The valiue of zEnterprise - GSE Belux z...Contact your IBM representative or Business Partner for...

© 2013 IBM Corporation

OPEN PLATFORM, SECURE FORTRESS

The Value of zEnterprise

Hans Schoone – Chief Architect zSecure and Manager IBM Security Systems Lab NL, STSM

© 2013 IBM Corporation2

Trademarks

Notes: Performance is in Internal Throughput Rate (ITR) ratio based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput that any user will experience will vary depending upon considerations such as the amount of multiprogramming in the user's job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve throughput improvements equivalent to the performance ratios stated here. IBM hardware products are manufactured from new parts, or new and serviceable used parts. Regardless, our warranty terms apply.All customer examples cited or described in this presentation are presented as illustrations of the manner in which some customers have used IBM products and the results they may have achieved. Actual environmental costs and performance characteristics will vary depending on individual customer configurations and conditions.This publication was produced in the United States. IBM may not offer the products, services or features discussed in this document in other countries, and the information may be subject to change without notice. Consult your local IBM business contact for information on the product or services available in your area.All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.Information about non-IBM products is obtained from the manufacturers of those products or their published announcements. IBM has not tested those products and cannot confirm the performance, compatibility, or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.Prices subject to change without notice. Contact your IBM representative or Business Partner for the most current pricing in your geography.This information provides only general descriptions of the types and portions of workloads that are eligible for execution on Specialty Engines (e.g, zIIPs, zAAPs, and IFLs) ("SEs"). IBM authorizes customers to use IBM SE only to execute the processing of Eligible Workloads of specific Programs expressly authorized by IBM as specified in the “Authorized Use Table for IBM Machines” provided at www.ibm.com/systems/support/machine_warranties/machine_code/aut.html (“AUT”). No other workload processing is authorized for execution on an SE. IBM offers SE at a lower price than General Processors/Central Processors because customers are authorized to use SEs only to process certain types and/or amounts of workloads as specified by IBM in the AUT.

* Registered trademarks of IBM Corporation

The following are trademarks or registered trademarks of other companies.

* Other product and service names might be trademarks of IBM or other companies.

Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. IT Infrastructure Library is a registered trademark of the Central Computer and Telecommunications Agency which is now part of the Office of Government Commerce. Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Windows Server and the Windows logo are trademarks of the Microsoft group of countries.ITIL is a registered trademark, and a registered community trademark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office. UNIX is a registered trademark of The Open Group in the United States and other countries. Java and all Java based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Linear Tape-Open, LTO, the LTO Logo, Ultrium, and the Ultrium logo are trademarks of HP, IBM Corp. and Quantum in the U.S. and other countries.

The following are trademarks of the International Business Machines Corporation in the United States and/or other countries.


“All clients are experiencing the phenomena of what we call ‘front office transformation’ – social media, devices, mobility – all reshaping the way they want to engage their customers, and how they capitalize on big data and analytics.”

– Ginni Rometty Chairman, President and CEO IBM

Cloud, analytics and mobile aren’t simply remaking computing … they are revolutionizing business models

A Defining Moment Is Before Us


90% of the world’s data was created in the last two years, but 1 in 2 business leaders don’t have access to data they need.

Enterprises see private cloud as the on ramp to cloud for the next 24 months.

BYOD challenges are

top of mind with 58% of users admitting using their own devices to access their employers network every day.

External threats are rated as a

big challenge with

two- thirds of CISOs expect to spend more on security over the next two years.

Business and IT face significant challenges in all of these areas


The real question: Will your infrastructure block or enable change?

Only 1 in 5 clients have highly efficient IT infrastructures

allocating 50% more of their IT budget to new projects1

1IBM, Data center operational efficiency best practices, April 2012.


Cloud Ready Highly scalable, agile heterogeneous enterprise private cloud

• Elastic, virtually limitless expansion• Shared everything design• Secure hybrid computing with

centralized management• Built on open industry standards

Data Ready Enterprise data repository that integrates operational analytics for accelerated insight• Enterprise data hub• High-volume secure and reliable

transaction processing• Integrated, real-time operational

analytics

Mobile Ready Connecting backend systems to mobile devices to turn each interaction into an opportunity• Build and connect to back end systems• Secure and manage with the highest

level of security• Extend and transform capabilities to

mobile devices

Security ReadyTrusted security and reliability for critical business processes, applications and data

• Ultimate data security protection

• Built-in cryptography• Unmatched resiliency and

availability

IBM continues to redefine and extend the role of the mainframe to deliver new strategic capabilities and deeper client value


Banking

Retail

Insurance

Mobile

Government

Healthcare

Education

Building better customer experience provides industry advantage

Financial institutions detect fraudulent money laundering activities and offer reliable and secure mobile applications for anytime, anywhere banking services.

Retailers boost revenue through discovery of customer buying behaviors and ensure compliance with Payment Card Industry (PCI) data security standards.

Healthcare payers and providers secure patient data and comply with HIPAA while creating real-time data insights to deliver more effective, preventative healthcare services at lower costs to patients.

Universities provide students secure, flexible virtual desktops and real-time access to university information systems to improve the student experience.

City Governments expand and coordinate and administer city services through citizen-centric applications.

Insurers rapidly develop and provide new offerings at lower costs and discover suspicious claims before payment to minimize loss.


Banking

IBM Smarter Analytics Anti-Fraud Infrastructure for zEnterprise: Architecture for banking fraud prevention on System z.

Insurance

IBM Genelco Insurance Administration Solution: Customer-centric and rules-based core Life, Health and Annuity solution.

Smarter Cities

• Intelligent Operations Center: Integrated data visualization, real-time collaboration and deep analytics to help city agencies.

• Social Services (Curam): Secure end-to-end social program service delivery, meeting citizens’ needs.

• Asset Management (Maximo): Support weapon systems, facilities, transportation and IT assets with a single platform.

Healthcare

• IBM Health Plan Integration Hub: Code and policy management supporting ICD-10 and future transformations.

• IBM Smarter Analytics Signature Solution: Anti-Fraud, Waste and Abuse for Healthcare: Analytics to detect suspicious claims before payment.

Retail

IBM zEnterprise Smarter Analytics for Retail: Customer analysis and business performance management

Enabling solutions that drive business value


Organizations embracing these technologies are reshaping the value and customer experience they deliver

What if you could deliver new services

more quickly to enable rapid business growth

while reducing IT system and admin

costs?

What if you could more quickly and nimbly

enrich the customer experience with

increased product personalization?

What if you could use real-time operational analytics to deliver

individualized services and promotions to

customers?

What if you could create the ultimate

security environment, including an enterprise-

wide encryption service?

Secure cloud portal provides flexible

environment that cuts data center costs by

70%, while supporting 24X7 availability.

Cloud and mobile banking solution

brings the branch to the client and enables

personalized client services.

Enhanced data analytics hub

provides fast access to vital insights for

development of new products and services

Cryptographic coprocessors

secure 2B transactions / year

with enterprise-wide encryption services


Data Server of ChoiceStack Performance: • Get workload done faster• Scale capacity with workload• Co-optimize HW and SWData-serving:• Deliver more data … fasterBusiness Analytics:• Workload-optimized• Integrated stack• OLTP -> OLTAP

Most Secure & ReliableSecurity• Auditable protection of data• Isolation for multi-tenancy• Simplify management &

complianceSystem Availability• Apply analytics to IT operationsSysplex Availabiity• Enhanced GDPS• Active-active solutions• Asynchronous data replication• Simplification and autonomics

Enterprise Cloud LeadershipEnterprise Cloud• Enable cloud-based delivery • Dynamic shared infrastructure• Common Cloud Open Stack Heterogeneous Workloads• Linux consolidation• Extend platform management • Integrate mobile workloads • Cross-platform integration

1 All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

DB2 for z/OS andIBM DB2 Analytics Accelerator

OLTP Transactions

Operational analytics

Real time data ingestion

High concurrency

Advanced analytics*

DB2 Native Processing

Standard reports

Complex queries

Historical queries

OLAP

Strategic Priorities for System z


Semiconductor Technology

Microprocessor Design

Systems Design

Virtualization & Operating Systems

Compilers, Tools & Java Virtual Machine

Optimized Middleware

Java

Data Ready Security ReadyCloud Ready

Business Analytics

System z: Integrated by design


Technology driversSilicon speed and Multi- Core Technology

Accelerators

Virtualization management

Compute needs driven by new combinational workload characteristics

Data access, latency and networks


Data Compression Acceleration

High Speed Communication Fabric

Flash Technology Exploitation

Proactive Systems Health Analytics

Hybrid Computing Enhancements

Reduce CP consumption, free up storage & speed cross platform data exchange

Optimize server to server networking with reduced latency and lower CPU overhead

Improve availability and performance during critical workload transitions, now with dynamic reconfiguration; Coupling Facility exploitation (SOD)

Increase availability by detecting unusual application or system behaviors for faster problem resolution before they disrupt business

x86 blade resource optimization; New alert & notification for blade virtual servers; Latest x86 OS support; Expanding future roadmap

zEDC Express

10GbE RoCE Express

IBM Flash Express

IBM zAware

zBX Mod 003; zManager Automate; Ensemble Availability Manager

zEnterprise compilers (COBOL, PL/I, C/C++) provide an optimized application infrastructure for increased software performance

New innovations available on zEC12Do a Proof of Concept today!!!


The Ultimate Virtualized System

Massive, robust consolidation platform

60 logical partitions, 100’s to 1000’s of virtual servers under z/VM

Virtualization is built in, not added on (Processor and I/O)

HiperSockets for memory-speed communication, as well asVirtual Hipersockets via Guest LANs in z/VM

Most efficient hypervisor function available

Sysplex (Single System Image Clustering)

Intelligent and autonomic management of diverse workloads and system resources based on business policies and workload performance objectives:

IBM Mainframe

CPU 1 CPU 2 CPU 3 CPU 4

Partitioning Firmware

z/VM z/VM z/VM

• Utilization often > 80%

• Handles peak workload utilization of up to 100% without service degradation for high priority workloads

Linux

ERP JavaAppl.

WebSphere®LegacyNative Linux

DB2IMS CIC

SIMS

Busine ss

Object s

JVMz/OS z/VM

DB2

Linux

z/OS

SAPUNIX®

Systemservices

JVM

Business Objects

z/VM

Java Appl

Java Appl C++Java

DB2

Linux forSystem z Linux

for System z

Linuxfor

System z

CICS®

DB2®

IMS™

HiperSockets


Delivering to Smarter Computing with zEnterprise Hybrid computing on System z keeps getting smarter

Current FocusMonitor and management of heterogeneous resources.DataPower XI50z appliance can help simplify, govern, and enhance the security of XML, Web and IT services Support for AIX on POWER7, and Linux and Windows on System x.Extending mgt functions of Unified Resource Manager with APIsSupport of zBX on zEC12Enhanced Tivoli monitoring, discovery and availability/automation for zBX resourcesImage mgmt support for x86 and power blades though ISD

CPU Management for x86 blades (Automate Bundle)GDPS automated site recovery for zBXSupport of next generation hardware technologies in the zBXEnsemble Availability Manager –monitoring and reportingSupport for additional versions of Windows Server and Linux zBX firmware currencyStand-alone zBX nodeSupport for next generation DataPower Appliance

All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

Support of zBX with the next generation serverTechnology configuration extensions in the zBXCEC and zBX

– Continued investment in proving the virtualization and management capabilities for hybrid computing environment

– Enablement of Infrastructure as a Service (IAAS) for Cloud

Unified Resource Manager Improvements and extensions

– Guest Mobility– Monitoring Instrumentation– Autonomic Management

functionsIntegration with STG PortfoliozEnterprise and STG will continue to leverage the Tivoli portfolio to deliver enterprise wide mgmt capabilities across all STG systems

Delivery of new hybrid function

Future Vision

15

Vision:zEnterprise is a hybrid system and always will be zEnterprise will continue to invest in improving the virtualization and management capabilitieszEnterprise will seamlessly integrate with emerging Cloud-based IT management paradigmszEnterprise will more tightly integrate with STG Portfolio over time zEnterprise and STG will continue to leverage the Tivoli® portfolio to deliver enterprise wide management capabilities across all STG systems including PureSystems


When paying bills on-line all my account information is available

to only those authorized

My personal data is safeguarded when dealing with my healthcare

provider

For businesses: The threats are real, and the cost can be dramatic

94%Of 599 companies surveyed had security breaches and only 7% were aware they had been breached

60,000 per dayThe average number of times an

IT infrastructure is attacked

An integrated environment provides protection against threats…

How can you be sure your personal information is security ready?


As a result, the Security market is shifting

Source: Client Insights 27-Jun-11, An Evaluation of the Security & Risk Opportunity; Assessing a New Approach to Competitive Differentiation, Ari Sheinkin

Traditional FocusGovernance and Compliance

Emerging FocusRisk Management

Security strategy React when breached Continual management

Speed to react Weeks/months Realtime

Executive reporting None Operational KPIs

Data tracking Thousands of events Millions of events

Network monitoring Server All devices

Employee devices Company issued Bring your own

Desktop environment Standard build Virtualization

Security enforcement Policy Audit

Endpoint devices Annual physical inventory Automatically managed

Security technology Point products Integrated

Security operations Cost Center Value Driver

17


Intelligence Integration ExpertiseIBM’s security framework…

Data Understand, deploy, and properly test controls for access to and usage of sensitive data

Data Understand, deploy, and properly test controls for access to and usage of sensitive data

People Mitigate the risks associated with user provisioning and access to corporate resources

People Mitigate the risks associated with user provisioning and access to corporate resources

Applications Keep applications secure, protected from malicious or fraudulent use, and hardened against failure

Applications Keep applications secure, protected from malicious or fraudulent use, and hardened against failure

Infrastructure Help protect and maintain compliance of networks, servers, storage, endpoints and mobile devices

Infrastructure Help protect and maintain compliance of networks, servers, storage, endpoints and mobile devices

Security Intelligence and Analytics Optimize security management with additional context, automation and integration across domains

Security Intelligence and Analytics Optimize security management with additional context, automation and integration across domains

18


System z Security Infrastructure: Architected and IntegratedIntegrated security server provides the foundation for consistent identity and access mgmt across the stack

One policy across z/OS resource managersIntegrated Public key infrastructure reduces cost and risk of managing digital ids

Integrates w/RACF and utilize HW crypto for the security of keys

Integrated accelerated tamper proof Hardware Cryptography Open standards with Enterprise IBM PKCS #11 targeted to the public sector

– IBM’s Common Crypto Architecture (CCA) supporting needs of banking and financeEnterprise management of keys and certificates targeting for financial customers

Memory protection to protect your most critical transactional systemsUse Application Transparent Transport Layer Security to secure sensitive communications without incurring costly application changes

Secured connection with Linux® virtual servers (Linux for IBM System z®) in the boxIntra-Ensemble Data Network point to point and non-sniffable

Consistent auditing and reporting using a centralized model Strong focus on crypto functions required by the Banking/Finance industriesCentralized hardware based key management

Middleware

EAL5 certified

Network

Hardware

z/OS – RACF, z/OS PKI Services, ICSF,

SSL

Architecture

Administration

Virtualization

19

“The IBM Crypto Express3 coprocessors are very fast—we get an average execution time of less than 50 microseconds, equating to 2,000 transactions per second. They cut down on latency so much that data can be moved almost in real time.” - —Tom Kesselring, Vice President for Mainframe and Non-stop Systems at Vantiv


Centralized Integrated Security Authentication / Authorization / Administration / Auditing– Application and database security without modifying applications– Use WebSphere® with RACF® for end-to-end, authentication and

authorization

Granular security implementation for DB2®, CICS®, IMS™, WAS, MQSeries®

and z/OS® resourcesProtecting data InfoSphere™ Guardium® Data EncryptionLabeled DB2 and z/OS security for secured multi-tenancy

Integrated LDAP capabilities provide enterprise application registryOptimized Java environment permits transparent use of platform securityOpen PKCS#11 Crypto facilitates the porting of applications

Support of System Secure Sockets Layer (SSL), digital certificates, and key repositoriesBuilt-in defenses to ensure high availability of the system against denial-of-service attacks Network IPS front end fraud and threat detection

Granular and detailed logging provided by z/OS Resource Mangers – eg -DB2, CICS, IMS, MQ and z/OS

Provides the basis for capabilities with zSecure and Guardium®20

Middleware

EAL5 certified

Network

Hardware

CICS, IMS, WAS Applications

DB2, IMS, VSAMMessages&Queues

Architecture

Administration

Virtualization


Consolidation onto the mainframe can improve security High assurance

– Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standardized fashion.

– Third party scrutiny

Integrated Secure Virtualization– Isolation between workloads, virtual servers and tenants

Integrated Secure Networking – Traffic that stays within the box to reduce the potential for network data leakage– Protecting data in flight, protect system resources from network attacks

Integrated Data Protection– Strong access controls – Integrated data protection with encryption technologies

Security Centralization – Single point of controls to simplify configuration and management– Collapse multiple tiers to reduce attack surface – Centralized Security services – "Security as a Service"

Choice – Solutions that grow the value of System z HW & SW and facilitate consolidation and improve security posture


Digital certificate hosting with z/OS PKI ServicesA Certificate Authority solution built into z/OSCan provide significant TCO advantage over third party hostingProvides full certificate life cycle mgmt– User requests driven via Web pages– Browser or server certificates– Automatic or administrator approval

process– End user/administrator revocation process

• Supports CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol)

– Supports SCEP (Simple Certificate Enrollment Protocol) for network device certificate lifecycle management

– New with z/OS R13 Support for the Certificate Management Protocol (CMP)

User requests certificate

Administrator generates and

distributes certificate

Requestor signs

message

Receiver verifies requestor’s signature

Administrator revokes

signature

Certificate expires

Banco do Brasil saves an estimated $16 M a year in digital certificate costs by using the PKI services on z/OS

22


IBM Enterprise Key Management Foundation for Integrated Key Management

IBM Enterprise Key Management Foundation powered by DKMS Centralized key lifecycle management with single point of control, policy, reporting, and standardized processes for compliance

– EMV & PCI Standards

EKMF provides proven experience in the enterprise key managementspace

– Capabilities tailored to the needs of the banking and finance community

– Adherence to key banking and finance standards

Trusted Key Entry (TKE) workstation provides a secure environment for the management of crypto hardware and host master keys

ISKLM for z/OS provides proven key serving and management for self encrypting tape and disk storage capabilities to devices

The capabilities of EKMF, TKE, and ISKLM provides an optimum solution that addresses the needs of multiple client and marketplace needs

Disk Storage

Array

Enterprise Tape Library

TKE for Crypto Express Hardware

managementEKMF for application

key management

Tape devices

EKMF ISKLM

2323

Delivers customers a security-as-a-service offering that efficiently manages millions of keys and quickly processes payments at extreme scale, while meeting the latest industry standards.


IBM Security zSecure suite Overview

IBM SecurityzSecure Suite

IBM Security zSecure AdministrationzSecure Admin:

• Improves security at lower labor cost• Also saves cost by:

o Avoiding configuration errorso Improving directory mergeso Efficient group management

zSecure Visual:• Permits changes in minutes vs. overnight• Provides access for only current employees &

contractors (better business control)• Enables segregation of duties (minimizing

business risk)• Aids in reducing labor cost and errors


IBM Security zSecure suite OverviewIBM Security

zSecure Suite

IBM Security zSecure Compliance and Audit

zSecure Audit:– Reports can match business model/requirements– Prioritizes tasks (optimize labor utilization)– Helps find “segregation of duties” exposures (reduces

risk)

zSecure Alert:– Allows capture of unauthorized “back door” changes to

RACF / security policies– Addresses real time audit control points

zSecure Command Verifier– Audits RACF admins’ changes– Offers security monitoring without additional CPU/cost– Audit in seconds vs. days– Prevention instead of after the fact

© 2013 IBM Corporation26Note: ACF2 and Top Secret are either registered trademarks or trademarks of CA, Inc. or one of its subsidiaries.

IBM Security zSecure suite Overview

Permits you to perform queries and administration manually or by API from a CICS environment, freeing up native-RACF resources

Combined audit and administration for RACF in the VM environmentIBM Security

zSecure Suite


Key Characteristics

Single Integrated ApplianceNon-invasive/disruptive, cross-platform architectureDynamically scalableSOD enforcement for DBA accessAuto discover sensitive resources and dataDetect or block unauthorized and suspicious activityGranular, real-time policies

– Who, what, when, how

Prepackaged vulnerability knowledge base and compliance reports for SOX, PCI, etc.

Growing integration with broader security and compliance management vision

IBM Guardium Provides Real-Time Database Security and Compliance

Continuous, policy-based, real-time monitoring of all database activities, including actions by privileged users

Database infrastructure scanning for missing patches, misconfigured privileges and other vulnerabilities

Data protection compliance automation

Integration with LDAP, IAM, SIEM,

TSM, Remedy, …

27


zSecurez/OSRACFACF2, Top SecretCICS, DB2

Event Correlation

Activity Baselining & Anomaly Detection

User Activity

Threat Intelligence

Configuration Info

Offense Identification

Security Devices

Network/Virtual Activity

Application Activity

Vulnerability Information

Servers & Mainframes

Database Activity

Network/Virtual Activity

Extensive Data Sources Deep Intelligence

Exceptionally Accurate and Actionable Insight+ =

Centralized view of mainframe and distributed network security incidents, activities and trendsBetter real-time threat identification and prioritization correlating vulnerabilities with zSecureSMF and logger data feeds with zSecure Audit and AlertProduces increase accuracy of risk levels and offense scores, and simplified compliance reporting

zSecure and QRadar improve your Security Intelligence

zSecure on z/OSz/OSRACFACF2, Top Secret

TCPIPFTPTN3270

CICS, DB2


Event Correlation


Activity Baselining & Anomaly Detection

Event Correlation


• IP Reputation• Geo Location


Component Mainframe Distributed

Data Encryption Built in, scalable, tamper resistant encryption – bullet proof Typically third party appliances requires integration - more expensive and potentially more vulnerable

Integrated Security across the lifecycleof data

From transaction to archive, from access to network to storage, data access and encryption is integrated into the platform

Requires multiple components and add on SW solutions with different key's, policies, and procedures.

Consistent Policy Based Access

Consistent policy based access and authentication with a single point of control for accountability

Multiple tools with different access controls, & different repositories increases risk of unauthorized access

Secured Isolation Workload protection of customer data with hardware enforced isolation

Multiple isolated solutions without the advantages of central control making data on cloud more vulnerable to interception

Public Key Infrastructure

Built in secure, highly available centralized key repository

and management

Appliances can create single points of failure and be difficult to achieve highly scalable configurations

Auditing Granular auditing using extremely detailed records for accurate and comprehensive reporting

Multiple often inconsistent audit systems making regulatory compliance difficult

Network Security Network security built-in – secured HiperSockets™ and networks also provides economic, secure communication to IBM zEnterprise® BladeCenter® Extension (zBX) and within the CPC

Lack of built in security requires more firewalls and additional secured network infrastructure

System z “built in” at every level provides maximum protection - x86 bolted on security provides opportunities for vulnerabilities and complexity

29


IBM System z has Secured Systems for over 40 Years. IBM is Security Ready.

Security, Built-in, by Design “The mainframe has survived many challenges …. IBM has done this by keeping the IBM System z platform up to date with the changing times, while retaining the fundamental characteristics such as security that define enterprise-class computing at the highest level.”* *Masabi Group, David Hill, Analyst, November 14, 2012

Security Innovation Spanning Four Decades1970

Hardware Cryptography

1977DES Encryption

Unit

1985Crypto Operating

System

2013Enterprise

Key ManagementFoundation

2004Multilevel

Security MLS

2012RACF Evaluated

at EAL5+

30


Enterprise data hub

High-volume transaction processing

Process complex analytics queries up to 2000x faster

Manage tens of thousands of virtual servers in a single system

Elastic, scalable, virtually limitless expansion

Shared everything design

Hybrid computing

Ultimate security

Built-in cryptography

Unmatched resiliency and availability

Delivers the highest certification level for enterprise-class servers

Real-time operational analytics

IBM zEnterprise: The modern mainframe

The valiue of zEnterprise - GSE Belux z...Contact your IBM representative or Business Partner for...

Documents

Transcript of The valiue of zEnterprise - GSE Belux z...Contact your IBM representative or Business Partner for...