More Related Content Similar to Arcati Mainframe Year Book 2011 Similar to Arcati Mainframe Year Book 2011 (20) Arcati Mainframe Year Book 20111. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
The Arcati Mainframe
Yearbook 2011
The independent annual guide for users of
IBM mainframe systems
SPONSORED BY: PUBLISHED BY:
Arcati Limited
19 Ashbourne Way
Thatcham
Berks RG19 3SJ
UK
Phone: +44 (0) 7717 858284
Fax: +44 (0) 1635 881717
Web: http://www.arcati.com
E-mail: mainframe@arcati.com
© Arcati Ltd, 2011 1
2. Arcati Mainframe Yearbook 2011
Mainframe strategy
Contents
Welcome to the Arcati Mainframe Yearbook 2011 ............................................................ 3
XML and SOAP data binding for enterprise applications ................................................. 4
DataKinetics solutions for mergers and acquisitions .................................................... 10
Thinking outside the box – monitoring DB2 security on z/OS ....................................... 15
CA Mainframe Chorus ...................................................................................................... 25
The 2011 Mainframe User Survey ................................................................................... 30
An analysis of the profile, plans, and priorities of mainframe users
Vendor Directory ............................................................................................................... 54
Vendors, consultants, and service providers in the z/OS and OS/390 environment
A media guide for IBM mainframers .............................................................................. 117
Information resources, publications, and user groups for the z/OS environment
Glossary of Terminology ................................................................................................ 120
Definitions of some mainframe-related terms
Technical information ..................................................................................................... 146
Hardware tables – z196, z10; mainframe hardware timeline 1952-2011;
mainframe operating system development
SPONSORS
Action Software 47 EZLegacy 74
CA 25, 60 Higobi Systems 77
Canam Software 4, 60 Type80 15, 113
DataKinetics 10, 68
2 © Arcati Ltd, 2011
3. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
by Mark Lillycrop, Publisher
Welcome to the Arcati Mainframe Yearbook 2011
Welcome to the 2011 edition of the Arcati Mainframe Yearbook. I’d like to take this opportunity to thank those people and
organizations that contributed articles for the Mainframe Strategy section of the Yearbook, and those who took the time
to complete our mainframe user survey. As always, the results make very interesting reading. And, of course, I must
thank the advertisers and sponsors, without whose support this Yearbook would not be
available for mainframe professionals to freely download.
2010 will probably be remembered as the year of the cloud because it was the year when
cloud computing started to be taken seriously across the industry. Microsoft opened its
'mega data centre' in Dublin and promoted its Windows Azure environment for
development, service hosting, and service management based on the cloud. Google
worked with VMware to develop a new operating system for the cloud, and launched a
version of the Google App Engine for enterprise users. Amazon promoted its Elastic
Compute Cloud (Amazon EC2) service. And many people suggested that mainframes
have offered cloud computing all along – we just called it something else!
CA published a survey in September called “Mainframe - The Ultimate Cloud Platform?” It
revealed that 79 per cent of European IT organizations believe the mainframe is an
essential component of their cloud computing strategy. 74 per cent of respondents believe that the mainframe will have
a role in any cloud computing initiative, with 70 per cent agreeing that cloud computing will sustain or extend the
mainframe environment. In November, CA published a second survey, this time based on responses from US-based
mainframe executives, called “Mainframe as a Mainstay”. 73 per cent of the respondents in this research confirmed that
the mainframe is – or will be – part of their organization's cloud computing strategy.
Not all research has been quite so positive, however. Only 10 per cent of mainframe sites in a BMC survey in October
said that using their System z machines to run cloud computing or SaaS applications was an important priority for them
in the coming year. Meanwhile, a straw poll of attendees at the November Guide Share Europe conference found most
attendees focused on what was available now that would make the business run better and their lives easier – how
they could do more with less. Perhaps this indicates a difference between the attitude of mainframe staff, who want to
get the job done with minimum disruption, and senior managers who are looking more strategically towards the next
step.
The battle between IBM and NEON Enterprise Software (provider of the zPrime product, which allows users to run
traditional workloads on specialty processors) has
rumbled on in the courts for a year without any sign of an
The Arcati Mainframe Yearbook 2011 outcome. The European Union regulators have taken IBM
to task for not allowing its operating system to run on other
Publisher: Mark Lillycrop hardware, and for not being fair to so-called ‘spare-part’
Editor: Trevor Eddolls vendors. The first complaint came from T3 and
Contributors: Allan Zander, Jerry Harding, Stephen D TurboHercules, saying that IBM ties its mainframe
operating system to its mainframe hardware – and thereby
Rubin, William Buriak, Denny Yost, Canam Software
destroys the emulation market. The second investigation
was initiated by the Commission, alleging discriminatory
© 2011, Arcati Limited.
behaviour towards competing suppliers of maintenance
services. IBM stated that it intends to cooperate with any
All company and product names mentioned in this
EU inquiries, while denying there was any merit to the
publication remain the property of their respective
complainants’ claims. It then alleged that the accusations
owners.
were being fuelled by business rivals (it’s no secret that
Microsoft is a minority stakeholder in T3). IBM also
This Yearbook is the copyright of Arcati Limited, and
suggested that some of its larger competitors want “to
may not be reproduced or distributed in whole or in
mimic aspects of IBM mainframes without making the
part without the permission of the owner. A licence for
substantial investments IBM has made and continues to
internal e-mail or intranet distribution may be obtained
make”.
from the publisher. Please contact Arcati for details.
IBM has also been acquisitive this year, as usual. Amongst
this year’s trophies are National Interest Security
© Arcati Ltd, 2011 3
4. Arcati Mainframe Yearbook 2011
Mainframe strategy
Company, Initiate Systems, Intelliden, Cast Iron Systems, Sterling Commerce, Coremetrics, BigFix, Storwize, Datacap,
Unica, OpenPages, Netezza , PSS Systems, and Clarity Systems.
The big story of 2010, of course, was the launch of a new mainframe range in July. The zEnterprise 196 brings together
the latest mainframe technology with POWER7 and x86 IBM blade systems, giving potential users z/OS, AIX, and Linux
all on the one box. And all this is controlled from the mainframe console by the new Unified Resource Manager. This
new mainframe can be thought of as a virtualization hub that manages other workloads in the data centre.
IBM has taken the view that data centres are running more than one set of hardware, and sites are experiencing
problems with space for the hardware, keeping control of these different systems, and even communicating between
them – so integrating them seems like the obvious answer. The zEnterprise 196 includes 96 5.2GHz (up from 4.4GHz
on the z10) quad processors (80 of which are used by the client, and the rest are used by the machine itself) and up to
3TB of memory (double that of the z10). The new microprocessors offer 100 new mainframe machine code
instructions.
In terms of performance, the zEnterprise can handle 50 billion instructions per second, providing a 40-60 per cent
performance increase over the z10 without using any more power. A water-cooling option could help reduce energy
consumption by up to 12 per cent by removing air heat. The system also includes the first implementation of RAID
memory, which is like RAID for disks, and could be used to increase uptime to beyond the 99.999 availability of current
mainframe technology.
The zEnterprise BladeCenter Extension (zBX) operates as a tightly-coupled extension to the mainframe through a high-
performance private network. Users then add POWER7 or System x blades to four racks. The new Unified Resource
Manager allows users to install, monitor, manage, optimize, diagnose, and service resources and workloads from a
single console across the entire infrastructure. The new machine also includes a DB2 accelerator, called the Smart
Analytics Optimizer, which is able to route database queries either to the mainframe DB2 system or a specialist blade
server optimized for smart analytics. IBM estimates that complex database queries can experience up to a ten-fold
performance improvement in this environment.
For people who like to know the latest version numbers and dates of major products, CICS TS 4.1 has been available
since the middle of 2009, DB2 10 was announced earlier this year, as was z/OS 1.12, and IMS 12 should be generally
available early in the New Year.
All in all 2010 has been a particularly busy year for the mainframe, and 2011 promises to be just as lively. As users plan
the next stage of their System z growth strategy, I hope that the Mainframe Yearbook continues to be their indispensible
companion.
XML and SOAP data applications and XML is a key component of it. To
fully utilize the potential of SOA, existing
binding for enterprise applications have to be modified to consume or
produce XML or SOAP messages. The challenge
applications of turning XML data into formats that COBOL or C
applications understand has been holding back
Canam Software takes a detailed look Service or slowing down organizations in succeeding with
Oriented Architecture and how products like SOA. The more complex XML structures are, the
XML Thunder can be used to maximize the greater the challenge of binding them to COBOL
use of this environment. or C.
XML Thunder is a widely used solution for creating
Overview data binding programs between XML or SOAP, and
Service Oriented Architecture (SOA) has become COBOL COPYBOOKS or C header files. This
the most popular paradigm for distributed Windows based tool consists of a visual mapper
4 © Arcati Ltd, 2011
5. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
and a sophisticated code generator that
generates complete program code for z/
OS and other platforms. Let’s take a closer
look at what XML Thunder offers.
Parse XML content to a COPYBOOK!
In the context of XML and COBOL, parsing
XML consists of extracting XML content into
a format that can be stored and processed
as regular COBOL data structures. The
XML document is typically received by the
application from MQ, via HTTP or HTTPS,
a web service call or even as a traditional
sequential file. Once received, the XML
document is moved to a buffer. This buffer,
which is really just a COBOL working Figure 1: Mapping window
storage area, will be passed to the
specialized COBOL subprogram that
parses the XML content to COBOL fields. This Select the appropriate options and click on the
specialized subprogram is generated by XML Generate button. The Log area shows the results
Thunder and contains XML validation and parsing of the code generation. The generated COBOL
logic based on the XML-to-COBOL mapping and program is transferred to the runtime computing
content rules defined at design time. Each environment and compiled as usual. See Figures
generated parser (in XML Thunder terminology 2 and 3.
“XML reader”) is high performing and efficient
because it is custom designed for the specific XML
and COBOL structures mapped using XML Application program using an XML reader
Thunder. module
Now let’s take a closer look at how a COBOL
application program obtains the content of an XML
Easy parser development using XML Thunder document by calling an XML Thunder generated
As mentioned, XML Thunder’s mapper allows the XML reader module .
binding of COBOL fields to XML nodes. For
example, in Figure 1 you can see that the COBOL Remember, by the time we execute the CALL
fields BANK-ID, BANK-INCORPORATION-DATE, statement to the XML reader, the main application
and BANK-NAME are mapped to XML nodes called program has already gathered the XML document
BANK-ID, BANK-Incorporation-Date, and BANK- and moved it to a buffer in working storage. In this
Name respectively. This can be achieved by drag- case, we generated an XML reader with the
and-drop operation or via auto-mapping when using program name and id of BAXSDR.
the Wizard. The names and structures of the
COBOL side do not have to match those of the CALL "BAXSDR" USING
XML. CANAM-XML-DATA
CANAM-XML-BUFFER
Once the mapping is complete, the code generator CANAM-XML-STATUS
can be utilized to create the desired XML reader. END-CALL.
© Arcati Ltd, 2011 5
6. Arcati Mainframe Yearbook 2011
Mainframe strategy
CANAM-XML-BUFFER contains the XML
document that is passed to the XML reader
module BAXSDR for parsing.
On return from the call to BAXSDR,
CANAM-XML-DATA will contain the content
of the XML document parsed to regular
COBOL working storage fields based on
the mapping rules. From here on, the
content of the XML document is available
in regular COBOL fields for processing.
The CANAM-XML-STATUS structure
contains return codes from the call and can
be used for error handling.
COBOL encoding rules – flexible and
easy to modify
When creating an XML reader, encoding
rules for COBOL mappings are
established. These rules are extracted from
Figure 2: Generate XML parser an XML schema if one has been provided.
(XML reader) module In cases where a schema is not available
or does not define an encoding rule, toolset
defaults are used. These can be changed
to desired formats and lengths using a
property sheet on the mapping window.
Some examples of encodings between
COBOL and XML schema data types are
shown in Figure 4.
Feature rich XML and SOAP support
Generate your data binding as COBOL
programs or C classes to transform the
data content of your mapped (XML or
SOAP) to/from (COBOL or C) structures.
Generated code includes extensive support
for XML features thus saving developers
valuable time, improving productivity and
quality. See Figure 5.
Can I create XML writers?
XML Thunder can also easily generate XML
Figure 3: XML reader module
writers from mapping definitions. An XML
has been successfully generated
writer performs the opposite function of an
6 © Arcati Ltd, 2011
7. Shift into higher gear for
XML and SOAP processing!
Easy integration of XML and web services
using COBOL or C on z/OS
1 Select source (XSD, DTD, WSDL, XML or COBOL/ANSI C structure)
2 Map data structure to XML or SOAP
3 Generate program code to create or parse XML or SOAP
Exceptional XML and SOAP feature support:
UNION, CHOICE, ALL, NILLABLE, SEQUENCE, enumeration, ATTRIBUTES,
namespace; recursive structures, simple types, complex types, imports, includes
and more...
More unique features:
Automatic generation of readers and writers; XML PARSE support or native COBOL
code; validation; test harness; sample test XML/SOAP; and more...
Request your
evaluation copy
today!
sales@canamsoftware.com
www.xmlthunder.com
8. Arcati Mainframe Yearbook 2011
Mainframe strategy
XML Schema Type Default COBOL data type in XML Thunder
xsd:string PIC X(N) where N is maxLength from schema otherwise use toolset
default
xsd:positiveInteger PIC 9(N) or PIC S9(N) where N is totalDigits from the schema otherwise
use toolset default
xsd:int PIC 9(N) or PIC S9(N) where N is totalDigits from the schema otherwise
9(10) or S9(10).
xsd:byte PIC 9(N) or PIC S9(N) where N is totalDigits from schema, otherwise
9(3) or S9(3)
xsd:dateTime PIC X(20) with unformatted or PIC X(26) with Formatted or PIC X(32)
with time zone support; customizable edit pattern with default “YYYY-
MM-DDTHH:MM:SS.ssssss”
xsd:base64Binary PIC X(N) Where N is maxLength from schema otherwise use toolset
default
Figure 4: Examples of COBOL encoding for XML schema types
XML reader: at runtime, these modules assemble 100% Automated Code Generation
XML documents from the content of COBOL fields. From an XML Handler design, XML Thunder will
The call to the XML writer module is identical to generate a callable sub program containing all of
the XML reader. The difference is that before the code needed for validating, reading and writing
executing the call to the XML writer the CANAM- XML documents.
XML-DATA structure contains data to be used for
assembling a desired XML document. Upon return Full life-cycle solution
from the call, CANAM-XML-BUFFER will contain XML Thunder is a full life-cycle solution for both
the assembled XML document. Again, the CANAM- development and maintenance.
XML-STATUS structure contains return codes.
After a successful call, the application has full Very large XML document handling: XML
control over what is to be done with the resulting streaming
XML message ( eg transmit the XML using MQ, Do you have a very large XML document that does
call a Web Service, update a database, etc.). not fit into memory? XML Thunder’s node-level
processing makes XML streaming easy for both
reading and writing XML.
The Swiss Army knife of XML and COBOL data
binding Test harness generation
Auto-mapping with Wizard Full test harness can be generated with test data
An easy to use optional wizard walks you through for your XML binding modules.
the creation of your data binding/mapping to create
an XML Handler design.
8 © Arcati Ltd, 2011
9. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
CHOICE Namespace
UNION Recursive structures
ALL Simple types
NILLABLE Complex type (including nested complex types)
SEQUENCE Imports
Enumeration Includes
ELEMENTS Length
ATTRIBUTES Fractiondigits
Character and Entity reference MinLength
Schema restrictions MaxLength
CDATA Total digits
Encoding WhiteSpace Pattern, derives max field length, pattern not
enforced)
and more...
Figure 4: Supported features
Sample XML generation to COBOL COPYBOOKs or C header files. Get
XML Thunder can not only derive an XML schema your copy today at www.xmlthunder.com!
from a sample XML document but can also
generate a sample XML document for a given
schema. It can even validate the XML document What types of projects have used XML
against a schema! Thunder?
There have been many different types of projects
Automatic mapping documentation that have used XML Thunder. From SWIFT and
generation SEPA payment processing, through to gift registry
The mapping for your data binding is well management, vehicle licensing administration,
documented and can be saved for your project travel industry bookings, and insurance solutions
documentation. – organizations have successfully used XML
XML Parse support Thunder for many enterprise projects. Try XML
XML Thunder can generate either native parsing Thunder out today and see how easy XML and
program code or code that uses the XML PARSE SOAP processing can be!
statement.
XML Thunder Lite – free software for
COPYBOOK to XML conversion XML Thunder is available from Canam Software
Labs, Inc, 5770 Hurontario Street Suite 310,
Do you have the need to convert COPYBOOK Mississauga ON, L5R 3G5, Canada.
structures to XML representation without needing
to generate code to read and write XML? Download For more information please visit our web site at
XML Thunder Lite. This free development tool www.xmlthunder.com or contact
allows conversion of COBOL structures or C sales@canamsoftware.com.
header files to XML representation. And vice versa!
It can also convert XML,SOA,XSD, DTD or WSDL
© Arcati Ltd, 2011 9
10. Arcati Mainframe Yearbook 2011
Mainframe strategy
DataKinetics solutions for functions into a stronger, single organization. It will
do this by eliminating overhead and wherever
mergers and acquisitions possible leveraging the strengths of each of the
merging organizations as they existed prior to the
Allan Zander, CEO at DataKinetics looks at merger. In achieving these efficiencies, NewCo
issues and best practice solutions for merging will position itself for the ultimate challenges.
mainframe IT systems after a corporate
merger or acquisition.
Ultimate challenges facing new company
Growing market share, introducing new products,
Industry objectives cost effectively reaching a broader market place,
The forces driving companies into mergers and and growing earnings are the ultimate challenges
acquisitions vary by industry and also by general facing NewCo. The cost efficiencies harvested in
economic climate. Certain objectives are common the initial merger must be expanded, and NewCo
across these parameters, however; and they are must be positioned to quickly introduce new
to cost-effectively grow market share, efficiently products, eliminate old ones, and respond to
improve wallet share, and leverage core competitive pressures.
competencies (like operations, R&D, and
distribution channels) to accelerate growth. As The market place will expect NewCo to not only
attractive as these high-level objectives are, there to perform but to behave as a market leader.
are also some immediate objectives that must be NewCo will be expected to drive innovation, pursue
met. new standards, and position itself to acquire yet
additional companies, technologies, and
The merged company, which we will refer to as distribution channels to continue its accelerated
NewCo, will be the melding of different cultures growth. The process of building a culture and
with different strengths and different customers systems which easily integrate new enterprises,
into a single enterprise that must perform better along with the process of identifying and selecting
than the arithmetic sum of the pre-merger which enterprises to acquire, ultimately
businesses. Actions must be taken to preserve determines the industry leader.
revenues, identify and realize synergies, and
deliver improved earnings within 12 to 18 months Underlying both sets of challenges is the need for
of the merger being completed. These long- and systems to be able to support NewCo, both
short-term goals give rise to two sets of through its difficult initial challenges, as well as
challenges. during its subsequent expansion. An integration
team will typically be assembled to identify the
strengths of each original organization and the
Initial challenges facing merging companies best systems to support those strengths. They
will then lay out a strategy to integrate those
As soon as the merger is announced to the market
systems into a single platform that will support
place, investors, and employees, a variety of
the ultimate expansion. The skills and tools with
short-term challenges face NewCo. In order to
which these issues are addressed determine the
preserve revenues, customers must be retained
success of the merger.
despite differing sales and support processes. As
quickly as possible, NewCo must appear as a
single enterprise with a uniform set of
Mastering the merger – converged customer
nomenclature, rational pricing, and rational
experience
distribution. It must also be able to quickly realize
cost reductions by consolidating redundant Within the IT organization, the challenge is to
quickly make NewCo appear as a single,
10 © Arcati Ltd, 2011
11. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
Figure 1: Merging companies with multiple disparate IT systems
seamlessly consolidated enterprise. Customers Typically within 18 months, NewCo must be able
must see NewCo as an improvement on the pre- to merge the systems, demonstrate cost
merger company in terms of their experience and efficiencies, and have laid the foundation for future
the breadth of products and services they can now additional acquisitions.
easily purchase. Competitors must see NewCo
as both larger and more competitive than either When companies merge, usually an analysis of
of the two organizations prior to the merger. the IT systems is done, and a decision is made
Investors must see a plan to derive earnings that whether to maintain coexisting IT infrastructures,
reflect eliminated redundancy and efficient retain one, the other, or start afresh with a
operations. A key element in all of this is the completely new system. Maintaining status quo
underlying systems that support these activities. is rarely the best option, as there will undoubtedly
be a significant amount of duplicate applications
Companies that merge enter with large amounts and data. In most cases, to minimize risk, the best
of complex customer data, different product existing applications are selected; and to these,
tracking systems, different pricing mechanisms, enhancements are added to address the specific
and large amounts of support related data (as capabilities of the replaced applications. This
shown in Figure 1 below). For each of the pre- approach minimizes the amount of rework
merger companies, these represented a required.
significant value and a significant IT investment.
Merging disparate databases and incompatible Figure 2 shows the ideal end result – a single,
applications is a daunting challenge for any IT merged company with a completely converged IT
organization, but it is even more critical for NewCo. infrastructure, with little or no duplication of
© Arcati Ltd, 2011 11
12. Arcati Mainframe Yearbook 2011
Mainframe strategy
Figure 2: Merged organization with converged IT systems
spending, material or effort. The path to this end existing table-driven systems are half-way there.
is never an easy one – in all cases there will be Table-driven systems are extremely flexible and
some level of rework required. Just how painful lend themselves very well to integration processes
the process is, largely depends on the like an IT systems merger. If existing systems are
characteristics of the original IT system not table-driven, developing new applications that
infrastructures, and the decision-making process. are table-driven is the best approach going forward.
The ability to seamlessly merge information from
A major consideration should be what the IT disparate sources, create a table-driven system
infrastructure looks like at the end. It must be that is easily modifiable in the future, while
capable of accommodating future mergers and improving the speed of application execution is
acquisitions – to minimize the pain felt during the the special domain of DataKinetics tableBASE.
current exercise in any future exercise. Any
12 © Arcati Ltd, 2011
13. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
Manager, Mainframe Ops
It's 5am and that batch job hasn't nished
running yet!
What do you do? Optimize.
Optimize your batch window— run those critical batch
applications in 1/10 the time that they need now.
Finish your batch runs in minutes, or a few hours at the most.
We're optimizing batch windows for 20% of the Fortune 50, and
we can help you, too.
Download our white paper, “Batch Window Optimization,” at
Contact us: www.dkl.com/batch44/
+1-800-267-0730
info@dkl.com
www.dkl.com
© Arcati Ltd, 2011 13
14. Arcati Mainframe Yearbook 2011
Mainframe strategy
Achieving competitive advantage engineering their applications, the best parts of
In order to derive the most synergy from the the existing code are combined with the table-
strengths of the pre-merger companies, the new driven programming techniques to create one
IT infrastructure must be purposefully designed single, more efficient, more flexible application. By
to accommodate disparate business rules and having the business rules in memory, new sets of
different product nomenclature easily. To achieve business rules can be added to reflect the
this, the applications must be modified to operations of new acquisitions as they are
centralize the business rules in in-memory tables consummated.
so multiple applications can reference them and
so that they can be readily changed (as shown in The story on the product side is very similar. Order
Figure 3). Implementing a DataKinetics tableBASE entry systems and service commissioning
solution embeds the logic within in-memory tables. systems can draw on disparate back-end delivery
Not only is performance improved by greatly environments, but by capturing the product
reducing the DASD access, but from re- information in memory can represent these
products in a uniform way. Different product
numbering systems, product configurators, and
pricing systems can be hidden from order entry
and sales personnel, simplifying their interaction
with clients. As products change, the underlying
tables housing the product information change but
the applications do not and the user interface to
the sales organization remains unchanged except
for the new items.
The result of putting both business rules and
product information in memory is a strategy that
can readily adapt to changing market conditions,
can easily absorb new companies, product lines,
or operations without affecting their ability to sell
and support their products. The speed with which
NewCo can adapt to market and technology
changes provides sustainable competitive
advantage.
Benefits delivered by DataKinetics
For over 25 years DataKinetics has been providing
table management and performance optimization
solutions to Fortune 500 companies. These
companies have adapted and grown as markets
have changed and economic conditions have
varied. By using tableBASE to capture and
administer account, product, and customer
information, clients have been able to acquire and
Figure 3: Business rules embedded in
merge with other companies in record time. A good
application code (top), and externalized
example of this is a large US bank that acquired a
into in-memory tables (bottom)
West Coast regional bank. The analysts indicated
14 © Arcati Ltd, 2011
15. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
that it would take almost two years to merge the capital expense, and efficient IT infrastructure
systems and provide consolidated statements utilization. This contributed to more cost effective
and support to their clients. Using tableBASE, they operation and improved earnings per share.
met this objective in less than six months. Equally
importantly, the redesigned in-memory table-
oriented applications using tableBASE allowed
them to repeat this process for subsequent DataKinetics solutions are the mainframe
acquisitions. optimization technologies of choice for rapidly
growing market adaptive companies. By
Another example where DataKinetics had a direct leveraging existing IT investments, DataKinetics
impact on enterprise performance was in the retail optimization provides strategic business flexibility
industry. As retailers combined and merged to and competitive advantage to industry.
form new larger retail companies, tableBASE was
used to merge the product configurators and order Allan Zander is the driving force behind
entry systems and allow the new company to DataKinetics’ recent growth. An engineer by trade,
tremendously broaden their offerings seemingly and an entrepreneur by heart, Allan has founded
immediately after the merger. two businesses, and resurrected two others, before
being asked to join DataKinetics. He has
In all of these situations tableBASE also allowed successfully added his personal energy and
the newly formed company to enjoy increased marketing skill to an already successful company,
computing performance, reduced operational and and has brought in more new business than the
company has seen in many years.
Thinking outside the box – The records are required to be protected
according to the Federal Information Security
monitoring DB2 security on Management Act of 2008 (FISMA, also referred to
as US Senate Bill S.3474). FISMA mandates that
z/OS “the underlying framework that information
systems and assets rely on in processing,
Jerry Harding, Stephen D Rubin, and William transmitting, receiving or storing information
Buriak explain why every company is at risk electronically” have adequate security. It goes on
of losing information and therefore security to say, “Meaning security commensurate with the
must be given the highest priority. risk and magnitude of harm from loss, misuse, or
unauthorized access to or modification of
Executive summary information”.
The President of the United States recently
announced plans to develop a comprehensive Web connections to data residing on the
universal healthcare system. This program will mainframe DB2 platform through z/OS Web
require the highly sensitive records to be stored Services, CICS® and TSO® have added
on massive computers. Essentially, they will be a functionality to legacy processing and brought
“DNA footprint” for millions of Americans. Security transaction processing to new levels. It has also
for these records should not be thought of as “after introduced a new perception of vulnerability.
the fact” and will require vigilant and pro-active Mainframe Security Administrators sometimes
monitoring of security regardless of the host view it as opening up the mainframe to “intruders.”
operating system.
© Arcati Ltd, 2011 15
16. Arcati Mainframe Yearbook 2011
Mainframe strategy
The "bad guys" are finding new inventive ways to found to be incapable of countering security threats
obtain corporate and personal information and to of modern days. Finally it will discuss the methods
disrupt a company's business as was done by that can be adopted to counter the latest security
someone holding the State of Virginia’s medical threats and how these tools work.
records hostage and demanding a $10 million
dollar payment.
Background
Most of the Financial, Healthcare and Security teams for z/OS DB2 commonly use
Pharmaceutical industries keep their vital records security products from IBM and Computer
on DB2 and other databases residing on the IBM Associates for reporting. They are the first levels
z/OS mainframe platform. Government interests of defense. These products either allow or deny a
in these corporations will lead to the next wave of user access to a resource. Unlike UNIX and other
exchange of information among them and it is operating systems security, it is a simple yes or
expected that private industries sharing database no decision. If security is denied, a violation event
information with the Government will soon have will be recorded on the security log files and in
to comply with the FISMA guidelines. most cases a message will be issued to the
primary console. The event may go unnoticed until
But regardless of the industry and whether or not the System Administrator runs a violation report
they fall into the FISMA regulations, every company in response to an incident.
is at risk of losing information. Security is not
always the highest priority in a corporation until it DB2 is capable of keeping a separate log file of
is named in the lead story on the evening news or events throughout its course of normal processing.
Wall Street Journal and you are requested to testify These log files are a mainframe operating system
before Congress. function called System Management Facility or
“SMF®” records. The DB2 SMF records contain
This paper puts its focus on ways to monitor z/ information related to many different types of
OS DB2 database security by thinking outside the events occurring within the system. The level of
box. It will offer alternatives in developing an granularity depends on configurations of the DB2
efficient security framework to monitor security audit trace at the individual table level. The SMF
settings and protect confidential data from ‘bad records provide data useful for investigating
guys’ in an effective and economical manner. This security events and if used in combination with
paper will also explore the tools that are available other resources, help investigate possible attacks
for developing such a security framework. The and breaches for incident response, auditing and
main focus is placed on security tools that can be compliance purposes. The DB2 SMF records are
used outside the mainframe security framework. created in binary format and are not readable by a
The stress on “thinking outside the box” is plain text editor, making online viewing and
emphasized as the majority of the traditional tools interpretation almost impossible.
that fall within the mainframe security setting have
failed to meet today’s security, auditing and
compliance mandates. It will detail the steps to Separation of duties
be taken when setting up log collection and security One of the most fundamental aspects of the
analysis programs on the mainframe by using Sarbanes-Oxley Act of 2002 was the definition of
economical sources readily available. However, Separation of Duties. Having the same person
along with mentioning the efficiency of this system, monitoring security and setting up security is a
it will also put stress on the need for a new clear case of a violation of the Act.
framework as very often traditional measures are
16 © Arcati Ltd, 2011
17. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
Figure 1: The Forrester Group analysis of the cost per breach
The evolving security function “outside the box” in a centralized repository, (b)
The Security Administrators in most z/OS introduces new technologies and experience to
environments are responsible for monitoring mainframe computer security experts wishing to
security. In addition to defining and maintaining expand their careers, (c) allows non-mainframe
users and passwords, they assume the role of security technicians to become exposed to what
chasing down batch reports to answer periodic is happening “inside the box”, and is a win/win
security, auditing and compliance questions. proposition for the entire organization.
Some leading mainframe installations are creating
independent departments to actively monitor the The cost of a security breach
security using SMF event information. Other Reports on the average cost per incident for a
installations are placing z/OS security into totally computer breach vary from $1.5 million as reported
autonomous security groups that monitor Network, by the US Department of Justice to $4.8 million
UNIX, Windows and other operating systems. per breach as stated by a 2006 Ponemon Institute
Restructuring the mainframe security group (a) survey. The Forrester Group, a leading IT Security
allows mainframe events to be monitored from firm, provided the best analysis of the cost per
© Arcati Ltd, 2011 17
18. Arcati Mainframe Yearbook 2011
Mainframe strategy
breach. As the Figure 1 shows, Forrester went as One very good example of this occurred during
far as to break down the cost per record. the performance of a network vulnerability
Government Agencies, large companies hosting assessment at a large government agency. The
medical and financial databases and most network was compromised (with authority of the
financial institutions would obviously fall into the agency) and a workstation was hacked.
Company C profile. Application files related to a process running on
the workstation were examined. A mainframe
Hypothetically using this data if a hacker unencrypted DB2 logon ID and password were
compromised information from 1,000,000 credit found. The ID and password were then used to
cards according to the Forrester’s charts, cost log into the DB2 application on the mainframe with
estimates would be approximately $305,000,000. SYSADMIN privileges. This was just an exercise,
Beyond the financial implications a compromise but if real the damages would be unlimited.
of this nature would also include damage to
corporate reputation, loss of customers, and
increased regulatory scrutiny let alone the personal Weaknesses in DB2 application code
damage to the CIO and CEO There are two major concerns regarding DB2
application code being developed and running on
mainframe processors.
Personal liability
Information security breaches may go beyond
corporate boundaries and expose the corporation
to unwanted legal actions. Security exposures
derived from the theft of data has lead to three
class action law suits against the Secretary of
Veterans Affairs. The theft was a result of data
being transferred to a laptop which was later
stolen from a private residence of a VA Contractor.
The security breach affected 26.5 million records
with a VA estimate of between $100 million and
$500 million to prevent and cover possible losses
from data theft.
The Real Security Exposure to DB2 on z/OS
The most sought after target when attacking DB2
data on the mainframe is to acquire the privilege
settings of the DB2 System Administrator.
Compromising it and escalating the DB2 privileges
to a common user’s ID allows you to attack the
DB2 data virtually unnoticed. It is becoming more
difficult to do this in the modern days of DB2; 1 Random checks of application code being
however, an emphasis should be placed on developed using mainframe Web Services
monitoring accesses to critical information seems to be in line with the security guidelines
regardless of whether an individual has or does and standards of today but “you don’t know
not have the correct privileges. It is not always what you don’t know”. Application reviews by
safe to assume that a mainframe security product the mainframe ISSO are almost non-existent.
will always protect you.
18 © Arcati Ltd, 2011
19. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
2 Many of the DB2 legacy applications were Common to all companies are thousands upon
written prior to the 9/11 mentality when it was thousands of SMF records that are written daily
not cost-justified to change them to fit into the and in many shops the SMF logs switch once a
security conscious world we are living in today. day, twice a day or perhaps hourly, depending on
The inability to adapt these applications to the customer’s transaction processing volume.
today’s security awareness posture poses a The volume of SMF records created cause major
big problem for many large companies and difficulties making it impossible to monitor the high
government agencies around the world. volume from one workstation in real-time. Another
Especially when one considers that the DB2 problem presented is that these SMF records are
Data-warehouse containing the key corporate typically made available with time lags between
asset ‘data’ is updated, scanned, accessed reports. So for example if batch reporting on DB2
continuously supporting critical business SMF records by a bank are used to protect it from
transactions. There reside the customer files, a security breach against credit card information
medical information, credit card records, social and they are only available at best, on hourly
security data, financial records, etc., all prime increments, it presents a window of opportunity
targets for illegal information security breaches. for a breach.
The Government has responded with strict
regulations under HIPAA, SOX and Graham Another problem regarding batch reporting on SMF
Leach, along with financial penalties to records is that these historical foundations for
corporate officers who fail to comply. Under security, auditing and compliance batch reporting
these pressures it is time for corporate are not at all cost effective. In fact, the cost of
management to raise the bar for security manually reviewing logs is very high. Creation of
methodologies protecting DB2 on z/OS to the logs with an aim to provide security is one thing,
highest level. but actually manually reviewing and printing them
is very expensive. Often companies seem to be
reluctant in spending huge sums on reviewing
Using DB2 SMF records as event tracking these logs. But if a company does not review a
There are over 100 different types of SMF records log, then what is the purpose of putting efforts in
reserved by the z/OS operating system for various collecting them?
operational functions. Record numbers above a
certain level can be used for vendor products and
mainframe application programs. SMF record How to implement DB2 SMF Audit Trace
number eighty (type 80 records) are used by two Records
of the mainframe security products commonly SMF log analysis is very important when it comes
found on the mainframe. A third security product to monitoring DB2 security, auditing and
uses an SMF number assigned to it at the compliance. One of the best ways to do it is by
installation time of the product (commonly # 231) using the DB2 audit trace facility. The DB2 audit
and DB2 auditing uses SMF record type 102. The trace facility must be turned on for each table you
SMF records are written to files after the wish to monitor. This is done by using the AUDIT
mainframe operating system performs an event. clause at the time of the CREATE of the table.
The mainframe Systems Programmer is Additionally, Audit Trace classes must be activated
responsible for defining the size of the primary and in order to collect the data in the DB2 SMF records.
secondary SMF files. When the primary file fills, Each class is associated with the type of DB2
the secondary becomes the primary and the events you wish to monitor. The DB2 Audit Trace
original SMF file is archived. Classes are as follows:
© Arcati Ltd, 2011 19
21. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
Class One Class Ten
Access attempts that DB2 denies because of (DB2 V9.1) CREATE and ALTER TRUSTED
inadequate authorization. CONTEXT statements, establish trusted
connection information and switch user
Class Two information.
Explicit GRANT and REVOKE statements and
their results. This class does not trace implicit Here is a partial list of DB2 security related events
grants and revokes. commonly monitored:
· Access rights
Class Three · Privilege changes, explicit privilege changes as
CREATE, ALTER, and DROP statements that well as administrative changes
affect audited tables, and the results of these · SYSCTRL and SYSADM activity
statements. · Changes to authorization
· Dropping of tables
Class Four · Inserting/changing records
Changes to audited tables. · Accessing data from unauthorized ID’s
· GRANT/REVOKE statements
Class Five
All read accesses to tables that are identified with For some classes, other activity within the DB2
the AUDIT ALL clause. audit trail information, important for computer
forensics and incident response, is the actual SQL
Class Six statement that was being performed at the time
The bind of static and dynamic SQL statements of the incident. It is a fingerprint to the table, row
of the following types: and column that the user was going after at the
INSERT, UPDATE, DELETE, CREATE VIEW, and time. Unfortunately, it is buried behind a very
LOCK TABLE statements for audited tables. complex index of binary bit settings within the DB2
SELECT statements on tables that are identified SMF audit trail record and difficult to interpret.
with the AUDIT ALL clause.
The DB2 Audit Trace facility is historically known
Class Seven for adding additional CPU overhead. DB2 has
Assignment or change of an authorization ID gotten progressively better when using this facility
because of the following reasons: with each new release and there has been a
· Changes through an exit routine (default or drastic reduction on that overhead. The latest IBM
user-written) statistics indicate that it will introduce less than
· Changes through a SET CURRENT SQLID 10% additional CPU overhead, per transaction, if
statement all of the classes are turned on.
· An outbound or inbound authorization ID
translation
· An ID that is being mapped to a RACF ID from Thinking “outside the box”
a Kerberos security ticket The mainframe operating system platform is the
premier transaction-processing machine and has
Class Eight always boasted industry-leading security
The start of a utility job, and the end of each phase technology. During many years of service, often
of the utility. under the most demanding conditions imaginable,
it has survived. It has proven itself time and again,
Class Nine and was awarded the U.S. Government’s highest
Various types of records that are written to IFCID certification for commercial security. However, in
0146 by the IFI WRITE function.
© Arcati Ltd, 2011 21
22. Arcati Mainframe Yearbook 2011
Mainframe strategy
a changing world with an increase in lost trade The events are expected to be condensed by agent
secrets, theft of personal identity, and wrongdoings software executing on a remote device.
by employees, associates and contractors, the DB2 SMF records can be excessive in length (the
strongest security mechanisms are essential. The SQL could be 4k alone) and should be filtered or
mainframe security concept of “allow” or “not condensed for any SEIM product. The process of
allow” simply may not be enough. It needs reading the security logs and condensing them
additional safeguards that help protect users and into warnings and alerts is expected to occur by a
data with features that were not possible until remote agent process residing on the mainframe.
recently. Doing so saves network traffic overhead and
expenses related to storing excess data in the
The answer to bringing mainframe security to the central repository on a mid-range disk device.
next level is; integrating mainframe “yes” or “no” Commercial vendors for SEIM products such as
security with existing network security products. NetIQ, Intellitactics, IBM, NetForensics, ArcSight
The mainframe security professional needs the and Novell often have remote batch or real-time
tools to accomplish this feat in a world where the process to collect DB2 information from the
Reagan-era motto “Trust but Verify” is essential. mainframe.
There are a variety of Log Management and SEIM
products supporting DB2 that may already be One way to leverage money already spent and to
deployed within your own organizations. These get the “employee of the month” award is to think
products sit outside the mainframe, on the outside the box and to integrate mainframe events
network, and collect events logging from firewalls, into one of the products that your company has
UNIX, Windows and other operating systems. Very already invested in.
seldom does a mainframe Security Administrator
tap into these resources. DB2 mainframe homegrown solutions
Developing a homegrown agent application to read
Log Management and monitor the DB2 SMF records, non-DB2 SMF
Log Management products are available from records, console messages, application
commercial vendors including LogLogic, Network messages and vendor products is an
Intelligence, Novell, Computer Associates, IBM and overwhelming and monumental task. The DB2
others. They are designed to collect raw log data. SMF records are considered to be one of the most
A partial mainframe solution is to route the console complex record formats and can only be
logs directly to the Log Management software. This interrupted by a veteran Systems Programmer.
is only a partial solution because the console logs Not including the DB2 SMF records in a
alone do not contain all of the information required homegrown solution would produce a highly
for fully monitoring the mainframe environment. A ineffective result.
better approach to Log Management is to use the
combination of raw data from console logs, Another interesting point is that the Sarbanes-
security log files and SMF data. Problems arise Oxley Act of 2002 definition of Separation of Duties
when you attempt to send the combined specifies that security personnel administrating or
information to the Log Management software monitoring should not be writing security code. In
because the volume of data traveling across the essence, homegrown written code, including log
network creates a lag time. The information does monitors and exits written by a security person
not arrive in a “timely manner” as required by within the organization, is in violation of the very
regulatory mandates as a result. audit finding that it was intended to resolve.
SEIM products supporting DB2 With that being said; and you decide to proceed,
SEIM products collect security events from many there are some complicated technical and design
sources other than the mainframe.
22 © Arcati Ltd, 2011
23. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
issues that have to be worked out before you even breach. Therefore, it is no longer efficient or safe
begin. These issues include: to rely solely on batch reporting and mainframe
· Asynchronous timing security systems that work strictly inside the
· Unacceptable consumption of CPU and mainframe, only recording on incidents where
Network resources security has been violated. It is now possible to
· Conversion of data from binary to text format use products to monitor mainframe security from
· Delivering the information on a timely manner outside the mainframe itself.
so that it can be immediately acted upon.
Among the various kinds of security products that
The complexity and costs related to the can work sitting outside the mainframe platform
development of a homegrown application is often are Log Management and SEIM (Security Event
cast aside by management when compared to and Incident Management) products supporting
the cost of purchasing proven software from DB2. Each of these products has their own pros
reliably vendors. and cons and there is no “one shoe fits all” solution.
The important point is that all these solutions are
more economical, efficient and faster than the
Summary earlier models in countering new types of security
DB2 z/OS is here to stay and will only grow to threats.
accommodate data warehousing requirements
and corporate business transactions. In the past So, how will you choose the correct software
the security emphasis always seemed to be on among the many alternatives? While choosing a
distributed systems. However the new particular security product that is able to work
Government regulations have leveled the field to sitting outside the mainframe platform, certain
include all data, as exampled under the Federal factors have to be checked. Here are some
Information Security Management Act (FISMA) of criteria that you may consider when evaluating a
2008. Every Government computer and network security product for your company:
is essentially required to protect its confidential · Scalable
data and any other types of records. These · Ease of use
standards are about to spill over into the · Room for lateral growth
commercial arena with the fusion of Government · Real time 24/7 event monitoring
and commercial entities. SOX and HIPAA have no · Ease of configuration and installation
computer boundaries regarding the compromise · Small footprint of mainframe processing and
of critical data. Unauthorized changes to patient minimum performance impact on mainframe
information or accounting records are all fair game systems
in the eyes of the law.
Companies should not wait for the incident to
In this paper we have addressed some important happen to make newspaper headlines. Although
issues relating to security breaches. They include the cost of protecting data effectively is high, the
how the mainframe platform works towards cost of a security breach is even higher
monitoring security of records, what the pitfalls considering the new laws governing the
are in the traditional methods of using DB2 SMF compromise of data. Companies can take a sigh
records for event tracking, and how the mainframe of relief now that there is cost effective and
platform can be modernized to provide improved comprehensive mainframe software available in
security monitoring of important and confidential the market. These products meet the current
records. An attack, especially on DB2 z/OS to needs of the corporations in the area of securing
obtain the privilege settings of the DB2 System confidential records of their own businesses as
Administrator, allows for a stealthy security well as of their clients, and have all the qualities
© Arcati Ltd, 2011 23
24. Arcati Mainframe Yearbook 2011
Mainframe strategy
that are required to counter today’s security company and IBM Business Partner in software
threats. They work efficiently with existing development. He has over 25 years mainframe
mainframe security products and make use of systems experience and 15 years security
SMF and console messages in appropriate ways. management experience. He has worked with
They are capable of tracking DB2 audited events, NATO’s Counterintelligence Lathe Gambit
several types of insider threats, delivering security project, the US Army Counterintelligence,
mainframe alerts in real time and easily integrating and other government, private and public
with other existing security monitors. organizations. He also provides professional
services to government agencies on mainframe
So, don’t let data breaches derail your career, or and security related subjects.
more importantly, your boss’s. Proactive
companies, having a track record of monitoring Stephen D. Rubin is the founder and president of
security logs from outside the box, are in the MMI. Under his leadership MMI has a track record
forefront of Government requirements and have of 20 years of financial success in creating
a solid framework in place to manage DB2 data business markets for information technology
and its associated risks. Doing so puts them, services (IT) across North America. Areas of
regardless of their industry, in a better competitive business include training, consulting services, and
position, with an ideal security posture that will software. MMI has trained over 3,000 IT students
allow them to participate in the very important data- representing over 400 corporations in database
sharing evolution taking place. design, information security, capacity planning
and distributed application development.
Professional service engagements have included
information security, server consolidation, and the
Founded in 2002, Type80 Security Software is a auditing of capacity planning and chargeback
leading producer of Mainframe security solutions. methodologies for both public and private sectors.
Type80's flagship product, SMA_RT, is a Stephen has authored white papers to drive
revolutionary host-based intrusion detection and market recognition and helped create the United
alert notification product for IBM mainframe States marketplace for a European software start-
computers running on the zSeries/Operating up client.
System (z/OS). Type80's products are designed
to protect information stored on IBM mainframes William Buriak has over 25 years of information
by detecting the presence of unauthorized and technology experience with an extensive
suspicious activity and delivering relevant alerts background in financial services, healthcare, and
to Log Management and SEIM products in real- technical and management consulting. Bill is a
time. By allowing quick and easy access to Senior Executive with demonstrated experience
important Mainframe-specific security events, in planning, developing, and implementing cost
Type80's products provide a valuable role in effective, innovative solutions to address complex
helping organizations around the globe meet business problems. He has broad recognized
various Governance, Risk Management and experience in managing mainframe systems,
Compliance regulations. Type80 is a privately-held Web based, and distributed systems. He has
corporation based in Alexandria, Virginia. extensive qualifications including vendor
management, consensus building, and strategic
Please visit www.type80.com for further planning skills. Currently working in the Security
information. Engineering area of a major world bank, Mr. Buriak
is responsible for compliance and control of a large
Jerry Harding is CEO of Type80 Security Software, number of global products.
Inc. Type80 is an emerging security technology
24 © Arcati Ltd, 2011
25. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
and-error routines to find solutions to problems. If
CA Mainframe Chorus a problem recurs on an infrequent basis, there’s
no easy way to document the solution so it can
Denny Yost takes a detailed look at CA be shared with others or quickly implemented the
Mainframe Chorus from CA Technologies. next time it occurs. Mainframe professionals also
find themselves switching between multiple,
For many large organizations throughout the world, disparate tools to perform their jobs, further
mainframe computing environments are an zapping productivity.
essential business asset that continues to grow.
Mission-critical applications hosted on Determining how to leverage the expertise of the
mainframes process trillions of transactions aging mainframe professionals, transfer their
annually for customers of banks, insurance knowledge to the younger generation of
companies, brokerage houses, various professionals, increase productivity to keep costs
government agencies, manufacturers, and a host low, and teach the younger generation how to use
of other organizations. However, if a mission- command-level mainframe tools is a significant
critical application or service isn’t available, challenge for CIOs. It’s a challenge that must be
customers suffer, causing significant losses in resolved soon.
revenue and customer goodwill. For this reason,
managing the mainframe computing environment
has always been and will always be vital to the A new, innovative mainframe management
continued success and viability of many large solution
organizations. CA Mainframe Chorus addresses the need for
easing the management of mainframe resources,
provides a standardized method of knowledge
The dilemma
transfer, and increases productivity through the
CIOs are facing several significant challenges to use of its role-based, unique interaction model.
keep their vitally important mainframe computing
assets performing at their best. It’s no secret that The unique interaction model of CA Mainframe
most mainframe professionals are specialists with Chorus delivers a new approach to managing
20 to 30 years of experience who will be retiring in mainframe computing environments for today’s
the coming years. When a problem occurs with and tomorrow’s information systems
z/OS, DB2, CICS, security, storage, or other professionals by combining a visual workspace,
mainframe components, the speed of correctly collaboration, automation, and the ability to capture
solving the problem is critical. Yet, years of and easily share knowledge into a graphically-rich,
experience and knowledge are needed to quickly integrated solution organized around the job role
know where to look and what action to take. The of the person using it. Here’s how it works.
experienced mainframe professionals have this
knowledge, but the younger generation doesn’t.
Getting younger mainframe professionals up to Easing mainframe management
speed quickly is also difficult due to the CA Mainframe Chorus presents mainframe
mainframe’s text-based, command-oriented resources in an intuitive, easy to learn and use
interface in contrast to one that’s graphical. graphical display known as the workspace. The
workspace includes a metric panel, workspace
Productivity is another issue. While experienced tabs, and the module section (see Figure 1). The
mainframe professionals possess significant metric panel is located at the top and is a
knowledge, they must still regularly reference continuously running horizontal scroll displaying
manuals, collaborate with others, and perform trial-
© Arcati Ltd, 2011 25
26. Arcati Mainframe Yearbook 2011
Mainframe strategy
Figure 1: CA Mainframe Chorus provides the base platform upon which different
role-based management components are built
the status of various performance variables (known to resolve issues has been a looming question
as Metric Icons) such as system, database, for the past few years. Experienced mainframe
application performance, and many others. These professionals know what commands to enter to
performance variables dynamically change color identify a problem, what actions to take to
based on thresholds to provide visual notice of implement a solution, and a host of other
various alert conditions. When the user clicks on information. How to capture the expertise of the
a performance variable, more in-depth information experienced mainframe professionals and make
is displayed in the workspace tabs area to present it accessible to the younger generation for learning
detailed data of what’s taking place. Since CA and using has been a quandary for many CIOs.
Mainframe Chorus provides an integrated solution,
a mainframe professional can further drilldown into CA Mainframe Chorus provides the ability to
a problem through seamless interfaces to other capture and store information. Policies,
products and take the appropriate corrective procedures, actions, and solutions can be
action. documented, readily available, sharable, and, in
many cases, automatically performed. The result
is a standardized method for knowledge transfer,
Knowledge transfer more effective management of mainframes, and
Capturing the knowledge of aging, experienced easier skill development for the next generation of
mainframe professionals and the actions they take mainframe professionals.
26 © Arcati Ltd, 2011
27. Arcati Mainframe Yearbook 2007
2011
Mainframe strategy
Figure 2: CA Mainframe Chorus helps users easily visualize complex DB2
relationships when navigating LPAR, subsystems, databases and other DB2 objects
Greater productivity Chorus can also automate the execution of
Being able to perform tasks quicker and easier is commands, steps or other workflow, potentially
always nice. Effortlessly performing repetitive and accomplishing in minutes what might take a
monotonous tasks faster is awesome. mainframe professional much more time to
complete.
CA Mainframe Chorus increases productivity in
several ways. Its intuitive interface makes
performing a wide variety of mainframe CA Mainframe Chorus for DB2 Database
management functions far easier, thereby Management
improving productivity for both experienced and CA Mainframe Chorus provides the base platform
inexperienced mainframe professionals. Since the upon which different role-based management
product is easy to learn how to use, younger components are built. The CA Mainframe Chorus
mainframe professionals can quickly be platform combined with one or more role-based
performing tasks that would otherwise take them management components delivers a total solution
months to learn and master. CA Mainframe to optimize performance, simplify management,
© Arcati Ltd, 2011 27
28. Arcati Mainframe Yearbook 2011
Mainframe strategy
and accelerate staff knowledge and experience. • Object Tree navigation and management of
The first role-based management component DB2 objects: Improve productivity and
being introduced with the base platform is CA visualization when navigating LPARs,
Mainframe Chorus for DB2 Database subsystems, databases and other DB2 objects
Management (note: other roles will be introduced • Alerts on DB2 threshold exceptions that provide
in the future). a launch point for easier troubleshooting: Focus
DBAs on priority Service Level Agreement
A unique user experience is delivered by CA (SLA) items and enable new DBAs to learn
Mainframe Chorus for DB2 Database these skills
Management for z/OS Database Administrators • In-context domain documentation with third-
(DBAs). The product helps streamline and party integration: Increase productivity of both
automate repetitive DBA tasks, freeing time for current and next-generation mainframe IT staff
more strategic projects. An example screen is through centralized, in-context knowledge
shown in Figure 2. Complex DB2 for z/OS • Near real-time performance monitoring with
relationships can easily be visualized, thresholds graphical displays: Manage the health of the
and alerts can be proactively monitored, and DB2 system as well as currently executing
performance bottlenecks can be quickly identified, applications.
diagnosed, and resolved to improve performance.
Best of all, action steps to follow, documentation
of actions taken, and other experiences can be
easily accessed and shared to help accelerate CA Mainframe Chorus and CA Mainframe Chorus
knowledge and simplify mentoring for the next for DB2 Database Management are available
generation of DBAs. from CA Technologies, One CA Plaza, Islandia,
NY 11749. Voice: 800-225-5224; Website:
www.ca.com.
CA Mainframe Chorus for DB2 Database
Management key features: See a demo; read a White Paper; get more
• Time series data graphing for DB2 application information – you can learn more about CA
performance data: Automate tracking and Mainframe Chorus for DB2 Management by
graphing of comparative historical data analysis visiting the vendor’s Website at http://www.ca.com/
for easier diagnosis and resolution of chorus.
performance issues
The 2010 Guide Share Europe UK National Conference was again held on 2nd and 3rd
November at Whittlebury Hall. To help stay connected, the conference centre offered free Wi-Fi
in public areas, and the conference provided 14 streams of seminars with five sessions per day
- a staggering 140 presentations over the two days. In addition to the CICS, IMS, DB2, Enterprise
security, large systems working group, network management working group, and software asset
management streams, there were four streams for Tivoli users, DB2 LUW, zLinux, and new
technologies. So there was definitely something for everyone. While management may feel that
a couple of days out of the office must mean IT staff are simply enjoying themselves, the truth is
these conferences help so much to share information and keep abreast of trends and new
developments. Many thanks to the organizers for setting up such an excellent event, and to
Mark Wilson who was conference manager for this year's conference.
28 © Arcati Ltd, 2011
29. who can change the way the
mainframe is managed forever?
Introducing CA Mainframe Chorus from CA Technologies.
CA Mainframe Chorus dramatically simplifies mainframe management to help make your people
more successful and more productive while helping you maintain worldclass Quality of Service.
CA Mainframe Chorus is a part of the CA Mainframe 2.0 strategy. It is both a fast on-ramp to
mainframe management responsibilities and a productivity engine designed to help you get
more value from your mainframe platform.
Simpler. Faster. More productive.
The first management role, “CA Mainframe Chorus for DB2 Database Management,” is
available today.
To learn more, please visit ca.com/chorus
we can
Copyright ©2011 ca. All rights reserved.
30. Arcati Mainframe Yearbook 2011
2011 user survey
by Mark Lillycrop and Trevor Eddolls
The 2011 Mainframe User Survey
An analysis of the profile, plans, and priorities of mainframe users.
Many thanks to all those who took part.
As usual our annual mainframe survey provides Responses from large mainframe vendors and
a snapshot of the System z user community’s multiple entries from different people at the same
existing hardware and software configuration, and site were excluded from the survey.
also their plans and concerns for 2011.
Respondents were from all over the world and their
This year we have continued to track the growth distribution is shown in Chart 1. 52% were from
of mainframe integration with Web services, cloud North America and 32% from Europe, with 16%
computing, and other areas of new development, from the rest of the world.
as well as gauging the extent to which ‘specialty’
6% 2%
8%
North America
Europe
Middle East/Africa
52%
Asia Pacific
32%
South America
Chart 1: Distribution of respondents
engines, and Linux applications are changing the As usual, a wide range of industry types are
face of mainframe computing. In addition, we have represented in our sample (Chart 2). Not
continued to explore relative cost in more details, surprisingly banking and IT account for a large
asking respondents how fast their distributed proportion of the organizations involved (28% and
server costs are growing relative to the mainframe. 20% respectively), with Government next with 16%.
And we have investigated how important “green” Insurance and retail both have 8% each. Transport
issues are to the mainframe community. and ‘other’ have 6% each. Health has 4%, leaving
education and telecoms with 2% each.
Profile of respondents
The mainframe user survey was completed by A third way to categorize respondents is to look at
100 individuals between the 1 November 2010 and business size. As shown in Chart 3, 44% of the
the 3 December 2010. Survey respondents were companies have in excess of 10,000 employees
either contacted directly by e-mail or other Web- worldwide,Below that, with 14% of respondents,
based means and invited to complete the are staff sizes of 0-200, 1001 to 5000, and 5001
mainframe user survey on the Arcati Web site. to 10000. 10% of respondents had 201-500 staff,
30 © Arcati Ltd, 2011
31. Arcati Mainframe Yearbook 2007
Arcati Mainframe Yearbook 2011
2011 user survey
2% 2% IT
4%
6% Banking
28%
6% Government
Insurance
8%
Retail
Transport
Other
8%
Health
20%
16% Education
Chart 2: Industry sector of respondents Telecoms
and four respondents didn’t reveal how many staff oscillates between the two options. 4% of
worked for their company. respondents said they were working in an
outsourced operation. This figure is down from
82% of our respondents were involved in running last year’s value of 9%. 6% said they were partly
in-house data centres. This figure is particularly outsourced (last year 3%).
interesting because it changes each year. In 2006
it was 85%, in 2007 it was 77%, in 2008 it was Installed MIPS and capacity growth
83%. Last year it was 76%. It is unlikely that some As in previous surveys we have used MIPS as
of our respondents outsource for a year and then the principal measure of capacity size. We asked
return to in-house working. Perhaps the most likely respondents to indicate the total mainframe MIPS
explanation is that outsourcing continues to suit installed on their systems, and the result is shown
some people and not others and the trend in Chart 4. 50% of respondents (slightly up on last
4% 14%
0-200
10% 201-1000
1001-5000
5001-10000
44%
10000+
14%
no response
14%
Chart 3: Number of employees woldwide in organizations surveyed
© Arcati Limited, 2011 31