IBM Systems Magazine, Mainframe - September/October 2010 - 44

Focus on Storage
zations reduce risks, address audit deficiencies, simplify the repurposing of disk drives and entire systems, as well as maintain continuous, reliable access to information. “The good news is we can do all this with no performance penalties and at very low cost with TKLM,” Arnold says. key erases the previous one, and the data becomes unreadable. This protects against a data breach when a drive falls into the wrong hands and can also minimize costs associated by securely erasing all of the information on a system when the lease expires. IBM self-encrypting storage represents the next generation of encryption, with less than 1-percent impact on performance. TKLM is simple to install and configure and requires no application or server changes, so there’s minimal impact to a customer’s environment. When evaluating how to protect data at rest in the storage network, it’s important to encrypt as close as possible to the storage: ideally the disk drives, Arnold says. With selfencrypting drives, the key never leaves the drive, eliminating exposure. “Some of IBM’s competitors in this space are saying you should do this on the host, using host-processor cycles. But there are a lot of problems with that approach: one being it uses the host processor cycles, which are expensive, cause tremendous performance issues and expose the encrypted data on a network,” Arnold says. Arnold adds it’s important to introduce the encryption without operational overhead. “You don’t want to have to manage a key for every user or a key for every storage volume. You want this just to work transparently, reliably, in the background,” he says. “You don’t want the cost to go in and retrofit all sort of stuff on your System z platform, change job control language, or put in new code to intercept database calls, et cetera. All of that is far more complex, far more costly, far more likely to have problems.” Instead, customers are looking at using encryption on the hardware, eliminating performance penalties. TKLM can do that.

KMIP
U!Key Management Interoperability Protocol (KMIP) is a new key-managementto-encryption-client standard from OASIS, an open-source consortium. It creates a common communication method with encryption and key-management systems.
www.oasis-open.org

;234Ã:VS]LZÃ7YVISLTZ
Now securing data automatically against theft or loss can be achieved with the simplest, most secure encryption and key management. Self-encrypting drives encrypt data as it’s written and decrypt data as it’s read. When initially deployed in the disk system and powered on for the first time, each drive is authenticated with the key-management server and only then can data be written and read. IBM’s full-disk encryption model protects data when drives are physically removed from the storage system or even when the storage system is powered down. When this happens, the drives are unreadable and must re-authenticate with the key-management server to become readable again. Furthermore, a self-encrypting drive can be used to perform a virtual secure erase of the drive, meaning the data is completely and permanently erased. With TKLM, customers can change the encryption key assigned to any drive in a matter of seconds without the help of a third-party vendor. Changing the encryption

;OLÃ>H`Ã[VÃ.V
TKLM is designed to provide exceptional client value because it helps reduce encryption-management costs related to setup, use and expiration of encryption keys. It helps ensure against loss of information due to key mismanagement. “We think encryption is going to be everywhere and it will require t h is st andard to manage, but System z customers should know they’re going to be fully supported and be able to manage all their security from their System z platform,” Arnold says. He adds competitors will come knocking with schemes to move off the IBM mainframe and use their appliances instead, wasting the time, energy, expertise and investment. “Customers who’ve made the investment with IBM have the most secure, highly available platform,” Arnold says. “They don’t need to move to anything else because they have everything they need.”

Tami DeedrickÃPZÃ[OLÃ

THUHNPUNÃLKP[VYÃVMÃ 0)4Ã:`Z[LTZÃ4HNHaPULÃ 7V^LYÃ:`Z[LTZÃLKP[PVU!Ã

44

SEPTEMBER /OCTOBER 2010

ibmsystemsmag.com/mainframe


http://www.oasis-open.org http://www.ibmsystemsmag.com/mainstream

IBM Systems Magazine, Mainframe - September/October 2010

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe - September/October 2010

IBM Systems Magazine, Mainframe - September/October 2010
Contents
Editor's Desk:  Not So Secret Sauce
Dashboard:  Find an Extra Day
Think Smarter:  Competing Takes Equal Parts Growth and Restraint
Data Display:  Privacy:  Who Do You Trust?
Insider:  Untangling the Web of Processes and Technology
Trends:  System z as the Hub of a Workload-Optimized, Business Analytics Systems
Case Study: A Merger Made Easy" EmblemHealth Saves Money By Easing into an In-Sourced Computing Model
Expanding Beyond Borders:  IBM zEnterprise Systems Announcement Delivers a New Dimension in Computing.
Reducing Complexity:  The Next-Generation System z Server Is More Than Just a Fast, Scalable Solution
Focus on Storage:  IBM Tivoli Key Lifecycle Manager Solves Security Problems and Meets New Standards
Administrator:  z/OS Management Facility V1.12 Includes New Workload-Management and Resource-Monitoring Functionality
Developer: pureXML Extends Availability and Scalability to DB2 for z/OS
Solutions
Advertisers' Index
Stop Run:  IBM Cooling Expert Roger Schmidt Says the Positioning of Machines Matters
2011 Mainframe Buyer's Guide
IBM Systems Magazine, Mainframe - September/October 2010 - IBM Systems Magazine, Mainframe - September/October 2010
IBM Systems Magazine, Mainframe - September/October 2010 - Cover2
IBM Systems Magazine, Mainframe - September/October 2010 - 1
IBM Systems Magazine, Mainframe - September/October 2010 - Contents
IBM Systems Magazine, Mainframe - September/October 2010 - 3
IBM Systems Magazine, Mainframe - September/October 2010 - 4
IBM Systems Magazine, Mainframe - September/October 2010 - 5
IBM Systems Magazine, Mainframe - September/October 2010 - 6
IBM Systems Magazine, Mainframe - September/October 2010 - 7
IBM Systems Magazine, Mainframe - September/October 2010 - 8
IBM Systems Magazine, Mainframe - September/October 2010 - 9
IBM Systems Magazine, Mainframe - September/October 2010 - Editor's Desk:  Not So Secret Sauce
IBM Systems Magazine, Mainframe - September/October 2010 - 11
IBM Systems Magazine, Mainframe - September/October 2010 - Dashboard:  Find an Extra Day
IBM Systems Magazine, Mainframe - September/October 2010 - 13
IBM Systems Magazine, Mainframe - September/October 2010 - 14
IBM Systems Magazine, Mainframe - September/October 2010 - 15
IBM Systems Magazine, Mainframe - September/October 2010 - Think Smarter:  Competing Takes Equal Parts Growth and Restraint
IBM Systems Magazine, Mainframe - September/October 2010 - 17
IBM Systems Magazine, Mainframe - September/October 2010 - 18
IBM Systems Magazine, Mainframe - September/October 2010 - 19
IBM Systems Magazine, Mainframe - September/October 2010 - Data Display:  Privacy:  Who Do You Trust?
IBM Systems Magazine, Mainframe - September/October 2010 - 21
IBM Systems Magazine, Mainframe - September/October 2010 - Insider:  Untangling the Web of Processes and Technology
IBM Systems Magazine, Mainframe - September/October 2010 - 22A
IBM Systems Magazine, Mainframe - September/October 2010 - 22B
IBM Systems Magazine, Mainframe - September/October 2010 - 23
IBM Systems Magazine, Mainframe - September/October 2010 - 24
IBM Systems Magazine, Mainframe - September/October 2010 - 25
IBM Systems Magazine, Mainframe - September/October 2010 - Trends:  System z as the Hub of a Workload-Optimized, Business Analytics Systems
IBM Systems Magazine, Mainframe - September/October 2010 - 27
IBM Systems Magazine, Mainframe - September/October 2010 - 28
IBM Systems Magazine, Mainframe - September/October 2010 - 29
IBM Systems Magazine, Mainframe - September/October 2010 - Case Study: A Merger Made Easy" EmblemHealth Saves Money By Easing into an In-Sourced Computing Model
IBM Systems Magazine, Mainframe - September/October 2010 - 31
IBM Systems Magazine, Mainframe - September/October 2010 - 32
IBM Systems Magazine, Mainframe - September/October 2010 - 33
IBM Systems Magazine, Mainframe - September/October 2010 - Expanding Beyond Borders:  IBM zEnterprise Systems Announcement Delivers a New Dimension in Computing.
IBM Systems Magazine, Mainframe - September/October 2010 - 35
IBM Systems Magazine, Mainframe - September/October 2010 - 36
IBM Systems Magazine, Mainframe - September/October 2010 - 37
IBM Systems Magazine, Mainframe - September/October 2010 - Reducing Complexity:  The Next-Generation System z Server Is More Than Just a Fast, Scalable Solution
IBM Systems Magazine, Mainframe - September/October 2010 - 39
IBM Systems Magazine, Mainframe - September/October 2010 - 40
IBM Systems Magazine, Mainframe - September/October 2010 - 41
IBM Systems Magazine, Mainframe - September/October 2010 - Focus on Storage:  IBM Tivoli Key Lifecycle Manager Solves Security Problems and Meets New Standards
IBM Systems Magazine, Mainframe - September/October 2010 - 43
IBM Systems Magazine, Mainframe - September/October 2010 - 44
IBM Systems Magazine, Mainframe - September/October 2010 - 45
IBM Systems Magazine, Mainframe - September/October 2010 - Administrator:  z/OS Management Facility V1.12 Includes New Workload-Management and Resource-Monitoring Functionality
IBM Systems Magazine, Mainframe - September/October 2010 - 47
IBM Systems Magazine, Mainframe - September/October 2010 - 48
IBM Systems Magazine, Mainframe - September/October 2010 - 49
IBM Systems Magazine, Mainframe - September/October 2010 - Developer: pureXML Extends Availability and Scalability to DB2 for z/OS
IBM Systems Magazine, Mainframe - September/October 2010 - 51
IBM Systems Magazine, Mainframe - September/October 2010 - 52
IBM Systems Magazine, Mainframe - September/October 2010 - 53
IBM Systems Magazine, Mainframe - September/October 2010 - Solutions
IBM Systems Magazine, Mainframe - September/October 2010 - Advertisers' Index
IBM Systems Magazine, Mainframe - September/October 2010 - Stop Run:  IBM Cooling Expert Roger Schmidt Says the Positioning of Machines Matters
IBM Systems Magazine, Mainframe - September/October 2010 - Cover3
IBM Systems Magazine, Mainframe - September/October 2010 - Cover4
IBM Systems Magazine, Mainframe - September/October 2010 - 2011 Mainframe Buyer's Guide
IBM Systems Magazine, Mainframe - September/October 2010 - BG-2
IBM Systems Magazine, Mainframe - September/October 2010 - BG-3
IBM Systems Magazine, Mainframe - September/October 2010 - BG-4
IBM Systems Magazine, Mainframe - September/October 2010 - BG-5
IBM Systems Magazine, Mainframe - September/October 2010 - FBG-6
IBM Systems Magazine, Mainframe - September/October 2010 - BG-7
IBM Systems Magazine, Mainframe - September/October 2010 - BG-8
IBM Systems Magazine, Mainframe - September/October 2010 - BG-9
IBM Systems Magazine, Mainframe - September/October 2010 - BG-10
IBM Systems Magazine, Mainframe - September/October 2010 - BG-11
IBM Systems Magazine, Mainframe - September/October 2010 - BG-12
IBM Systems Magazine, Mainframe - September/October 2010 - BG-13
IBM Systems Magazine, Mainframe - September/October 2010 - BG-14
IBM Systems Magazine, Mainframe - September/October 2010 - BG-15
IBM Systems Magazine, Mainframe - September/October 2010 - BG-16
IBM Systems Magazine, Mainframe - September/October 2010 - BG-17
IBM Systems Magazine, Mainframe - September/October 2010 - BG-18
IBM Systems Magazine, Mainframe - September/October 2010 - BG-19
IBM Systems Magazine, Mainframe - September/October 2010 - BG-20
IBM Systems Magazine, Mainframe - September/October 2010 - BG-21
IBM Systems Magazine, Mainframe - September/October 2010 - BG-22
IBM Systems Magazine, Mainframe - September/October 2010 - BG-23
IBM Systems Magazine, Mainframe - September/October 2010 - BG-24
IBM Systems Magazine, Mainframe - September/October 2010 - BG-25
IBM Systems Magazine, Mainframe - September/October 2010 - BG-26
IBM Systems Magazine, Mainframe - September/October 2010 - BG-27
IBM Systems Magazine, Mainframe - September/October 2010 - BG-28
IBM Systems Magazine, Mainframe - September/October 2010 - BG-29
IBM Systems Magazine, Mainframe - September/October 2010 - BG-30
IBM Systems Magazine, Mainframe - September/October 2010 - BG-31
IBM Systems Magazine, Mainframe - September/October 2010 - BG-32
IBM Systems Magazine, Mainframe - September/October 2010 - 95
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200910
http://www.ibmsystemsmagmainframedigital.com/mspcomm/ibmsystemsmag/ibmsystems_mainframe_20200708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20200102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2020mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
https://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
https://www.nxtbookmedia.com