z/OS : Update Réunion Guide 29 Septembre 2005 - gsefr. · PDF filez/OS : Update...
Transcript of z/OS : Update Réunion Guide 29 Septembre 2005 - gsefr. · PDF filez/OS : Update...
Systems and Technology Group
© 2005 IBM Corporation
29 Septembre 2005
z/OS : Update
Réunion Guide
Systems and Technology Group
© 2005 IBM Corporation
� z/OS® – the mainframe operating system designed to deliver
– A highly available and security-rich base for integrating applications
– Resources optimized to meet business priorities
– Scalability for data and transaction growth
– Robust and resilient networking
– Business resiliency
� With new directions – Simplifying z/OS management
– Extending z/OS capabilities to help manage your mixed environment
Single platform
Heterogeneous
Integration
Workload management
Business resiliency & security
Heterogeneous enterprise
Virtualization
IT simplification
z/OS – IBM’s flagship mainframe operating systemProviding the difference for On Demand Business
Systems and Technology Group
© 2005 IBM Corporation
Platform Readiness (Technology, Sub-capacity pricing (WLC))
IMS v9
CICSv3
DB2v8
System z9 or zSeries servers & zAAP
NetView ®
v5.2
Integrated Tool Set
WebSphere ®
v6WebSphere
MQ v6
z/OS 1.7 Operating System
� Be positioned for a competitive edge
– Business resiliency
– Security
– Business process integration
– Rapid deployment of enterprise-wide solutions
– Reuse of skills and resources
– Leverage, extend and integrate core applications
Platform readiness …Be ready for the next business opportunity!
zOSSUM070
Systems and Technology Group
© 2005 IBM Corporation
Advances in I/O scale and performance� Improved FICON ® performance
Modified Indirect Data Address Word (MIDAWs)(z/OS 1.6 and z/OS 1.7)
– New system architecture designed to improve FICON performance
– Can improve FICON performance for extended format data sets – including
• DB2 queries, utilities and logs• VSAM, HFS, zFS, PDSE, IMS Fast Path, SAM-E
– Can improve channel utilization– Can improve I/O response times
� Relief for 64K device limit Multiple Subchannel Sets (MSS) (z/OS 1.7)
Up to two-times increase in the number of logical volumes for typical z/OS images
– Each z/OS image can use a second set of subchannels for defining Parallel Access Volumes (PAV) aliases
– Provide an additional 64K subchannels
z/OS Support for z9-109 � z/OS 1.4 and 1.5 - compatibility support
– 60 logical partitions1
– OSA-Express2 CDLC support1
– 63.75K subchannel1
– OSA-Express2 1000BASE-T Ethernet1
� z/OS 1.6 – exploitation – Modified Indirect Addressing (MIDAWs)– Hipersockets support of IPv6– Large send for IPv4 traffic2
– zAAP2
– CPACF enhancements– Crypto Express2 – Single system image – up to 32 engines3
� z/OS 1.7 – further exploitation– Multiple subchannel sets– z/OS 1.7 is planned to support Server Timer
Protocol*– FICON link incident reporting – Wild branch diagnosis support
1 Requires the z/OS V1.4 z990 Exploitation Support Feature or z/OS V1.4 z990 Compatibility Feature – see z/OS 1.7 Migration for more info
2 Also available on z990 and z890 3 Also available on z990
* All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represents goals and objectives only.
Systems and Technology Group
© 2005 IBM Corporation
World-class computing for On Demand Business * All statements regarding IBM future direction and intent are subject to change or
withdrawal without notice, and represents goals and objectives only.
Simplifying z/OS management– Easier to configure with “best practices”
– Simplified networking and network security – New user interface for z/OS management
• Statement of Direction* – planned for 4Q2005
Extending z/OS capabilities and qualities of servic e – Extending z/OS resiliency and security – Further performance optimization for TCP/IP networking – Improved scale with support for large I/O configurations
• Requires System z9-109
– Enhancements for business integration and application security
And more
Planned to be available September 2005
z/OS 1.7 Simplifying z/OS management for new IT professionals while extending z/OS robust capabilities
Systems and Technology Group
© 2005 IBM Corporation
1.8*
1.7
1.6
1.5
1.4
x
x
x
x
x
z800
9/05*1.99/08*xxxx
9/041.89/07*xxxx
x
x
G5/G5Multiprise ®
3000
9/06*1.109/09*xxxx
3/041.83/07*xxxx
9/021.73/07xxxx
Ship Date
Coexists with
End of Servicez900z890z990z9-109
*Plannedz/OS.e – Available for z890 and z800 only
z/OS Support Summary
Systems and Technology Group
© 2005 IBM Corporation
Simplifying z/OS management for the new generation of IT professionals
� Continue to extend the robustness and flexibility of z/OS
� Designed to automate, eliminate and simplify management tasks �z/OS management portal that is easy to use and more familiar
�Can integrate with IBM Tivoli® and other systems management products
�Task-based approach for operations and configuration
� z/OS learning center for new users– Introduces fundamental z/OS concepts and tasks
– Includes tutorials and hands-on exercises
A community project spanning the z/OS platform• Design teams from z/OS, IBM middleware and system management products• Allowing for integration of non-IBM middleware and system management products • Partnering with more than 40 z/OS customers - and growing
Systems and Technology Group
© 2005 IBM Corporation
Simplifying z/OS management – Planned for 2005*Systems management tasks
� Operations:Management console for system health monitoring (Planned for 4Q 2005)
� Configuration:z/OS Health Checker to help configure with best practicesNew in z/OS 1.7: More checks, integrated in z/OS, and new user interface
� Maintenance:SMP/E Internet Service DeliveryCan simplify and automate service acquisition
� Security: RACF® based products to help administer security & monitor compliance– Working with Vanguard Integrity Professionals, Inc. – IBM Tivoli Administration for RACF – lower function alternative
� Networking:z/OS Network Security Configuration Assistant (Planned for Sept. 2005 via Web)
z/OS learning center for new users� New publication: z/OS Basics
– Go to ibm.com /zseries/zos, see “Library”* All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
Systems and Technology Group
© 2005 IBM Corporation
�Simplify z/OS management for the new generation of IT professionals
�Automating, eliminating, and streamlining tasks�Easily upgradeable to OMEGAMON® solutions
Value
�Task-oriented approach with GUI front end� z/OS Health Checker data plus Tivoli Monitoring
Services base capabilities– Expert Advice– Take Action
�Configuration status metrics for z/OS resources displayed using Tivoli Enterprise Portal
– Improved ease-of-use of z/OS management– Value-add upgrades to comprehensive Tivoli
Monitoring Services products
�Planned Capabilities
New product planned to be available in 4Q 2005 for no charge to z/OS customers
Simplifying operations –New z/OS management console* (Planned for 4Q 2005)
* All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
Systems and Technology Group
© 2005 IBM Corporation
Value
• Configuring for best practices– Helping to reduce the skill level– Helping to avoid outages
• Checks against active settings• Notifies when exceptions found • Runs on all supported releases of z/OS
� Integrated as new base function in z/OS 1.7� New SDSF panel to display and control the active
checks– Simplifies working with checks– SDSF provides scroll, search, sort, filtering and
other customization functions– Browse check output
� More checking of z/OS components– Over 50 checks available1
– New checks available in RRS, RACF, Consoles, GRS, RSM, UNIX® System Services
� Framework to support IBM, ISV, and user-written checks
– Checks can be added dynamically
� User-overrides for check defaults
Latest enhancements
1 Majority of these checks are available on prior releases
Simplifying configuration –IBM Health Checker for z/OS
Systems and Technology Group
© 2005 IBM Corporation
Value
�Can simplify and automate service acquisition
�Can help eliminate manual tasks currently required for ordering and delivery of IBM software maintenance
�Can improve availability by helping to ensure current service and service information is readily available
�Allows you to automate ordering and delivery of PTFs and HOLDDATA
�PTFs and HOLDDATA can be processed in the same job step
�Can be triggered with a batch scheduling system (such as IBM Tivoli Workload Scheduler for z/OS) to retrieve service on a regular basis
Latest enhancements
Simplifying software maintenance –SMP/E Internet Service Delivery
Systems and Technology Group
© 2005 IBM Corporation
Simplifying network security management Value
� Define TLS and SSL secure connections without anticipated application changes
� Easier to configure the latest networking security technologies
� Help ensure secure access to z/OS applications and data
� Easier to develop and maintain secure Web applications
� TLS and SSL support designed to be transparent to applications
– Application Transparent TLS for TLS (Transport Layer Security) and SSL (Secure Sockets Layer)
– A new function in z/OS 1.7 Communications Server
– Support for C/C++, HL ASM, COBOL, PL/I, REXX, CICS C socket, and CICS and IMS CALL instructions
� z/OS Network Security Configuration Assistant (z/OS 1.7)
– GUI for simpler and consistent configuration of IPSec and TLS technologies
– Planned to be available Sept. 2005 via Web
Latest enhancements
Systems and Technology Group
© 2005 IBM Corporation
� Vanguard Administrator can help simplifies and enhances RACF security management
� Vanguard Analyzer is designed to assist with security system snapshots or full-scale mainframe security a udits
� Vanguard Enforcer is designed to manage and enforce security policy in z/OS and RACF
� Vanguard Advisor is designed to provide Event Detection, Analysis and Reporting capabilities for z/OS and RA CF
� Vanguard Security Center offers browser-based RACF and DB2 security administration on z/OS
IBM Reseller of Vanguard Solutions
� Complete z/OS RACF security management solution, including administration, integrity auditing, and intrusion detection and management
� Helps organizations comply with security rules and regulations
� Helps reduce the complexities of RACF administration, eliminates user errors, and enforces best practices
Value
Vanguard Security Center
� IBM Tivoli Security Administrator for RACF provides low cost, rapidly deployable RACF management solution
IBM Tivoli
Simplifying security management and complianceIBM is a reseller of Vanguard Integrity Professionals, Inc. products
Systems and Technology Group
© 2005 IBM Corporation
Get user security information with an easy to use display and interface.
This includes enterprise systems using Vanguard’s Integrated Enterprise products.
SecurityCenter is a product of Vanguard Integrity
Professionals, Inc.
IBM is a reseller of Vanguard Integrity
Professionals, Inc . products
SecurityCenter*
Systems and Technology Group
© 2005 IBM Corporation
What’s New!� IBM Tivoli OMEGAMON enhancements
– Combined plex and non plex into single package– Added IBM TotalStorage® DS6000 and DS8000 support– Application correlation to track transactions across systems
� NetView for z/OS v5 enhancements– Real-time capture and formatting of packet traces to help debug IP problems– Automatic intrusion detection– TCP/IP connection management
� System Automation for z/OS v2.3 enhancements– Automated Operations from OMEGAMON– GDPS® interoperation– Integrated SA/Netview setup, SA fencing– WAS V5 precanned support and automation setup
� IBM Tivoli Decision Support for z/OS v1.7– Improved reporting performance, such as service level commitment and
charge back reports– Accounting Workstation option added– IBM DB2 V8 and z/OS 1.5 support
� IBM as a reseller of Vanguard Integrity Professiona ls, Inc. products for simplifying RACF security management and compliance
Other z/OS System Management Offerings
Designed to:� Improve service levels� Decrease problem to resolution time� Help reduce cost of operations
Systems and Technology Group
© 2005 IBM Corporation
Enhanced IP Networking � A reduced need for SNA connections
JES2 NJE support for TCP/IP• Planned for 1Q2006• JES3 support is planned for a future z/OS release*
– Can also improve availability with NJE in a separate address space– Can easily add TLS encryption using Application Transparent TLS
� High availability and optimized performanceSysplex enhancements– Better interaction with network-based load balancers
• z/OS Load Balancing Advisor– Helping direct traffic to systems that are meeting response time goals
• Improved management with WLM and Sysplex Distributor – Simplified configuration of TCP/IP in a sysplex with improved operator commandsData transfer enhancements– Can improve performance for outbound TCP/IP traffic (Rollback to 1.6)
• Supports processing offload to OSA-Express2 • Requires z9-109, z990 or z890 – Large send for IPv4 packets
– Confidence level checking for data transfer (FTP) • Can report on transfers that have completed successfully
� IPv6 support extended to• HiperSockets and Advanced Socket API (1.7) • Sysplex (1.6)
z/OS 1.7
* All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
Systems and Technology Group
© 2005 IBM Corporation
Enterprise Network SecurityHelping to keep your data more secure
� Improved IP Security– Designed to
• Improve scale and performance• Simplify configuration and monitoring
– Integrated in z/OS Communications ServerIP filteringInternet Key Exchange (IKE)Virtual Private Network (VPN)
– Available for z/OS 1.4, 1.5, 1.6 via SPE
� NAT Traversal support (z/OS 1.7)– Designed to allow IPSec protected data to
traverse a NAT device (Uses IETF standard)
� Networking security designed to be transparent to applications (z/OS 1.7)
– Can help reduce development complexity and costs
– Define a TLS or SSL secured connection with no anticipated changes to existing applications
• For both TLS (Transport Layer Security) and SSL (Secure Sockets Layer)
• Support for C/C++, HL ASM, COBOL, PL/I, REXX, CICS sockets, and CICS and IMS CALL instructions
� Simplified configuration for networking security (z /OS 1.7)– z/OS Network Security Configuration Assistant (Web deliverable
planned for Sept. 2005)– GUI for simpler and consistent configuration of the above technologies
z/OS 1.7
Systems and Technology Group
© 2005 IBM Corporation
� Secure encryption facility for z/OS to help protect data shared with partners, suppliers, and customers **
– Designed to leverage z/OS key management and high performance hardware encryption
� Extending user authentication management – Support for mixed-case passwords in RACF, TSO/E, FTP,
CONSOLES, and z/OS UNIX System Services – RACF pass ticket support
� Innovative new technologies– Digital Certificate life-cycle management
• Improvements to z/OS PKI services
– Cryptography• 64-bit cryptography support in ICSF
• AES support for TLS and SSL applications
� Can simplifying RACF administration and compliance management
– Products from Vanguard Integrity Professionals, Inc.
COMMON CRITERIAz/OS 1.6 with RACF is certified at EAL3+ for
- Controlled Access Protection Profile (CAPP) - Labeled Security Protection Profile (LSPP)
z/OS 1.7 with RACF is under evaluation for certification at EAL4
CERTIFICATIONS:
IDENTRUS Public Key Infrastructure (PKI) Services provided by z/OS 1.5 has achieved Identrus compliance.
Security leadership continues z/OS 1.7
Learn more about IBM mainframe security: ibm.com/zseries/security
* All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represents goals and objectives only.
Systems and Technology Group
© 2005 IBM Corporation
z/OS IMAGE32-way single z/OS image� Up to 32 processors in a single
logical partition (z/OS 1.6 and above)
– 32 = central processors + zAAPs– Statement of direction* for >32 way
in future z/OS release
Scale with higher availability� Up to 32 z/OS images in a
Parallel Sysplex® cluster� Scale out
– up to 60 partitions on z9-109(z/OS 1.4 and above)
Largest single z/OS image32 logical processors128 GB Real Memory
256 Channels
* All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
z/OS 1.7
FILE SYSTEMS
Support for larger sequential and EXCP data sets (>64K tracks)
– Larger JES spool, and DFSMShsm™ and DFSMSrmm™ journal data sets
– Also used by: ISPF, SADMP, IPCS, AMASPZAP, DFSMSdss™, and DFSORT™
� More than 255 extents per VSAM component
– Can help reduce out-of-space failures
– Can allow you to reorganize data sets less often
I/O CONFIGURATION
z9-109 enhancements � MIDAW -
Designed to improve FICON performance
(z/OS 1.6,1.7)
� Multiple Subchannel Sets -Relief for 64 K device limit
(z/OS 1.7) – Up to two-times increase
in the number of logical volumes for z/OS images
IBM TotalStorage DS6000 & DS8000 enhancements
� Support for 64 K cylinder volumes
(z/OS 1.4 and above)
zOSSUM_240
Extending Scale and Flexibility
Systems and Technology Group
© 2005 IBM Corporation
z/OS availability – Extending z/OS leadership
� TCP/IP high availability in a sysplex– z/OS Load Balancing Advisor - better interaction with network-based
load balancers (1.7)– Improved management with WLM and Sysplex Distributor (1.7) – Designed for IP Automatic Takeover when IP stack is not healthy (1.6)
� Help reduce the need to IPL– z/OS UNIX System Services dynamic service activation may reduce
the need to IPL – PDSE restartable address space (1.6)
• May reduce the need to re-IPL a system due to a hang, deadlock condition, or out of storage condition� Recovery assistance for catalogs, UNICODE and JES2
– Integrated Catalog Forward Recovery Utility (formerly 5798-DXQ), now incorporated into z/OS – Unicode control block recovery for certain conditions– Extensions to JES2 Checkpoint data recovery
� Business resilience– Improve GDPS options for high volume applications with Extended Remote Copy Plus (XRC+) (1.7)
• Better support for remote mirroring of high volume logging applications (e.g., IMS and CICS)
Today’s Capabilities: Up to 99.999% availability* f or System z9 and zSeries to help avoid planned and unplanned outages
* Note : Based on Parallel Sysplex implementation
z/OS 1.7
Systems and Technology Group
© 2005 IBM Corporation
Leveraging, extending and integrating core applications� Network Security
– Define a TLS or SSL secured connection with no anticipated changes to existing applications 1.7
• New function: Application Transparent TLS• CICS Sockets enhancements
� Easier to specify options for Language Environment ® (LE) – System-level defaults can be set in parmlib 1.7– Application options can be specified in a data set or file 1.7
� UNIX file system for z/OS: zSeries File System (zFS )– zFS can be used as file system root 1.7
• HFS function has been stabilized– Supported by RMF™ to help tune zFS 1.7– Can provide improved performance and availability 1.6
� C/C++ support– XL C/C++ designed for ISO C99 Standard 1.7 – New C/C++ compiler options to exploit z9-109, z990 and z890 1.6
� z/OS UNIX System Services - Easier management– Enhancements to AUTOMOUNT, ConfigHFS, and ISHELL 1.6– New commands supported (clear, uptime) 1.6– Enhancements to superkill command 1.6
z/OS 1.7Integrating applications on z/OS
Systems and Technology Group
© 2005 IBM Corporation
z/OS 1.7 Configuration Considerations: � zSeries File System (zFS) can now be used as the ro ot
– zFS is the strategic z/OS UNIX Systems Services file system. The Hierarchical File System (HFS) has been stabilized.
� Examine JES2 exit routines and modify if needed – Changes have been made to JES2 exit routines due to JES2 structure changes
� Support for the following has been removed:– ISAM data sets– JOBCAT and STEPCAT – JES2 compatibility mode– OS/390® 2.10 C/C++ (ISO C/C++ compiler is still supported)
� 1-byte Console IDs and external interfaces supporting migration consol e IDs have been removed from the WTO, WTOR, and MCSOPER macros; and from operator commands
– Programs compiled using older versions of the macros will continue to work� More flexible ways to specify Language Environment options
– A new parmlib member, CEEPRMxx, can be used to specify Language Environment run-time options for the system
– Can simplify the management of Language Environment options and release to release migration� The optional source materials feature will not be o ffered
See z/OS 1.7 Migration guide for more information.
Reminder: Effective January 15, 2006 the S/390® Service Update Facility (SUF) will be discontinued.
z/OS 1.7
Systems and Technology Group
© 2005 IBM Corporation
z/OS Statements of Direction*IBM intends to
– Deliver an encryption facility for z/OS to help protect data shared with partners, suppliers, and customers
• Designed to leverage z/OS key management and high performance hardware encryption. Targeted for availability in 2005
– Provide a new user interface for z/OS management that is planned to help the new generation of IT professionals
• Planned for 4Q 2005
– Support more than 32 processors in a single logical partition on the z9-109 in the future
– Announce a version of New Application License Charges (NALC) intended to help improve the price/performance of z/OS in certain new workload environments by delivering subcapacity pricing
• Targeted for availability in 2H2006
– Introduce a new system component called z/OS XML System Services(z/OS XML). This component will be designed to provide an optimized set of services for parsing XML documents.
• Planned for a future release of z/OS
Encryption facility
Simplify z/OS management
Increase z/OS scale
Improve price/ performance
Optimize new workloads
z/OS 1.7
* All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.