has you covered and covered extremely well.
  • IMS Version 14 becomes generally available later this month, and (in particular) it includes several improvements that help assure continuous business service in what are among the most critical business and government systems in the world.
  • z/VSE users, this is your week, too: a new version of z/VSE and of CICS Transaction Server for z/VSE, both with lots of useful improvements. As before, I recommend pairing your z/VSE environments with Linux on z and/or z/OS to tap into those solution portfolios too, and IBM has a lot of options built into z/VSE to help you do that cost effectively.

To read up on these and other IBM announcements, visit IBM’s announcements Web site at

Posted in IBM.

My “(Blank) Needs a Mainframe” series of posts, such as the most recent Needs a Mainframe entry, are periodic reminders that there are effective, potent IT solutions that can help prevent catastrophic and costly security breaches: mainframes. Yes, I’m being deliberately provocative, but it’s time to shake some IT people out of complacency and their prejudices. We, the IT community (and its management, including business managers), are failing miserably, repeatedly. We are not protecting our users’ privacy and security. So let’s roll out more mainframes, now, because that’s going to help, a lot.

That said, it’s important to understand that security “magic” isn’t for sale. Most people would agree that mainframes, particularly those with the latest z/OS releases, are the most securable server platforms. They are also often the most secure, but that’s not a given and not automatic. Boeing and Airbus commercial airliners offer the safest mode of passenger transport, but if you’re either determined or careless enough then even those safe airplanes are crashable. Likewise, z/OS is chock full of wonderful security features and securability, but its operators cannot be complacent about security. Achieving and maintaining secure computing requires both the right technologies and talented people, preferably people who are at least slightly paranoid. Often, but not always, so-called “mainframe culture” includes a reasonable, healthy dose of security paranoia.

Another big reason z/OS is so securable is because it’s the only consequential operating system (and probably even the only operating system) that, within a single instance, is inherently multi-tenant and that so smoothly handles mixed workloads with differing SLAs. Other UNIXTM operating systems — yes, z/OS is a certified UNIX operating system — had different development heritages with different demands and development pressures. z/OS evolved in a unique way that’s quite helpful in promoting security. Moreover, because mainframes (and z/OS) are “I/O monsters” supporting mixed workloads, they make it possible to centralize (and recentralize) information, especially personally identifiable information (PII), authorizing (or not) every access, every time. They also uniquely facilitate true continuous business service when suitably configured and operated, and that capability also makes information centralization viable.

Think of it this way. If you’re trying to keep a secret, is it easier to keep a secret if 85 people know the secret or if one person knows the secret? Of course the latter situation is more securable. Likewise, mainframes uniquely facilitate thoroughly centralized information architectures with hundreds or even thousands of authorized application consumers/producers, and they do it with just one (or a couple, for continuous service) z/OS instances. With mainframes you can store, manage, and secure information “once and once well.” You do not have to copy your precious data to 85 (or 855) servers and try to manage that inherently unmanageable security nightmare.

….You can design and implement information architectures in highly centralized fashion with mainframes, and many mainframe owners do, with great results. Unfortunately, many do not. “Oh, just copy that data over here…” may be the spark that eventually ignites a security breach. Another problem: “Oh, just give us a RACF server ID that has access to the whole database….” See the problem?

But aren’t those mainframes impossible to work with and develop for? Expensive? No, and no. If there’s a major (or even minor), industry standard application development technology that a mainframe cannot run (and typically well), let me know. It’s at least hard to think of one. And of course it’s possible and highly desirable to authorize (at least) each and every data access request. For example, the base z/OS operating system comes with its own thoroughly standards-compliant, high volume LDAPv3 server (with TLS-encrypted connectivity) at no additional charge. So why aren’t you using it? I can’t think of a good or even mediocre reason why not.

I’m not happy with the wider IT community’s security performance right now, and I hope you’re not either. Let’s get our act together starting today.

Posted in IBM.