Tuesday, December 30, 2014

Happy New Year


 Thanks to all my readers for coming by so regularly, to all the people who linked to this blog, to those who kindly retweeted me and to every one who gave me great feedback during 2014.


Monday, December 29, 2014

Looking back on 2014 - Year Review

Can you imagine, no mainframe announcement in 2014, the year the mainframe turned 50. Would that suggest this was a boring year. Not at all.

January started out with a warning for every one still on z/OS 1.12 or even lower. You're way behind if you still have to order z/OS 1.13 and January 17 was the last day it could be ordered. Next to that there were a couple of Flashes concerning problems with DS8000 boxes. But of course right from the start of the year we paid a lot of attention to the anniversary of the mainframe turning 50.

In February IBM announced IBM Wave for z/VM : it's a "virtualization management software product that provides management, administration, provisioning, and enables automation of Linux virtual servers in a z/VM environment" making your life a lot easier. Next to that there was this one : "As a part of IBM maintenance services, maintenance charges will now apply for processing capacity activated through On/Off CoD". That wasn't the case until then. I was less impressed by the IBM Redbooks mobile app. I don't know what it is, I tested it back then, tested it again a couple of weeks ago, but I personally prefer my redbooks on my laptop. Call it a personal preference.

In March and April the tension is mounting for all kinds of anniversary festivities. Memorial coins were handed out, but of course the star of the show was the mainframe itself. We could not stay behind and we came with a special anniversary edition of our System z Newsletter. One of the articles I wrote and also published in this blog was about OpenStack. If you've never heard of OpenStack, have a look at it. I think the article is still relevant, allthough I wrote it myself. And certainly OpenStack itself is.


In May I once again pointed out the two-phased End of Marketing for the z114 and the z196. One tends to forget it, but be aware : after June 30, 2015 not one upgrade nor downgrade is still possible for those machines. IBM also announces its next generation, let me call them, DS8870 Flash Systems. At the beginning of the month, IBM also announced its new Mobile Workload Pricing for z/OS. It's a new subcapacity pricing giving you reductions on softwares when you are running Mobile trasactions on the mainframe. It was one of the topics that certainly drew a lot of attention during the System z technical university in Budapest.

In June I pointed out that as of z/OS 1.12 there was no longer the well-known lifecycle extension. It was kind of replaced by the new 'extended support' : a "fee-based corrective service to users who have not completed their migration to a newer z/OS release" for a period of 3 years. There were a number of GSE Working Group meetings in June and I must say the working groups thrived throughout the year. The Young Professionals group stays very active as well. A pity we didn't see anything from the earlier announced 'Ladies' group. Or they just didn't tell it to us ?

July is traditionally a busy month for big announcements the last couple of years. This year however, no new mainframe was announced. IBM must've heard my complaint that I have to postpone my holiday each time because of these announcements :-) . In the meantime I took the opportunity to dig a little bit deeper into the new Mobile Workload Pricing for z/OS and had some great assistance for this by David Chase from IBM. You can read all the details about it over here.

On the storage front, in August an announcement confirms officially what had already been clear for a while now : IBM will no longer sell its nSeries or NetApp equipment via OEM. StorWize should replace these offerings.
There were also some hardware and software witdrawals in August. Regarding hardware, anything related to attachment to zBX from the z196 and z114 is withdrawn from marketing. From a software point of view IBM announces EOS dates for z/VSE 5.1.1 (6/30/2016) , DB2 10 (9/30/2017) and a new one for z/VM 5.4 (ZP14-0382).

I must admit my blogging frequency dropped significantly after August, but of course there's a reason for this. I'm not solely involved in mainframe business at my company. I also assist in making larger propositions and we had a couple of really big ones taking up most of my time for the latter part of the year. But don't worry. Allthough I haven't blogged about everything, I can still give you the big picture for the last part of the year.

September comes and look, it's the first time I mention price changes (ZA14-1142) this year. VWLC, AWLC, EWLC, AEWLC and PSLC pricings will increase by about 4% from January, 1 2015 onwards. z/OS version 1 will be aligned with version 2 and this means an increase of about 5%.
And in September a new Master the Mainframe contest is finally announced again for the Benelux. The contest is running for the moment and ends on January 14, 2015. You can follow it on Facebook as well.

We have quite interesting storage announcements in October. First of all there's the announcement of the new TS1150 Tape Drive (ZG14-0272) with a native capacity of 10TB as opposed to 4TB for the TS1140. We can only repeat it over and over again : tape is not dead.The TS1150 is of course also supported by the new tape library that was announced already in May as the successor of the TS3500 : the TS4500 (ZG14-0114). In short this library has up to 3.3X the slot density of a TS3500, up to 2.2 PB native capacity in a single frame, two I/O Stations and it can now grow left or right of the base frame.
Last but not least there's also a new release of the DS8000 with some exciting features (ZG14-0280,ZG14-0281). There had been talk about before, but now it's there : the Multiple Target Peer to Peer Remote Copy where a single volume can be the source for more than one remote copy relationship. Other highlights : Easy Tier version 7 and zHyperWrite which reduces up to 43% of the DB2 log write time. And The DS8870 is also enabled for cloud with OpenStack support.
 
November was a quiet month and I only note some price changes. There's a 7% increase for '5648-054 - IBM CICS Transaction Server for VM/VSE' from March 15, 2015 onwards. Another one is for '5655-W41 - IBM DB2 Sort for z/OS S&S', '5697-DUS - IBM DB2 Utilities Solution Pack for z/OS S&S' and '5698-Z10IBM Tivoli Advanced Storage Management Suite for z/OS S&S'. Have a look at the announcement : some price increases are considerable.

In December there's an announcement indicating that the TS7700 offers support for up to 496 virtual tape drives in a single system in Release 3.2. And that's about it for 2014.

Conclusion ?

I see it everywhere and not only in the mainframe world, albeit sometimes in vendor specific offerings, but I can tell you, OpenStack is here and it's here to stay. We've all seen how Linux started off, how it was looked at in the beginning and where it's standing now. Well, I predict a similar trajectory for OpenStack. I think IBM did a good thing to embrace it from the very beginning. Will I be right about this ? Well come and see next year when I blog more about it . . .

Tuesday, December 16, 2014

Security Bulletin: POODLE vulnerability in SSLv3 affects IBM Explorer for z/OS and IBM CICS Explorer

Here's a security bulletin. I'm taking over some of its content. Just take a look over here for all the details, workarounds and mitigations.

Summary

SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption (POODLE) attack. This vulnerability affects all versions of IBM Explorer for z/OS and IBM CICS Explorer.

Vulnerability Details

CVE ID: CVE-2014-3566

DESCRIPTION: IBM Explorer for z/OS and IBM CICS Explorer could allow a remote attacker to obtain sensitive information, caused by a design error when using the SSLv3 protocol. A remote user with the ability to conduct a man-in-the-middle attack could exploit this vulnerability by using a POODLE (Padding Oracle On Downgraded Legacy Encryption) attack to decrypt SSL sessions and access the plaintext of encrypted connections.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97013 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Affected Products and Versions

This vulnerability affects all versions of IBM Explorer for z/OS and IBM CICS Explorer.