IBM launches IBM Z, a revamped mainframe with pervasive data encryption

Alain Brian
Juillet 17, 2017

The IBM Z's encryption system is created to address data breaches that are driving the global cyber crime industry and help organisations comply with new data protection regulations. Solitaire modeled the cost of running a business on IBM's z14 and compared it with data from thousands of businesses using x86 systems of different sizes to selectively encrypt data.

The 14-generation mainframe, called IBM Z, introduces a new encryption engine that for the first time will allow organizations to encrypt all data in their databases, applications, or cloud services, with no performance hit, said Mike Perera, VP of IBM's z Systems Software unit, in an interview with Data Center Knowledge. A single system can support more than 12 billion encrypted transactions per day.

IBM is betting big on pervasive encryption with a new mainframe dubbed IBM Z that may land new workloads amid data breaches. The capability can be extended to other devices such as storage systems and servers in the cloud. IBM Z will also go onto the IBM Cloud, launching initially as an encryption engine for cloud services and to run IBM Blockchain services, with the aim of providing the highest commercially available levels of cryptographic hardware.

For the first time, IBM z automates the process of verifying that data is encrypted and keys are secure. Under the new law, organizations will have to demonstrate that data is encrypted and keys are protected. The general idea is that IBM Z will encrypt all data all the time and reduce the attack surface for enterprises about 92 percent.

The technology will also help mainframe users meet new data compliance requirements, such as the European Union's General Data Protection Regulation, pointed out Judith Hurwitz, president of the market research and consulting firm Hurwitz & Associates. "It's like a security blanket across the entire system - database, applications, data at rest, data in flight, APIs, etc. - that can just be turned on, rather than manually picking and choosing what to encrypt, which typically has led to much [data] remaining unencrypted", he explained.

Applications that do need to decrypt the data will run under a special user ID that can access the decryption key - but such user IDs typically cannot be used to log in to the system, making it harder for hackers to both grab a file and decrypt it. Clients can now co-locate applications to optimise qualities of services that are priced competitively with public cloud and on-premises platforms. Application development and test environments will be tripled so capacity can be raised without a license increase.

The IBM Z, the next generation of IBM's industry-leading CMOS mainframe technology, features the industry's fastest microprocessor, running at 5.2GHz, and a new scalable system structure that delivers up to a 35 percent capacity increase for traditional workloads and up to a 35% capacity increase for Linux workloads compared to the previous generation IBM z13.

IBM Z builds on top of what IBM's transaction engine can already do, which includes handling 87 percent of all credit card transactions and almost $8 trillion payments a year, 29 billion ATM transactions each year (worth almost $5 billion per day), 4 billion passenger flights each year, and more than 30 billion transactions a day. With 32Tb of memory, IBM Z offers one of the largest memory footprints in the industry.

For example, it also announced today the launch of IBM Cloud BlockChain data centers in six cities worldwide.

There is coming z/OS software that will provide capabilities for private cloud service delivery, that will include support of workflow extensions for IBM Cloud Provisioning and Management for z/OS and real-time SMF analytics infrastructure support.

D'autres rapports CampDesrEcrues

Discuter de cet article

SUIVRE NOTRE JOURNAL