AIX has a 30-year history of consistently delivering a reliable, flexible and high performing secure environment. At IBM, we prioritize continuous innovation to address our AIX clients’ evolving business requirements.

AIX Live Update

Updates without downtime

Users have been able to hotpatch since AIX 6.1, and in fact, IBM Support delivers concurrent update Interim fixes that allow kernel patches without a reboot. Still, in some situations, fixes could not be coded with this approach.

AIX Live Update now allows all interim fixes, service packs, and technology levels to be applied without the need to reboot by exploiting LPAR virtualization, AIX virtualization and alt-disk install technology. AIX Live Update can:

• Create a new LPAR with an updated running kernel
• Provide a live migration while running workloads to this new LPAR
• Clean up the original LPAR when complete

Minimum versions

AIX 7.2 TL0 SP0 (interim fixes) / AIX 7.2 TL1 SP0 (service packs and technology levels)

IBM Power Systems Dynamic Flash Cache

Transparent SSD caching for performance differentiation

With the advent and speed of solid-state devices, using network attached storage for more frequent caching is an effective practice. AIX now enables you to dynamically enable solid-state devices as a read-only cache to easily see performance differentiations for read-intensive workloads. Flash caching will:

• Reduce the latency to reach your frequently accessed data
• Relieve your SAN traffic
• Provide higher throughput using high speed flash technologies
• Require no code changes and can be configured and enabled non-disruptively, attached to either an LPAR or a VIOS

Minimum versions

AIX 7.2 TL0 SP0 / AIX 7.1 TL4 SP2

Hardware requirements

Flash storage / A minimum of 4 GB memory is required for any LPAR that has caching enabled

Explore more about Flash Cache in:

Dynamic System Optimizer (DSO)

Automatically tune software in real time

As system core counts increase, threading options multiply. Virtualization and workload mobility expand those complexities even more.

AIX Dynamic System Optimizer:

• Uses IBM expertise and best practices
• Continually monitors AIX kernel statistics and processor counters - including the POWER processor’s Performance Monitor Unit (PMU)
• Includes the Active System Optimizer function to monitor and tune CPU and memory intensive multi-threaded applications
• Expands ASO functionality by dynamically tuning page sizes and automatically configuring dynamic memory prefetching

Minimum versions

• For IBM POWER8: AIX 7.2 TL0 SP2, AIX 7.1 TL3 SP7
• For POWER7/7+: AIX 7.2, AIX 7.1 TL2 SP0, AIX 6.1 TL8

Hardware requirements

POWER7, POWER7+, POWER8 (In AIX 7.2, DSO is included with the AIX Standard Edition. In AIX 7.1, DSO is available as part of the AIX Enterprise Edition, or may be ordered separately)

Get more information about DSO in:

Active Memory Expansion (AME)

Improve use of physical memory

If you need to free up physical memory on a server, AME can be used to reduce the memory assigned to an LPAR.

Active Memory Expansion:

• Compresses the least used memory pages in conjunction with the hypervisor
• Exploits on-chip compression acceleration in POWER7+ and POWER8 systems
• Estimates the benefit for a particular workload using the amepat (AME Planning and Advisory Tool)

Minimum versions

64K Pages: AIX 7.2 TL1 SP0,
4K Pages: AIX 7.2 TL0 SP0, AIX 7.1 TL0 SP0, AIX 6.1 TL4 SP2

Hardware requirements

64K Pages: POWER8 or higher, managed by an HMC

4K Pages: POWER7 or higher, managed by an HMC

You can enable Active Memory Expansion for a server by selecting the Power Active Memory Expansion Enablement feature code at time of purchase, or by purchasing and entering an activation code on the HMC.

Learn more about AME in the:


Trusted Execution

Verifies and guards the system integrity by limiting allowed executables and kernel extensions, and auditing the state of the system.

AIX Security Expert

Applies level-based profiles controlling over 300 security configuration settings using a system security hardening tool.

Trusted AIX

Ensures confidentiality, integrity, availability and accountability with the right combination of settings selected at time of install.

Common Cryptographic Architecture

Includes PKCS Subsystem and Cryptographic Coprocessor/Accelerator Support.

Role-based Access Control (RBAC) and Lightweight Directory Access Protocol

Provides a framework for granular access control of authorizations, roles and privileges. Databases defining this data can be stored in LDAP.

Pluggable Authentication Modules

Provides admins with a PAM framework to incorporate multiple authentication mechanisms.

Encrypted File Systems (JFS2)

Allows individual users to encrypt their data through user-based keystores.

Auditing Subsystem

Enables the system admin to record security-relevant information, for detecting potential and actual violations of the system security policy.

Binary compatibility

IBM guarantees that your applications built on AIX 5L and AIX V6 will run on current versions AIX 7.1 and AIX 7.2 without recompilation. Also, 32-bit applications using portable programming techniques from AIX V4 and AIX V3.2 or later will be able to run unchanged.

Portable programming techniques:

• Use published interfaces, avoiding code that is processor or AIX release specific.
• Do not use non-shared compiles of AIX-shared libraries.
• Note that features that are explicitly described as non-portable (X11R5 Server Extensions, Locales based on IBM-850 code sets) are non-portable.
• Note that 32-bit kernel extensions, or binaries that rely on them are non-portable.
• Note that existing security library interfaces with long usernames enabled are non-portable.
• Work with a PMR to address any concerns meeting binary compatibility conditions.