The Mainframe: Still Alive and Kickin' - Hard! Dain Rauscher Explores the World of the Mainframe and TCP/IP
Now that a new century has arrived, it is a good time to reflect on how wrong some industry pundits have been about mainframe computing. While it's been fashionable since the early 1980s to predict the demise of this corporate workhorse, the prophets of doom overlooked some key concerns that remain uppermost in the minds of CIOs, network managers and administrators.
They forgot that mainframe technology has been addressing the critical issues of reliability, availability and security for a very long time, while the open systems world is still struggling with them. They also forgot that as much as 70 percent of business logic and data is still housed on mainframes (Aberdeen Group - August 1999).
There is, however, one aspect to the flurry of bold predictions that is coming true. Even as mainframes prosper, the hierarchical network structure devised for them by IBM, and the Systems Network Architecture (SNA), is slowly being abandoned in favor of the TCP/IP protocol suite whose openness, manageability and functionality make it ideal for enterprise connectivity.
A key driving force has been the desire to emulate 3270 terminal sessions and 3270 functionality to the desktop via the TCP/IP protocol. A recent survey from International Data Corp. (IDC) reveals that the adoption of TN3270 clients this year will reach 23.1 million worldwide, making it one of the dominant means of desktop-to-mainframe connectivity.
Dain Rauscher Inc. is one of the largest full-service securities firms in the United States, with revenues last year of more than $740 million, and understands the importance of both the mainframe and TCP/IP.
The 1,180 private Investment Executives and 3,700 employees rely on TCP/IP or TN3270-based access to the mainframe to meet their individual investors and small business owners needs. The Minneapolis-based company is comprised of three major business units: The Private Client Group, Fixed Income Capital Markets Group and Equity Capital Markets Group (the Dain Rauscher Wessels division). In addition, RPR Correspondent Clearing, a division of Dain Rauscher, provides trade clearing and settlement services to 180 nonaffiliated broker-dealers throughout the United States and abroad.
As far as its communications needs are concerned, Dain Rauscher has vigorously adopted the TN3270 protocol and terminal emulation software for several reasons. Not only does it accurately preserve the look-and-feel of a 3270 terminal, but it also has a proven track record in the rough-and-tumble world of enterprise processing.
In 1997, Dain Rauscher was running multiple TN3270 emulation programs across the organization as a result of the merger of several financial institutions, including HostExplorer from Hummingbird Communications Ltd. (Toronto), Dain Rauscher decided to standardize on a single software solution. Since not all TN3270 applications are created equal, there were a number of issues that needed to be considered before the selection was made. Chief among them was the level of technical support, the ease at which mainframe data could be integrated with PC applications and total cost of ownership (TCO).
After a thorough testing and evaluation period, the company signed a 3,000-user license with Hummingbird. The decision to install one software solution was part of an overall strategy at Dain Rauscher to standardize whenever possible.
"What we look for are applications that tend to remain stable and do updating on a regular, but not too-frequent basis," says Richard Blasing, Manager of the Private Client Group support in Dain Rauscher's IS department. "Our strategy of standardization, really keeps our total cost of desktop ownership down. That's basically the framework that anybody should pursue."
"The main reason we chose HostExplorer was not because of what it could integrate in the sense of data and other sources necessarily," he says. "It was a far better product when we looked at different concerns, such as security and how it behaved on the Windows NT operating system. Not all Windows 32-bit apps run the same. We found HostExplorer had a lot more efficiencies and CPU utilization versus any 16-bit competitive product. It was also in line with, if not better than, other 32-bit programs that we looked at in the market. It had a lot of features that we liked, such as the ability to run macros and separate sessions if we chose to use them. HostExplorer gave us features in a way where we didn't have to use them if we didn't want to. Sometimes, companies just throw in a bunch of features and applications and it tends to create more problems than it is actually worth. I think Hummingbird has done a great job of defining a core set of features without having to always run them."
Once the decision was made to go with HostExplorer, Dain Rauscher IT specialists used Microsoft's Systems Management Server Installer, an add-on for SMS 1.2 that automates software application distribution to Windows-based systems. The SMS Installer provides efficient packaging of application installations and software patches, as well as tighter security through the use of digital signatures.
"Having the SMS Installer for remote installations really made it painless," says Blasing. One of the issues Dain Rauscher had to overcome because they had multiple TN3270 programs was how best to use HostExplorer to re-create the various macros. Working with the three major business lines, testing jobs were set up and distributed through the SMS Installer. Once all of the macros were converted, a successful and mass installation of HostExplorer occurred across the organization.
The macros themselves played a major role in Dain Rauscher's daily business operations. "[Some] were keystrokes that did certain functions on our proprietary screens, others did routing of trade activity, and some automated CICS in order to do certain trade functions," says Blasing. "We worked with each of the business units to determine if they really needed these types of macros or if there was another solution. Going through this process was the longest part of the project, once we made the decision to go with HostExplorer."
"We also used HostExplorer to help us with the terminal emulation of our RS/6000. We used the TMVT to access our RS/6000 applications that we have for commissions and WRAP accounts, which help us conduct money management and fee management-type services."
Today, HostExplorer represents the "window" into all of Dain Rauscher's account client information, as well as on the back office side of operations and trading. "It's basically one of the main vehicles for us to do the actual trade execution for our retail clients, whether that is on the operations side where we have our operational control areas or checking into accounts areas. We use HostExplorer to look at CICS screens, perform terminal emulation and run everything from data query reports from the mainframe to the actual in-house proprietary CICS transactions that are run against our client data. HostExplorer is the foundation for many of our day-to-day operations."
As part of an effort to constantly improve the integration of legacy data with Windows NT workstations, the company has continued to invest heavily in hardware and software upgrades over the past 18 months.
As a result, Investment Executives (IEs) can now give each of their clients access to equity research, including in-depth coverage of the consumer, energy, financial, healthcare and technology industries. In addition, Dain Rauscher introduced P11 450-MHz NT workstations last year allowing, IEs to access client account information quicker and enter trades directly.
Following the rule of standardizing whenever possible, in the Private Client Group, every desktop has the same set of applications on it, as regulated by the firm's corporate policy. There are several advantages to using this "cookie-cutter" approach since the typical Dain Rauscher Investment Executive doesn't really care if it's legacy or PC data that appears on their screen. What they do care about is accessing the right information in the quickest way possible. "Their main focus is selling and customer service," says Blasing. "They don't want to have a bunch of steps that they need to complete in order to do a straightforward task."
"We are trying to get desktops to a point where they run almost like microwaves: You put in the data, you press a button and the information comes back to you in order to reach customers better and faster. That's our philosophy. In the real world, it's hard to get to that simplified but it's something that we are striving to do."
The standardization strategy is one reason why Blasing is convinced the mainframe will never disappear from Dain Rauscher's data center in Minneapolis.
"The mainframe isn't going to go away," says Blasing. "It's a reliable database and a huge source of information. The question is how do we pull intelligent data out of the mainframe and present it in different fashions at the client level, in a GUI interface, for example? We see it as a central and fail-safe component for us, where we cull information out and export or transmit it to different databases."
While the pending introduction of Merced chip and the increased popularity of clustering will see more and more servers attempting to deliver mainframe-level performance, Blasing says, at this point, "There's still poor implications on replication and timing and how data is going to be picked up. With a mainframe you have solidity and experience to get data out and make it do more for you."
As with all organizations, the Internet and intranets play an integral role in the company's day-to-day operations. The Net in particular has become a "key component" of every activity for the retail brokers because clients now have high expectations when it comes to obtaining quick information.
Last March, RPR Correspondent Clearing introduced Investor Connect, an online service that allows clients to stay abreast of their account information.
Using that as a model, the Private Client Group launched Dain Rauscher Connect, a service in which customers can access account information 24 hours a day, seven days a week, to obtain a summary or view the total net worth of their portfolio. The Connect service also allows customers to check their order status, execute reports, and review 60 days worth of account transaction history.
"We consider the Internet as a valuable business tool," says Blasing. "I think the people that we support internally are much happier because they're able to get information and updates to their clients so much more efficiently. In a period of 12 months, the Internet has become an integral part of a retail brokers every day activities, and it's going to continue to explode."
The explosion is due to the fact the Web has become the de facto standard for global information exchange and is changing the way the world conducts business.
As Dain Rauscher has learned, in today's age of distributed computing, there is an ever-increasing need to access "anything from anywhere." Where information access was once limited to users with dedicated connections and protocol-specific terminals, it is now freely available with the touch of a keystroke.
About the Author: Gary Tyreman is the Senior Director of Product Marketing at Hummingbird Communications, and is the current Chairman of X.Org. He can be reached at email@example.com or at (416) 496-2200.
Enterprise System Security Issues
By Michael Duvall
In today's world of Web-enabled enterprise systems, all concepts of conventional security measures and the underlying philosophies are no longer necessarily valid. IT management faces the paradox of meeting the Web-enabling business initiatives, while maintaining the security and integrity of their corporate enterprise systems. Safeguards must be in place that prevent unauthorized system access (hacks) resulting in security breaches of sensitive proprietary information, deliberate sabotage, and other system disruptions. On a grand scale, system breaches compromise users' trust and are detrimental to the success of the organization. At a personal level, careers of IT management and staff are at risk.
IT professionals must provide a solution to meet the Web-enabling business goals of the company, and that means they must open their enterprise systems to the outside world - which in itself, is not a complex undertaking. However, employing the technologies to secure, administer and control user access can be a daunting experience. A comprehensive systems audit, analysis and review that includes IT personnel from all disciplines, as well as input from the user community, is a prudent measure.
An evaluation of the currently available technologies that may (or may not) be appropriate to meet one's goals plays a significant role in the approach to Web-enable enterprise systems. Just as important as their features, capabilities and benefits is how each will be applied to or integrated with one's corporate business systems. The IT manager chartered with the responsibility to Web-enable corporate business systems must be prudent in both the selection of the appropriate product/technology and how each is integrated with the IT environment. Protecting the capital investments in the IT infrastructure, as well as trained personnel are important considerations in the decision of the IT Web-enabling strategy.
There are three axioms that come to mind and are directly applicable for Web-enabling corporate business systems:
• "Don't throw the baby out with the bath water." Your corporate enterprise systems are a proven and reliable resource. Leverage your existing IT investment to the fullest extent possible is always a prime consideration.
• "A chain is only as strong as its weakest link." All facets of the system must be secure because a compromise at any level cannot be tolerated.
• "Don't put all of your eggs in one basket." Use your Web-enabled system as a first line of defense in the security war. Set up the protective barrier with the goal of stopping possible intruders well before they reach your valuable enterprise systems.
Well-established information systems are at the heart of modern corporate cultures. These systems typically evolve over time to be in harmony with specific corporate business processes and procedures. Protect these systems like the treasure they truly are.
Specific security issues that the IT organization face may come in many forms. Perhaps the most devastating is unauthorized access to sensitive corporate information, which may lead to irreversible damage to the corporation. A deliberate assault on a corporate system can render it completely unusable or cause it to crash. In either case, the result is the same for your valid and trusted users; a loss of confidence and productivity that affects the corporate bottom line and the corporate image.
The burden and responsibility on back-end mainframe systems to directly servicing e-commerce users can be readily off-loaded to an independent front-end system that functions as an abstracted host. Demarcation of the IT functions to meet the corporate goal of Web enabling corporate information systems protects capital IT investments. Corporate users well versed in using traditional 5250/3270 screens may continue to work in a familiar environment while "Web-enabled" users are serviced by the same back-end systems via an abstracted host.
The "division of labor" between the back-end system and the abstracted host strategically supports the requirements for overall system security and integrity. The abstracted host controls access to the back-end corporate systems by Web users, while complying with all back-end corporate information systems tried and true security measures. Operating in realtime and transparent to Web users, the abstracted host streams 5250/3270 screens to HTML. Incoming HTML forms are formatted and submitted to the back-end corporate systems in its native screen formats. With advanced pattern matching and auto-navigation capabilities, minimal demands, system resources, and/or CPU utilization is placed on back-end corporate information systems.
Isolating the back-end corporate systems with the abstracted host from direct access by Web users delivers modularity. An MSM (Master Service Manager) and ACLs (Access Control Lists) provide RACF and ACF2 functionality without having to place additional burdens on the core back-end corporate information systems. In compliance with industry standards for communication and encryption technologies, the abstracted host functions can reside on one server or be distributed among multiple platforms as required. Through use of digital certificates, RSA encryption, SSL and firewalls, and in conjunction with an abstracted host, IT management can be confident that sensitive corporate information and the related systems will be adequately guarded from being compromised.
Functionality of the abstracted host is based on modern languages and IT conventions that include C++, Java, and Perl that provide platform/vendor independence. As new e-commerce technologies become available, which they undoubtedly will, they can be rapidly integrated to support changing business strategies and processes.
About the Author: Michael Duvall is the Sales and Marketing Manager for MODCOMP Inc.'s E-commerce Division (Fort Lauderdale, Fla.; www.modcomp.com).