IBM Adds Encryption Everywhere Capabilities to the Mainframe
IBM today unveiled a z15 mainframe that takes advantage of additional processing horsepower to create Trusted Data Objects that allow organizations to employ Privacy Passports technology to encrypt data across a hybrid cloud computing environment.
Trusted Data Objects are attached to encrypted data to create a central point to track when and how that data is being accessed by whom. Each Trusted Data Object connects back to an embedded key management system running on the z15.
Barry Baker, vice president of software for IBM Z platforms, said that approach now makes it possible to encrypt data in a way that allows organizations to easily revoke access to it at any time.
IBM, with this latest iteration of the mainframe, is also adding support for an Instant Recovery capability that allows organizations to spin up additional cores as needed to limit the impact of planned and unplanned downtime. In addition, IBM is making available an IBM DS8900F storage system that not only increases uptime, but also provides access to disaster recovery options with near-zero recovery times.
Overall, the IBM z15 has 12% more cores than z14 and 25% more memory. It can process up to 1 trillion web transactions a day and scale out to run 2.4 million Docker containers in a single system, which IBM claims is up to 2.3x more Docker containers per core z15 LPAR than a comparable bare-metal x86 platform running an identical web server load. IBM is also able to take advantage of an Integrated Accelerator for z Enterprise Data Compression module on the mainframe to deliver 30 times lower latency and 28 times less CPU utilization on web transaction data before encryption.
IBM today also extended the appeal of the mainframe to organizations running Linux workloads by adding support for Cloud Paks based on Docker containers to run IBM tools and applications in place of a traditional application server. Linux-based workloads now account for roughly half the capacity being consumed on IBM mainframe, Baker said. In fact, he noted that overall capacity on mainframes has increased 3.5 times over the last three years. Much of that increased consumption is tied to both Linux and a desire to take advantage of the cybersecurity capabilities to secure data that are baked into the mainframe. By adding an encryption everywhere capability using Trusted Data Objects, IBM expects the mainframe to expand its growing role as a hub around which hybrid cloud computing environments revolve, he said.
A huge percentage of the data flowing through any enterprise starts life as a transaction processed on the mainframe. Analytics applied to that data then flow out to any number of platforms. By securing that data as it is created and leaves the mainframe, Baker said IBM is making a case for reducing the total cost of security by relying on encryption capabilities embedded in the mainframe. It’s unclear to what degree that approach might entice new customers to the venerable platform. However, for those organizations that already have a mainframe, it’s clear the downstream cybersecurity benefits of the platform have increased substantially.
— Michael Vizard
