Share this post:
Today, IBM is launching the new z15 mainframe, the culmination of four years of collaborative development company-wide, with a focus on meeting crucial customer data security and privacy needs across hybrid multicloud environments. To build this ground-breaking new system to meet these client demands, IBM Research partnered with IBM Systems to help develop a new enterprise platform delivering the ability to manage the privacy of customer data across hybrid multicloud environments.
IBM engineers assemble the IBM z15, a new enterprise platform delivering the ability to manage the privacy of customer data on Thursday, September 12, 2019, Poughkeepsie, NY. The systems features an industry-first capability to instantly revoke access to data across the hybrid cloud. The IBM z15 system culminates four years of development with over 3,000 IBM Z patents issued or in process and represents a collaboration with input from over 100 companies. IBM z15 can process up to 1 trillion web transactions a day and features new cloud-native development tools and instant recovery technology to optimize resiliency. (Jon Simon/Feature Photo Service for IBM)
Securing the Hybrid Cloud
z15 helps organizations build cloud-native applications and securely integrate their most important workloads across clouds, so that users can be confident in the security of their applications running on their z15 system, no matter where they’re located. IBM Research helped provide Docker containers on z15 that are designed to deliver container scalability and security advantages in the market. Docker services developed by IBM Research on z15 enable Docker containers to run at a higher density, with greater security and larger scalability. This makes z15 an ideal host for cloud workloads.
But in the digital era of the Hybrid Cloud, data is moving further and further from its source, and the new Data Privacy Passports technology in z15 (1) builds upon pervasive encryption to help clients protect and provision data and revoke access to that data at any time from any location. IBM Research helped provide Data Privacy Passports’ secure data controls, storage protocols and hardware-encrypted protection. IBM z15 Data Privacy Passports embeds data security policies and encryption with the data, enforcing data privacy by policy across the whole of your enterprise, even when that data leaves the z15 server. Research worked with z15 engineers to design a system that accelerates privacy encryption and controls innovating across processor, firmware, operating system, virtual machine and subsystem runtimes.
Research also co-led the development of IBM z15 hybrid cloud services and z/OS container extensions, enabling z/OS applications to modernize in place and integrating existing workloads with Linux applications. z/OS container extensions allow traditional z/OS applications to use any Linux service, tool or library without having to redesign or recode the Linux applications. This offers z15 clients a breadth of devop tools, languages and software to more easily build hybrid applications, all protected by the security and higher availability that IBM enterprise clients demand.
Bringing it together with Blockchain
As part of Data Privacy Passports, IBM Research led the design, implementation and optimization of our secured cloud-based blockchain, which leverages compilers and hardware acceleration to run on z15. As detailed in the “Scaling the Digital Mountain” white paper commissioned by IBM, users of Blockchain on z15 systems can deploy apps nearly 3x faster than on x86 (2).
Research also designed new cryptography features and services that help protect Blockchain on z15 from malware and co-led the creation of crypto hardware that accelerates encryption, designed to allow z15 to encrypt data with the highest level of FIPS security certification available in the industry.
Open AI on z/OS
z/OS isn’t known as a preferred operating system for AI workloads, and to help address that gap, Research likewise co-led the introduction and integration of the Open Neural Network Exchange (ONNX) in z/OS. This integration allows popular open source AI libraries to run in z/OS with z15 hardware acceleration, allowing new options for real-time analytics insights to z/OS users.
An open format to represent deep learning models,ONNX helps transform popular open source machine learning and deep learning libraries to help developers create applications for real-time inference on z15. Prior to ONNX on z/OS, clients needed to move their data out of their z system into a centralized data warehouse for AI processing using a different platform or public cloud. This process of moving data can create latency and cause the system to draw insights from out of date or obsolete data, and bad data leads to bad decision-making. For example, in a financial institution that processes thousands of transactions per second, latency in the data transfer process can delay detection of potentially fraudulent activity leading to possibility of millions of dollars lost because the input data couldn’t reach the compute resources fast enough. With ONNX, AI developers can now more easily move models between state-of-the-art tools and apply their models to production z/OS workloads on z15 to process the data where it lives without having to transfer it to a different platform.
To learn more about how IBM z15 is creating better security for enterprise datacenters read more on the IBM Newsroom: https://ibm.co/2k80ok2.
- For additional information see IBM’s relevant Announcement Letters
- Source: Scaling the Digital Mountain, Solitaire Interglobal Ltd. , commissioned by IBM