October Editorial: You Can Have a V8
I had a chance to sit down with Doug Balog, Director, IBM S/390 software and Chris Holley, Brand Manager for IBM’s Network Communications Server for OS/390 at this past SHARE conference in Chicago to discuss "the most powerful release to date of S/390’s flagship operating system, OS/390." The new release, Version 2 Release 8 features several enhancements that demonstrate IBM’s commitment to the e-commerce initiative that many IS managers are now facing.
Holley explains that the OS/390 V2.8 enhancements are key to helping customers meet the requirements of e-transaction processing. Central to the new release are security and systems management features. These include the ability to dynamically manage VPN encryption keys through the Internet Key Exchange (IKE), enhanced management and administration of digital certificates used by both server applications and end users, higher availability of TCP/IP in an S/390 Parallel Sysplex clustering environment and the capability to print from ERP and Internet-related applications.
"As e-businesses grow, companies are realizing that success depends upon the ability to integrate their core business processes both within their own enterprise and across the value net of their suppliers, partners and customers," says Balog. "This is driving a dramatic shift in the nature and volumes of transactions, where a single Web site hit can spawn a multitude of transactions. This shift, known as e-transaction processing, brings with it a new set of infrastructure requirements.
Enhanced SecureWay Communications Server for OS/390 provides Virtual IP Addressing (VIPA) Takeover. VIPA Takeover allows real IP addresses for network connections to be associated with a "pseudo" address. If a connection fails, traffic is automatically routed to an alternate connection associated with the same VIPA.
The OS/390 Firewall Technologies IP Security (IPSec) VPN provides a secure pathway between OS/390 and other IPSec VPN-capable systems, routers and firewalls. Release 8 will be the exchange of encryption keys between the end-points of IPSec VPN can be automated and dynamically managed through IKE.
Also in Release 8, security against unauthorized access to S/390 SNA applications from TCP/IP users is made stronger by the addition of SSL client authentication to the TN3270 server.
Centralized management of digital certificates belonging to server applications and their related private encryption keys will help customers and application developers provide common, secure management of these server digital certificates. For more on digital certificates check out Joe McKendrick’s column on page 20.
Workload Manager (WLM) now provides the capability to prioritize workloads at the "request" level. For example, one Web request may produce database-intensive work, while another needs only to return simple Web pages, while yet another is executing a business transaction with security that links into a processing network.
What I find interesting are the tangible enhancements to the OS, of which both IS managers and users will quickly take advantage.
Cal Braunstein, CEO and Principal Analyst at Robert Frances Group (Westport, Conn.) sees the relevant issues in the announcement consisting of two key "externally focused" values to the CIO: improved TCP/IP failover and its workload manager. "The virtual IP failover provides greater availability. And this is good news." Concerning the workload manager Braunstein notes, "the CIO will be better able to service the e-commerce customer, by class of user. For example, by offering a high priority to buyers, versus one who just peruses."
Braunstein views the other enhancements as more internally focused, such as the ability to cut the costs of managing the system and the security. "Security is made more simple, as well as a few new items. Although this is good, it’s not as outward facing."