Host Integration Server, Not the Same Ol' SNA Server

Late thispast summer, Microsoft released the second beta version of Host IntegrationServer (HIS) for Windows 2000, also known by its code name Babylon. There arehigh hopes of this being the final beta of the rebadged and revamped SNA Serverfor Windows NT, but there are enough troublesome aspects to make one thinkotherwise. Documented issues like idle timeout’s not being enabled for TN3270and numerous other undocumented problems will almost certainly mean anotherround of beta testing prior to a release candidate. Many large companies arelooking forward to the enhancements in Host Integration to leverage theirinvestments in mainframe data warehouses for e-commerce and data sharing acrossthe Internet.

HostIntegration Server 2000 has the same hardware requirements as the Windows 2000Server operating system, and will run on Windows 2000 Server and Windows NTServer 4.0 although NT 4.0 Server must have Service Pack 6a (SP6a) installedprior to HIS installation. The MSMQ-MQSeries Bridge requires Windows 2000Server or Windows NT Server 4.0, Enterprise Edition. Installing HIS 2000 onWindows NT Workstation or Windows 2000 Professional is not supported forproduction use, only development.

One of thenew features added to HIS is the heterogeneous replication of data betweendatabases, which will leverage Microsoft SQL Server 2000. Oracle publishers andsubscribers get additional features for incremental and merge replication. IBMDB2 access has been greatly improved in this version along with a morestreamlined configuration manager.

WhileHIS 2000 is interoperablewith its previous version, HIS 2000 End-User Client,Administrator Client, Server, and Standalone Host Security Packages cannotcoexist on the same computer as Microsoft SNA server. Some SNA Gatewayenhancements to HIS 2000 include the ability to have multiple sessions for 3270clients, greater scalability of host printer server connections, and loadbalancing as well as hot backup for LU6.2 2PM applications. HIS 2000 SNAManager can be used to manage SNA Server 3.0 SP4 and SNA Server 4.0sub-domains. This means HIS 2000 SNA Manager can be used to view configurationsettings and to start and stop the services of SNA Server 3.0 SP4 and SNAServer 4.0 installations, but cannot create or save configuration changes.

With HIS2000, customers can get the same functionality that Secure Sockets Layer (SSL)provides, in addition to the benefits of native 3270 versus TN3270 emulation.While TN3270E works sufficiently well with most host applications, it is notthe native 3270 data stream that customers are used to. There's no pacing onthe session, causing the potential for emulators to misbehave when there areunsolicited host messages -- such as a broadcast message by the hostadministrator. TN3270E does not handle host graphics and is still known to haveproblems with 3287 printing. Other problems include unreliable handling of"Attn" and "SysReq" keys on the emulator and Structuredfields as well as extended attributes causing problems with some TN3720emulators.

Native 3270emulators have none of the above problems. In addition, when connecting anative 3270 emulator over TCP/IP to HIS 2000, users get the followingadditional benefits:

* Authenticationby Windows NT domain. The user is not allowed to connect to the host unlessfirst authenticated securely by Windows NT.

* Assignmentof logical units (LUs) to users and groups. Administrators can further setsecurity at the gateway level by allowing users access to only certain LUs orLU pools.

* Assignmentof LUs to a fixed desktop. Administrators can further allow access to certainLUs only from certain workstations -- by IP address or workstation name.

* Encryptionof all host-bound or host-originated data. An optional encryption featureallows administrators to force all 3270 data to be encrypted between thedesktop and SNA Server. Placing SNA Server in a secure location next to thehost gives organizations reasonable end-to-end security for all sensitive dataincluding host passwords -- which otherwise flow in clear text.

* Automaticlogon to host applications with the HIS 2000 Single Sign-On feature. Whencombined with the password synchronization feature, which works with TN3270clients as well, administrators can set up 3270 users to be automaticallylogged on to the appropriate host application.

* Automaticload balancing. The split-stack feature automatically balances the load amongmultiple servers.

As nearlyas important as what is new in HIS 2000, is what is no longer in the product.Microsoft removed support for many, probably obsolete, features, includingBanyan Vines, OS/2, FTP-AFTP Proxy, Alpha processor, and SNA Workstation. Our feeling is that none of these features will be missedas the product cuts loose excess baggage while moving into the future.

HIS 2000includes one-way password synchronization to mainframes with RACF, ACF/2, andTop Secret. A third-party host component is no longer needed to initiate apassword change from the Windows NT or Windows 2000 operating system to RACF,ACF/2, and Top Secret. HIS 2000 uses the standard Password ExpirationManagement (PEM) component on the host to make changes on the host. Thiscomponent is part of Advanced Program-to-Program Communication/CustomerInformation Control System (APPC/CICS) on the host. This feature enables Windows2000, with or without Active Directory, to act as the central/master securitydatabase.

Our testingcapabilities for HIS were limited, but we were able to perform basic testing ofthe new features and functionality. Microsoft provided this product with thesame level of polish that we’ve come to expect since the release of Windows2000. Enhancements like the conversion to an MMC-based multiserveradministration of all functions and Microsoft Windows Installer-based setupbrings this product up to the latest technology advances available forMicrosoft. Enhancements in scripting makes HIS easier to administer whileMicrosoft Windows Installer support provides for failed installation rollback,self-healing of damaged installations, and the ability for an administrator toconfigure the installation behavior of Microsoft Windows Installer by usingGroup Policy Editor on Windows 2000 or System Policy Editor on Windows 95,Windows 98, and Windows NT.

One veryimportant “gotcha” is that HIS 2000 cannot coexist on the same computer at thesame time as SNA Server since they are essentially the same product. SNA Servermust be removed prior to installation or upgraded to HIS 2000.

Overall,this product is a big move forward in supporting database interconnectivity.Applications such as data warehousing and e-commerce will gain significantproductivity from this long awaited upgrade.

HostIntegration Server 2000 Beta 2
Microsoft Corp., Redmond, Wash.
(425) 882-8080

+ Improvements in support for database interconnectivity
+ Replication of data between databases

- Must have Service Pack 6a installed prior to installation of HIS
- HIS End-User Client Server and Standalone Host
packages cannot exist on same computer as SNA Server

Must Read Articles