According to IBM, its Z mainframes process 30 billion transactions per day, including 87% of all credit card transactions in the world. These two facts alone show the importance of the mainframe in the world economy, but it also underscores the importance of the complementary storage systems that all mainframes must have. Therefore, IBM’s continuing the extension of its mainframe storage solutions: the DS8900F all-flash storage systems for production data and the TS7770 Virtual Tape Library (VTL) for data protection.
Where IBM mainframe storage fits within its storage portfolio
IBM generally divides its storage portfolio into two categories: 1) storage for hybrid multicloud environments, and 2) storage for AI and big data, namely the Elastic Storage System and Cloud Object Storage. The storage for hybrid multicloud side of the house has two categories: non-mainframe storage, which is composed of the FlashSystem family as well as the SAN Volume Controller (SVC), and mainframe storage, which contains the DS8900F storage systems and the TS7700 Virtual Tape Library.
For background on the DS8900F storage system and the TS7700 VTL see IBM Introduces DS8900F Storage Systems and IBM Enhances the TS7700 Virtual Tape Library for IBM Z Platforms.
Focusing on four critical areas
For the latest additions to its Z System mainframe portfolio, the z15 Model T02 and the LinuxONE III T02, IBM emphasizes four key aspects where its mainframe storage systems play major roles: cloud native, encryption everywhere, cyber resilience, and flexible storage.
- Cloud native — the vast majority of enterprises already operate in a hybrid multicloud environment and that trend seems likely to continue until nearly all companies operate in a hybrid multicloud world.
- Encryption everywhere — 100% encryption everywhere that it is needed, to wit, at rest, in motion, and in the cloud, is essential to ensure privacy of data from prying eyes.
- Cyber resilience — malware and ransomware are two types of major security threats against which enterprise has to guard.
- Flexible storage — more package options are available.
Let’s look at these more closely.
Mainframe IT organizations on top of their game want to build new applications that creatively use the hybrid multicloud, while at the same time modernizing core parts of their business. Containerization is the name of the game that facilitates digital transformation in the hybrid multicloud. DS8900F storage works in conjunction with Red Hat OpenShift and IBM Cloud Paks to facilitate this digital transformation. IBM Cloud Paks deliver enterprise-class containerized software solutions that run wherever Red Hat OpenShift runs. The end result is the unification of the traditional mainframe storage (i.e., DS8900F storage) with cloud native storage that delivers the reliability, availability and security that is necessary to manage mission-critical containers.
Encryption is an essential tool in the data privacy and cyber resiliency toolbox. Data privacy as part of data protection has, in many aspects, become mandatory for regulatory compliance and not just common sense for preserving the value of an organization’s information assets. Hence, IBM’s emphasis on encryption everywhere across its mainframe storage portfolio for both the DS8900F and the TS7770.
For the IBM Storage for Mainframe offerings this means encryption at rest on-premises and extending to hybrid cloud data movement with encryption in-flight. Using AES-256 (Advanced Encryption Standard 256 bit), which is the strongest encryption method used by public companies, IBM implements storage encryption in hardware rather than software so there is no performance impact. Avoiding performance impact with storage-based data encryption eases the concern of IT professionals on encryption’s impact on applications and workloads (IBM also has encryption with no performance impact with its FlashSystem family of solutions).
The continual threat of cyber-attacks, such as malware and ransomware, easily lead to loss of sleep. IBM mainframe storage protects against this. For example, Safeguarded Copy (discussed in greater detail in IBM Introduces DS8900F Storage Systems) uses up to 500 immutable incremental snapshots per volume as a means of recovering to a point-in-time before an attack occurred.
A second method is to recover and restore from a good “air-gapped” (logically or physically separated) copy of the data that cyber-criminals cannot reach through external and internal networks. This can be done using logical air gapping to the public cloud or physical true air gapping to tape. If a DS8900F creates a copy of the data as an object store on a public cloud, this is a logical air gap. Technically, a hacker could still reach the data copy, but the degree of difficulty to extend the prying to this additional step would seem to be very difficult if not impossible. An IBM TS7770 VTL can connect to one of IBM’s Tape solutions using physical tape media. Since the tape media can be physically removed and placed on an offline rack, you can create a physical true air gap. These protections aside, it might be wise to create an additional off-line copy of the data before remounting it in case a hacker has a piece of malicious software awaiting its return.
IBM has long provided its mainframe storage mounted in its own racks (which are not the standard 19-inch racks). Now, in addition to offering its own racks for those who are comfortable with them, IBM also offers rack-less versions of the DS8900F and the TS7700. This does not mean that they operate without a rack, but rather that they can be mounted in a customer-supplied 19-inch industry-standard rack.
IBM mainframe storage customers face the same set of challenges that face the non-mainframe crowd, if not more, because they typically have increased needs for data availability, reliability, performance and scalability, including strong security needs. Thus, these storage users must understand the changes that are happening around them, while at the same time preserving and modernizing their existing base.
Supporting the containerization capabilities of Red Hat OpenShift with IBM Cloud Paks for use with DS8900F (through the FlexVolume driver) storage systems meets the cloud native functionality needed for the hybrid multicloud. The z15’s and IBM Storage’s core “encryption everywhere” is a critical solution for maximizing data security without impacting system performance. Safeguarded copy and air-gapping provide much needed cyber-resiliency that enterprise customers have come to depend on.
All in all, with these newest IBM Storage offerings the company continues to extend sophisticated essential features and deliver enterprise-class solutions of critical importance to IBM Z mainframe customers.