IBM released a significant overhaul of its venerable Z and LinuxONE mainframe platforms that have been injected with some new-school, multicloud thinking that brings increased performance and security. These newly enhanced z15 mainframes could help the hardware vendor better compete against hyperscale public cloud providers like Amazon Web Services (AWS) and Microsoft Azure.
The z15 platform taps into IBM’s broader pervasive encryption strategy that was announced as part of its z14 launch in 2017. It provides encryption on IBM’s mainframe products. To that, IBM is adding a number of updates that extend that service to hybrid-cloud environments. This includes enforcing data privacy by policy if it leaves the IBM mainframe platform without impacting system performance.
IBM said it spent four years working on the z15 update, which includes more than 3,000 patents issued or in process.
Data Privacy Passports
The security focus is around IBM’s Data Privacy Passports (DPP), which allows users to provision security rules at the data level across private cloud, public cloud, and hybrid cloud environments. This is accomplished by using the newly developed Trusted Data Objects (TDO) technology that provides data-centric protection that stays with the data.
IBM explained that an organization can establish and enforce enterprise-wide data privacy policies where different views of data are surfaced to different users based “on their need to know.” That data can also be tracked from its point of origin to the point of consumption with a central monitoring point for auditing and compliance.
It also provides key management for TDO that are created and distributed across an organization. This is designed to reduce the complexity of implementing the platform and easing management of data as it moves between systems.
DPP relies on a user also having IBM’s pervasive encryption platform in place.
Analysts noted IBM’s mainframe approach could provide a compelling security argument for enterprise customers that are looking at public cloud providers.
“What IBM sees is a direct threat to its lock on mission critical workloads from cloud providers – and what IBM plans to do is respond with an aggressive strategy to position the IBM Z as the cloud architecture to use when business continuity and security are primary requirements,” explained Joe Clabby, founder and president of Clabby Analytics, in a research note. “IBM Z does security and data protection better than any other server type in the industry – and the IBM Z has the longest meantime between failure of any other competing architecture. These are two major requirements when executing mission critical applications.”
A recent report from Palo Alto Networks’ Unit 42 division found more than 34 million vulnerabilities across various major cloud providers including AWS, Microsoft Azure, and Google Cloud.
Mainframe for the Cloud
The new mainframe platform has also been sped up to deal with increased use of cloud-native systems. IBM said z15 can now process up to 1 trillion web transactions per day, support large databases, and scale to 2.4 million Linux containers in a single z15 system.
IBM noted that last stat is 2.3-times more Linux containers per core versus a bare-metal x86 platform running an identical web server load. Those are what hyperscale cloud providers are using to power their data centers.
This support could also bolster IBM’s integration of its Red Hat assets. That includes its recently launched Cloud Paks that rely on Red Hat’s Kubernetes-based OpenShift platform to tie IBM’s legacy software portfolio across any cloud environment and its mainframe systems. IBM said that when combined, these products will provide a secured and open hybrid multicloud platform to drive new use cases.
STORY UPDATED: This story was updated to clarify that the Data Privacy Passport (DPP) update is what extends data management across an organization’s different operating environments and not the pervasive encryption platform.