With recent growth in IBM's business that hosts mainframe computers and the release of z/OS V2.5, users will be eager to learn and use the latest features of the release to their advantage in the hybrid cloud environment to drive their own business growth.
During SHARE Virtual Summit 2021, Gary Puchkoff, senior technical staff member for z/OS architecture and development at IBM, revealed what exactly users can look forward to in IBM z/OS V2.5. He explained that the main features of the release focus on OS management simplification, workload enablement, intelligent resiliency, and Cyber Threat Secure Z. In terms of the first two, z/OS V2.5 ensures easier installation and management by administrators and developers without the need for special skills to increase system agility, which is particularly true for hybrid cloud and artificial intelligence applications.
OS Management Simplification
Puchkoff said that IBM strives to bring a browser-based ecosystem to z/OS management that is consistent with what developers and administrators see in other platforms, and to ensure that applications are task oriented and require reduced effort by offering solutions that rely less on Assembler skills but support higher-level language extensions. To that end, the z/OSMF desktop view replaces the TAB UI, allowing users to group items, such as data sets, into folders, as well as the ability to search files and data sets, browse jobs, and use syntax highlighting to enhance usability.
This also includes Type Ahead Search that calls up potential matches for data sets as users type and Create Data Set, which allows users to create new data sets such as partitioned or sequential data sets based on an existing data set, a predefined template, or fully specified attributes. All of these capabilities are on the z/OSMF desktop. For Sysplex Management, users can edit policies in bulk and modify the Coupling Facility configuration.
In his session, Puchkoff highlighted V2.5's UNIX application enablement and standards, cross-platform and cloud interoperability in terms of communication and file systems, programming support, container extension (zCX) adoption items, and running LE applications and programs in 64-bit memory space as key to workload enablement.
With workloads increasing, for instance, V2.5 enables DFSORT and Db2 in z/OS to exploit the SORTL instruction of the Integrated Accelerator for Z Sort, which is standard on the z15, according to IBM. By providing one sort accelerator per core, frequently used functions can be accelerated to help speed up sorting, shorten batch windows, and improve select database functions such as reorganization. IBM Z Batch Network Analyzer aims to provide support for Integrated Accelerator for Z Sort in z/OS V2.5, with the application DFSORT Z Sort, to quickly identify DFSORT-eligible candidates and estimate z15 benefits using data from the current environment without requiring a z15. Puchkoff cited early research that suggests the new Z Sort for DFSORT can reduce elapsed time for in-memory sort jobs by up to 30% and CPU time by up to 40% for large-format data sets with record lengths up to 500 bytes.
Additionally, z/OS Container Extensions, which offer businesses the capability of running Linux on IBM Z software directly in z/OS, will have enhanced capabilities to support single instruction in multiple data processes, the maximum number of containers supported will rise to 1,000 per zCX server, and guest's memory will be configurable up to 1 TB. Moreover, V2.5 will be enhanced with the z/OS Communication Server's OSA-Express Inbound Workload Queueing to add a new input queue for zCX network traffic, allowing zCX traffic to be separated from native z/OS traffic and provide an optimal Communications Server processing environment for zCX traffic, according to IBM.
For intelligent resiliency, he pointed to V2.5's remote pair FlashCopy support, anomaly mitigation, Parallel Sysplex resiliency, and z15 system recovery boost use cases. In terms of Parallel Sysplex resiliency, V2.5 offers the following:
- Improvements to data resiliency through improved cloud tiering and backup and restore of data to mitigate against data loss or corruption
- New System Recovery Boost support to provide additional capacity to power you through sysplex recovery activities
- Enhancements to quickly identify anomalous behavior as it occurs, and provide information to expedite root-cause analysis and corrective actions to be taken
Puchkoff adds that RunTime Diagnostics (RTD) will collect information about high CPU events and different symptoms of bad behavior on z/OS, along with predictive failure analysis (similar to machine learning) to determine if the system is reaching a limit. Customers are advised to run the report from RTD to help pinpoint areas of the system that may be causing behavior issues.
Cyber Threat Secure Z
For cyber threats and resiliency, V2.5 offers heightened application availability, automated detection, and mitigation procedures to ensure a more secure and resilient environment. Resilience, he said, could be achieved in half the time, and security architects can readily exceed regulatory compliance requirements with the help of Cyber Threat Secure Z.
In terms of Cyber Threat Secure Z, V2.5 provides simplified compliance with system hardening, offers digital certificate simplification, network encryption enforcement, pervasive encryption simplification, and more. For example, the latest release adds a number of new health checks to Resource Access Control Facility (RACF) to enhance client security. Among those new health checks are ensuring that all data sets are protected by RACF, by implementing the SETROPTS PROTECTALL(FAILURES) option; residual information is erased when data sets are deleted, by implementing the SETROPTS ERASE(ALL) option; and PassTicket keys are encrypted and stored in the Integrated Cryptographic Service Facility (ICSF).
To run V2.5, IBM recommends businesses have one of the following servers: IBM z15 Models T01 and T02, IBM z14 Models M01-M05, IBM z14 Model ZR1, IBM z13, and IBM z13s. Those running z/VM should note that z/VM must be at V7.1 or later. V2.5 is also the last release of z/OS to include JES3 and BDT (Bulk Data Transfer). V2.5 also is the last release to include JES3.
Updates for the ICSF include updates to the key data sets to enable storage of larger keys, such as the Dilithium algorithm asymmetric keys; improved capability to audit the age and key rotation policies associated with CEX master keys; new SAF protections for elliptic-curve cryptography keys; the capability to limit the use of archived keys to decryption operations; and, additional hardware exploitation for certain SSL/TLS ciphers
The z/OS V2.5 release is chock full of enhancements to improve not only performance and scalability, but also security and resiliency. Businesses working in hybrid cloud environments will find many of the changes improve workflow efficiencies.
If you are a registered attendee of SHARE Virtual Summit 2021 and missed Puchkoff’s session, access this and other session recordings now through June 30 via the Attendee Portal Session Files.