RealTime IT News

IBM Centralizes Security for the zSeries Mainframe

Continuing its broad strategy of infrastructure simplification, IBM Thursday introduced new security features for its latest mainframe operating system software to help centralize control of an environment that requires several tiers of security.

The z/OS 1.5 software will work with the Armonk, N.Y. company's DB2 Universal Database for z/OS Version 8 software to provide multi-level security on the zSeries mainframe to help meet the strict security requirements of government groups and financial businesses, according to Jim Porell, chief strategist for IBM zSeries Software.

In practical use, the software will enable employees from different agencies -- such as the Department of Homeland Security or the Department of Defense -- with similar security clearance to access information from one database, while prohibiting access to an employee without a clearance level.

Porell said there is a need for such multilevel security because government agencies and financial organizations have traditionally used several networks, servers, and databases to separate highly classified information from run-of-the-mill data. This would often result in a cluttered data center environment.

"Multi-level security has been around for years," Porell told internetnews.com. "But those implementations used a separate security server, operating system, database and network, but shared the same security for each. This reduces complexity and offers a single point of control, to help departments collapse their infrastructure and reduced the cost, while maintaining the same level of collaboration among employees."

Such a redundancy in infrastructure can prove costly for CIOs charged with trimming budgets. Nine machines might be replaced by one zSeries mainframe running z/OS 1.5 and the corresponding DB2 software.

Porell said IBM's new software consolidates what is often a raft of machines working independently under one central zSeries mainframe and corresponding DB2 database.

IBM's latest move is indicative of the ways systems vendors are trying to gain market share by helping customers do more with less. Sun and HP also have consolidation plans in place to help customers simplify their infrastructure in a cost-conscious environment.

IBM's z/OS 1.5 and DB2 Universal database for z/OS will be available on March 26 with improved digital certificate management and simplified Workload Manager (WLM) control for WebSphere.

Porell also said IBM is hard at work on z/OS 1.6, which is currently in evaluation for Common Criteria certification to the Labeled Security Protection Profile (LSPP) at EAL3+.

Planned for September 2004, z/OS 1.6 will include support for more than 16 engines in a single image; 64-bit application development support for C/C++; and TCP/IP Sysplex health monitoring to improve TCP/IP availability.