Mainframe modernization via Service-Oriented Architecture (SOA) and other means introduces certain risks to the quality and accuracy of data. Even though the mainframe has the most durable protections in the industry, necessary integration with small platform systems—to provide user productivity interfaces—opens the door to “man-in-the-middle” attacks and other threats far beyond those contemplated in the system’s initial design.
Market needs for improved operational efficiency and quicker time-to-market compel modernization in all its forms, particularly through Web application integration. IBM clearly recognizes this, as demonstrated in the recent release of the Solution Edition for the IBM System z Enterprise Linux Server. This offering provides a System z10 with no z/OS running on it, simply z/VM with Novell SUSE or Red Hat guests. The fact IBM is packaging a mainframe without its flagship operating system shows that the mainframe is now just another server in your data center, with all the network connectivity, integration points, and risks of any other server.
Twenty years ago, the mainframe was liquid-cooled and sat on a raised floor in the data center, physically protected by a series of badge readers with a limited network and well-defined 3270 endpoints. Now, the air-cooled mainframe can sit on a non-raised floor, serving Web pages to anyone on the Internet, anywhere. In fact, increasingly more organizations are using the mainframe for that purpose since it remains superior in regard to Reliability, Availability, and Serviceability (RAS). It also offers efficiencies in power and workload management compared to smaller platforms.
SOA provides a framework for distributed applications provisioned from the mainframe. No longer are strategic applications wholly resident in the protected application space of the traditional mainframe processing environment. Today, applications based on services rely on the Internet, or the internal network of an organization, for access to functions that once were contained in the boundaries of a single machine-resident application. This change moves access to applications beyond the data center or organizational perimeter and globally extends processing capability through the spectrum of public, private, and hybrid clouds.
Cloud Computing and the Mainframe
Cloud computing is a much-discussed concept today; those most experienced and familiar with the mainframe can be justifiably skeptical that this concept is new. It seems more like a variation of something that has long existed in mainframe computing. For example, virtualization isn’t new; it has been around on the mainframe since the late ’60s. Cloud computing is more of an evolutionary rather than revolutionary change, despite what some pundits might say.
Mainframe modernization, however, is likely to play a big role in cloud computing, as the mainframe already performs many of the services required by effective cloud computing:
- Software as a Service (SaaS): The application is hosted on the mainframe. CICS has been doing this for years. In today’s paradigm, SaaS usually refers to applications delivered through a browser, which the mainframe serves via WebSphere on z/OS or Linux on System z.
- Infrastructure as a Service (IaaS): A virtual server and storage are provided in a hosted environment, much like you find with guests on z/VM. This is a common use case with z/OS and Linux.
- Platform as a Service (PaaS): Desktop or server images are provided remotely. As with the previous examples, this concept dates to the early ’70s mainframe-shared computing. PaaS typically includes the development, testing, deployment, and hosting of the service; in contemporary terms, it includes development, testing, and deployment over the Web, again through z/OS and Linux on System z.
Different Kinds of Clouds and the Mainframe
How services are provided, and by whom, defines the type of cloud that’s being used: public, private, or hybrid.
Public cloud: A public cloud is where services are provided outside the organization, hosted by the data center of a third party, on infrastructure that’s almost always shared by other customers. The services provider gains economies of scale that translate into reduced costs to customers, albeit with reduced direct control.