Why Unisys and MISER? Steve Koss Distinguished Engineer and Chief Architect ClearPath MCP Program Office CNBC – 9/14/09 – All Stars © 2012 Unisys Corporation. All rights reserved. 2 ClearPath MCP Libra Series / FS Series / VSE Series Large server (multi-processor systems) Gold Award Winner Vertical Optimized Servers. Banking Financial Services is 60% of MCP Business FS Series Telephony Over 140 million voicemail subscribers VSE Series © 2012 Unisys Corporation. All rights reserved. 4 ClearPath MCP: World Class Customers. Commercial Communications 11% 20% 67% 2% Financial Public Sector © 2012 Unisys Corporation. All rights reserved. 5 MCP Mainframe Attributes Are Crucial. • Security The time between unplanned outages in ClearPath MCP is measured in years • Data Integrity • High Reliability • High availability • Scalability Mainframe attributes inbuilt Architecture Hardware Software Operations • Highly integrated software • High capacity Functionally Superior • Resiliency • Manageability Mission Critical Ultra High Volume Transactions • Serviceability • Best IT Value © 2012 Unisys Corporation. All rights reserved. 6 Why FIS runs MISER on the ClearPath MCP Platform • Application Compatibility • Scalability • Security • Enterprise Class Database • Availability • Support • Integration © 2012 Unisys Corporation. All rights reserved. 7 • • • • • • • Application Compatibility Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • MCP Systems – Designed to run Multiple Diverse Workloads without conflict. – Applications can run together generally without any concern. – Applications can move from release to release without change. • Windows / Unix – Typically geared for Single Application Servers – Or Multiple Tiered Servers for a Single Application – Third Party Support is often restricted if Application isn’t on its own server – Why? • Application conflicts (Windows DLL Hell) • Deteriorating performance as Utilization increases • Target 30% © 2012 Unisys Corporation. All rights reserved. 8 • • • • • • • Why? Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • MCP has Coordinated Software Release – IOE – Single Source for Key Components – OS (MCP) / Database (DMSII) / Transaction Manager (COMS) / Environmental Software (Compilers, Utilities) – Unix – OS, Transaction Manager, and Database sourced from separate vendors • MCP uses Scale Up for Scalability – Designed for many concurrent users – Applications can run together generally without any concern – Real Utilization can reach mid 90% mark – Can run at 100% Utilization without issue. • Other Systems – Deteriorating performance as Utilization increases – Clustering for Scalability adds complexity and overhead © 2012 Unisys Corporation. All rights reserved. 9 • • • • • • • MCP Architecture – Scalability Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration The same code runs from laptop to the largest MCP server. FS 1800 FS 4100 500/1,000 MIPS Metering 300/2100 MIPS Metering FS 1750 225/1000 MIPS LX-170 LAPTOP (single user) 40 MIPS © 2012 Unisys Corporation. All rights reserved. 10 Security Second to None. • • • • • • • Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • Secure by design – Comprehensive protection against unauthorized access of all resources – Immune to buffer overflow exploits – No Viruses, EVER! • Comprehensive logging and auditing • Protects data confidentiality and integrity • “The design and implementation of – Protects workloads against each other mainstream operating systems could – File and database security be improved greatly by examining – Encryption for data in transit or in storage the security engineering decisions that were made while developing the Ensures system and data ClearPath MCP environment.” availability – Platform stability minimizes downtime – Thwarts denial of service attacks ClearPath MCP Security Assessment Client Facing Document © 2012 Unisys Corporation. All rights reserved. 11 Independent Security Analysis MCP Operating System The Master Control Program, or MCP, operating system provides the basis for the upper layers of software which provide application functionality. The MCP operating system has been designed to support missioncritical environments, and supports a rich system security model, high-volume transaction processing, high availability, and interoperability with modern networking standards and protocols. As a mainframe system, other features of the system include scalability, high capacity, data integration, and good manageability. The MCP operating system was developed for use specifically for the ClearPath hardware architecture. It was developed primarily in the ALGOL and NEWP programming language, with a security-aware compiler suite that provides system programmers with protections against common security bugs such as buffer overruns and memory allocation problems. The system enforces memory protection, for each word of memory, by assigning tags to the memory location that describe the types of operations allowed for that particular piece of memory. This protection exceeds the current state-of-the-art in systems designed to meet the needs of the commodity computing market. The MCP operating environment also provides security protections by using trusted program compilers. These programs, necessary to create new programs make the creation of unsafe code much more difficult than the typical compilers found on widespread operating systems such as Microsoft Windows or UNIX. The system ensures that any programming bugs are very difficult for would-be attackers to exploit using any of the traditional methods for compromising computer systems. Symantec consultants analyzed the system from the perspective of an attacker and applied the traditional exploitation method to the MCP environment without success. “ClearPath MCP Security Assessment Client Facing Document” © 2012 Unisys Corporation. All rights reserved. 12 Security – Authentication • • • • • • • Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • Multiple Authentication Styles Supported – – – – Usercode / Password NTLM NTLMv2 Kerberos (Win2K Domain) • Policy Based Security • Managed via: – Batch Interface – Command Line Interface – Graphical Interface (MMC) © 2012 Unisys Corporation. All rights reserved. 13 ClearPath: Setting the Standard for Security Operating System Number of Vulnerabilities Date of Last Vulnerability Compromised User Data Unisys ClearPath MCP 1 12/31/2002 No IBM zSeries 18 11/11/2011 Yes IBM iSeries 19* 06/11/2009 Yes OpenVMS 31 11/26/2011 Yes HP-UX 318 01/04/2012 Yes AIX 336 02/06/2012 Yes Unix 625 02/07/2012 Yes Windows 2952 02/17/2012 Yes Linux 3654 02/16/2012 Yes Data taken 02/20/12 *1 disputed © 2012 Unisys Corporation. All rights reserved. 14 • • • • • • • MISER Database Architecture Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • Unisys Database Management System (DMSII) for MISER Core – – – – – – – – – Enterprise Quality Transaction-Oriented DataBase Server Audited database: Tape or Disk Rebuild or Rollback to any point in time thru the Audits Dynamic population increase Storage requirements typically 1/5 or less when compared to Oracle or Microsoft SQL Server equivalents Database can be backed up at anytime (Online) Online Reorganization Limited “Tuning” required Minimal downtime for Software Updates and Upgrades • SQL Server Database for Business Intelligence – Kept in sync with MCP Database via Integration Technology – Designed for easy ad hoc queries. © 2012 Unisys Corporation. All rights reserved. 15 • • • • • • • Availability: Minimal System downtime Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • MCP Rapid Software Update/Upgrade Time – – – – Typically done in Hours, vs. Days or weeks Can even be done with no user visible downtime. Support for mix and match between releases Application and Environmental software will run • One Release Back, Two Releases Forward • Ex: Average Oracle Database upgrade time – 35.2 Hours Average Microsoft SQL Server upgrade time – 24.8 Hours Downtime per year: Oracle: 27.5 hours unplanned (99.69%), 61.2 hours planned SQL Server: 30.9 hours unplanned (99.65%), 72.0 hours planned Microsoft SQL Server vs. Oracle Database: A Comparative TCA Study - Alinean Inc, May 2006 • Ex: Windows Software Compatibility Issue – Upgrading to new versions of Windows or Service Packs are often delayed due to software incompatibility © 2012 Unisys Corporation. All rights reserved. 16 Support • • • • • • • Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • MCP – – – – Defined support policy with User specified priority Process for escalation and immediate service Goal: Fix your problem Strong relationship between Unisys and FIS • Ex: Microsoft Windows – Multiple Levels Of Support – Limited on the number of Bugs, Hours Support – Goal: Provide a workaround © 2012 Unisys Corporation. All rights reserved. 17 Integration © 2012 Unisys Corporation. All rights reserved. 18 • • • • • • • Integration with Everything. Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • MCP Integration is Technology Agnostic – Windows, Unix, Linux – .NET, J2EE – Web Services, Message Queuing, Tuxedo • Windows, Unix, Linux each have their own preferred infrastructure • Although they recognize inter-play is becoming important. © 2012 Unisys Corporation. All rights reserved. 19 Development Choices. • No one answer is right for all application or even application components • Multiple Layers to Produce a single application • Multiple system may even be used. Application Components Presentation Workflow Business Transaction Database Definition © 2012 Unisys Corporation. All rights reserved. 20 Development Language. • Language Fads: – Fortran / Cobol / Pascal / C / Ada / C++ / Java – 4GL’s and Application Builders • Choose a language based on needs and skills • COBOL is good for Business Transaction • But COBOL is not the best for presentation • Java/C++ is more complex for Business Transactions • Every language can be made to work © 2012 Unisys Corporation. All rights reserved. 21 Is Cobol Dead? • $2 Trillion in total investment in COBOL • There are over 200 billion lines of COBOL code in use today (Total 310 billion lines of software – COBOL = 65%) • Five billion lines of new COBOL code are written every year • 15% of new applications are written in COBOL • 34% of coding activities are in COBOL • 80% of daily transaction are processed by COBOL • 70% of mission critical apps written in COBOL • 70% of the world's business data resides on mainframes www.eweek.com 9-21-09 © 2012 Unisys Corporation. All rights reserved. 22 COBOL Today • COBOL focuses on writing the business transactions • Tools for creating COBOL programs on ClearPath – – – – Programmer Workbench – Visual Studio Like Editing Eclipse Plug-in Integrated, Interactive Debugging Source Control Tools © 2012 Unisys Corporation. All rights reserved. 23 Development Choices. Application Components Presentation Workflow Java | Windows J2EE | .NET Business Transaction Database Definition COBOL © 2012 Unisys Corporation. All rights reserved. 24 • • • • • • • Why MISER uses Cobol and MCP Application Compatibility Scalability Security Enterprise Class Database Availability Support Integration • Decades of code validation, building on a strong foundation • Resilient Transaction-oriented Database • Tight integration with other environments like Windows – Business logic can be in COBOL and use Unisys tools – Integration / Presentation can in done using Windows tools • Secure Platform • Minimal System Management • Fast Updates / Upgrades • 1 set of code for small and large users, now and in the future • No need to migrate the core periodically – – – – Source code written for MCP can run for decades unchanged C C++ C#, ASP ASP.NET, Windows 2000 Windows 2003 … Java 1.4 Java 5.0, Oracle 9i Oracle 10g Industry experience shows these have been large migration efforts © 2012 Unisys Corporation. All rights reserved. 25 The New Data Center Architecture ClearPath Forward What does the future hold for ClearPath? • The NextGen strategic vision has been delivered and will provide new levels of technology over the next several years FS 4100 Application Workload MCP Specialty Specialty Specialty Engine Engine Engine s-ParTM (Secure Partitioning) Unisys Intel Platform • ClearPath Forward establishes an expanded strategic Data Center vision. Leveraging the Next Generation architecture, it will enable an enriched foundation to sustain ClearPath growth indefinitely © 2012 Unisys Corporation. All rights reserved. 27 ClearPath Forward An expanded investment direction • Concurrent support for multiple operating environments including MCP, Windows and Linux • Enterprise-class attributes enabled for non-ClearPath environments • “Single pane of glass” management across all supported operating environments • Expanded array of development technologies • A dynamic, cloud like environment that can comprise multiple processing elements to establish a ClearPath Forward platform managed as a single entity, enabling transparent provisioning of hardware and software resources ….Contemporary, modernization enablement technology delivering real business value Agile, Economical, Contemporary, Mission-Critical Computing © 2012 Unisys Corporation. All rights reserved. 28 ClearPath Forward The Vision © 2012 Unisys Corporation. All rights reserved. 29 ClearPath Forward Platform New Data Center Vision ClearPath Attributes ClearPath NextGen ClearPath Forward Application Workload Any Application Workload MCP ClearPath MCP ClearPath MCP Secure Partition Secure Partition Secure Partition MCP Specialty Specialty Engine Engine Windows Windows Linux Linux ClearPath Attributes ClearPath Forward Services s-Par s-Par Unisys Intel Platform Unisys Intel Platform Extend ClearPath core attributes to other operating environments ClearPath Forward Mission-critical Platform Vision • Solutions platform, leveraging ClearPath attributes across operating environments - Enables integration to deliver composite applications - Simplifies delivery and administration - Ability to host multiple MCP operating environments concurrently • New opportunities to expand mission-critical environments within the data center © 2012 Unisys Corporation. All rights reserved. 30 Questions? © 2012 Unisys Corporation. All rights reserved. 31