IBM extends z15 mainframe family, intensifies Linux security

IBM extends z15 mainframe family, intensifies Linux security



IBM continued to reshape the mainframe with a watch towards additional integrating it inside hybrid clouds and securing Linux-based workloads.On the {hardware} facet, IBM rolled out two entry-level, 19” single-frame, air-cooled platforms, the  z15 Model T02 and LinuxONE III Model LT2. The new machines are extensions of the IBM z15 household that Big Blue rolled out in September of final 12 months. Both can slot in cloud data-center racks and will be outfitted with a second dratheyr, ought to prospects have to develop capability.  Both characteristic 65 cores utilizing business processors working at 4.5GHz and will be configured to assist all method of workloads. IBM mentioned new machines assist z/OS Container Extensions that allow access to an ecosystem of open-source and Linux-on-IBM Z purposes that could be deployed inside the native z/OS surroundings with out requiring a separate Linux server, utilizing Docker container expertise and patterns. In addition prospects can use the most recent open-source instruments, well-liked NoSQL databases, analytics frameworks and software servers, IBM mentioned.The LinuxONE Model LT2 can run plenty of Linux methods together with Red Hat Enterprise Linux, SUSE and Ubuntu, alone or facet by facet with IBM z/VM environments on a single bodily server. The IBM LinuxONE server can run Linux workloads independently on a single server.Both methods assist IBM’s prepackaged Cloud Paks, which embody a secured Kubernetes container and containerized IBM middleware designed to let prospects shortly spin-up enterprise-ready containers, the corporate mentioned. IBM has normal Cloud Paks for knowledge, software, integration, automation and multicloud administration and safety. The thought is to assist prospects develop, deploy, and handle cloud-native purposes for the z15 household, IBM said.Security and privateness options are key for the z15 and people have been prolonged with the introduction of IBM Secure Execution for Linux for the all z15 fashions.  In a weblog put up in regards to the safety extensions, IBM said that at its core, a Secure Execution gives a KVM-based digital machine that’s absolutely remoted and protected against the hypervisor with encryption keys that solely the IBM Z {hardware} and firmware have access to.“In practice, an encrypted Linux image is created using the host public key and a customer-specific key. Since the encryption keys are stored on the IBM Z hardware and firmware, the encrypted image can only be executed in a virtual machine on the host(s) it has been prepared for, and the image can’t be decrypted or tampered with outside of the designated host(s). In addition, your unencrypted virtual machine memory cannot be accessed by the host operating system either,” IBM said. “Applications are then run inside of that virtual machine, allowing the owner of the application to focus on just disk and network data encryption, both of which can be easily handled in userland.”In an surroundings the place prospects are working Kubernetes throughout servers working on x86 and Linux on Z methods, you’ll be able to deploy the Secure Execution containers particularly for the purposes you wish to have protected, like delicate databases and blockchain companies. In this mannequin, Kubernetes nonetheless manages the orchestration of containers, each on x86 and IBM Z, nevertheless it has no access to the info contained in the Secure Execution surroundings container, IBM said. With Secure Execution IBM is attempting to mitigate insider threats to enterprise knowledge.From 2016 to 2019, the common variety of incidents involving worker or contractor negligence has elevated from 10.5 to 14.5–and the common variety of credential theft incidents per firm has tripled over the previous three years, from 1.zero to three.2, According to the Ponemon Institute’s 2020 Cost of an Insider Breach Report, IBM said.  “IBM Secure Execution for Linux helps to mitigate these concerns by enabling clients to isolate large numbers of workloads with granularity and at scale, within a trusted execution environment.”The z15 household already helps what IBM calls Data Privacy Passports that promise to let prospects management privateness and safety by defining how all knowledge is accessed, saved and shared. The thought is to let prospects  shield and provision knowledge and revoke access to that knowledge at any time, not solely inside the z15 surroundings however throughout an enterprise’s hybrid multicloud surroundings, IBM said. The new methods and software program are anticipated to be accessible by mid-May.  Join the Network World communities on Facebook and LinkedIn to touch upon subjects which might be high of thoughts. Copyright © 2020 IDG Communications, Inc.

Spread the love

Leave a Reply

Your email address will not be published. Required fields are marked *