Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Why Unisys and MISER?

Why Unisys and MISER?
Steve Koss
Distinguished Engineer and Chief Architect
ClearPath MCP Program Office
CNBC – 9/14/09 – All Stars
© 2012 Unisys Corporation. All rights reserved.
2
ClearPath MCP
Libra Series / FS Series / VSE Series
Large server
(multi-processor systems)
Gold Award Winner
Vertical Optimized Servers.
Banking
Financial
Services is
60% of MCP
Business
FS Series
Telephony
Over 140
million
voicemail
subscribers
VSE Series
© 2012 Unisys Corporation. All rights reserved.
4
ClearPath MCP: World Class Customers.
Commercial
Communications
11%
20%
67%
2%
Financial
Public Sector
© 2012 Unisys Corporation. All rights reserved.
5
MCP Mainframe Attributes Are Crucial.
• Security
The time between
unplanned outages in
ClearPath MCP is
measured in years
• Data Integrity
• High Reliability
• High availability
• Scalability
Mainframe
attributes inbuilt
 Architecture
 Hardware
 Software
 Operations
• Highly integrated software
• High capacity
Functionally
Superior
• Resiliency
• Manageability
 Mission Critical
 Ultra High
Volume
Transactions
• Serviceability
• Best IT Value
© 2012 Unisys Corporation. All rights reserved.
6
Why FIS runs MISER on the
ClearPath MCP Platform
• Application Compatibility
• Scalability
• Security
• Enterprise Class Database
• Availability
• Support
• Integration
© 2012 Unisys Corporation. All rights reserved.
7
•
•
•
•
•
•
•
Application Compatibility
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• MCP Systems
– Designed to run Multiple Diverse Workloads without conflict.
– Applications can run together generally without any concern.
– Applications can move from release to release without change.
• Windows / Unix
– Typically geared for Single Application Servers
– Or Multiple Tiered Servers for a Single Application
– Third Party Support is often restricted if Application isn’t on its
own server
– Why?
• Application conflicts (Windows DLL Hell)
• Deteriorating performance as Utilization increases
• Target 30%
© 2012 Unisys Corporation. All rights reserved.
8
•
•
•
•
•
•
•
Why?
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• MCP has Coordinated Software Release – IOE
– Single Source for Key Components – OS (MCP) / Database (DMSII) /
Transaction Manager (COMS) / Environmental Software (Compilers,
Utilities)
– Unix – OS, Transaction Manager, and Database sourced from separate
vendors
• MCP uses Scale Up for Scalability – Designed for many concurrent
users
– Applications can run together generally without any concern
– Real Utilization can reach mid 90% mark
– Can run at 100% Utilization without issue.
• Other Systems
– Deteriorating performance as Utilization increases
– Clustering for Scalability adds complexity and overhead
© 2012 Unisys Corporation. All rights reserved.
9
•
•
•
•
•
•
•
MCP Architecture – Scalability
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
The same code runs from
laptop to the largest MCP
server.
FS 1800
FS 4100
500/1,000 MIPS
Metering
300/2100 MIPS
Metering
FS 1750
225/1000 MIPS
LX-170
LAPTOP
(single user)
40 MIPS
© 2012 Unisys Corporation. All rights reserved.
10
Security Second to None.
•
•
•
•
•
•
•
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• Secure by design
– Comprehensive protection against
unauthorized access of all resources
– Immune to buffer overflow exploits
– No Viruses, EVER!
• Comprehensive logging and
auditing
• Protects data confidentiality
and integrity
•
“The design and implementation of
– Protects workloads against each other
mainstream operating systems could
– File and database security
be improved greatly by examining
– Encryption for data in transit or in storage the security engineering decisions
that were made while developing the
Ensures system and data
ClearPath MCP environment.”
availability
– Platform stability minimizes downtime
– Thwarts denial of service attacks
ClearPath MCP Security Assessment
Client Facing Document
© 2012 Unisys Corporation. All rights reserved.
11
Independent Security Analysis
MCP Operating System
The Master Control Program, or MCP, operating system provides the basis for the upper layers of software
which provide application functionality. The MCP operating system has been designed to support missioncritical environments, and supports a rich system security model, high-volume transaction processing, high
availability, and interoperability with modern networking standards and protocols. As a mainframe system, other
features of the system include scalability, high capacity, data integration, and good manageability.
The MCP operating system was developed for use specifically for the ClearPath hardware architecture. It was
developed primarily in the ALGOL and NEWP programming language, with a security-aware compiler suite that
provides system programmers with protections against common security bugs such as buffer overruns and
memory allocation problems. The system enforces memory protection, for each word of memory, by assigning
tags to the memory location that describe the types of operations allowed for that particular piece of memory.
This protection exceeds the current state-of-the-art in systems designed to meet the needs of the
commodity computing market.
The MCP operating environment also provides security protections by using trusted program compilers. These
programs, necessary to create new programs make the creation of unsafe code much more difficult than the
typical compilers found on widespread operating systems such as Microsoft Windows or UNIX.
The system ensures that any programming bugs are very difficult for would-be attackers to
exploit using any of the traditional methods for compromising computer systems. Symantec
consultants analyzed the system from the perspective of an attacker and applied the traditional
exploitation method to the MCP environment without success.
“ClearPath MCP Security Assessment Client Facing Document”
© 2012 Unisys Corporation. All rights reserved.
12
Security – Authentication
•
•
•
•
•
•
•
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• Multiple Authentication Styles
Supported
–
–
–
–
Usercode / Password
NTLM
NTLMv2
Kerberos (Win2K Domain)
• Policy Based Security
• Managed via:
– Batch Interface
– Command Line Interface
– Graphical Interface (MMC)
© 2012 Unisys Corporation. All rights reserved.
13
ClearPath: Setting the Standard for Security
Operating System
Number of
Vulnerabilities
Date of Last
Vulnerability
Compromised
User Data
Unisys ClearPath MCP
1
12/31/2002
No
IBM zSeries
18
11/11/2011
Yes
IBM iSeries
19*
06/11/2009
Yes
OpenVMS
31
11/26/2011
Yes
HP-UX
318
01/04/2012
Yes
AIX
336
02/06/2012
Yes
Unix
625
02/07/2012
Yes
Windows
2952
02/17/2012
Yes
Linux
3654
02/16/2012
Yes
Data taken 02/20/12
*1 disputed
© 2012 Unisys Corporation. All rights reserved.
14
•
•
•
•
•
•
•
MISER Database Architecture
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• Unisys Database Management System (DMSII) for MISER Core
–
–
–
–
–
–
–
–
–
Enterprise Quality Transaction-Oriented DataBase Server
Audited database: Tape or Disk
Rebuild or Rollback to any point in time thru the Audits
Dynamic population increase
Storage requirements typically 1/5 or less when compared to Oracle
or Microsoft SQL Server equivalents
Database can be backed up at anytime (Online)
Online Reorganization
Limited “Tuning” required
Minimal downtime for Software Updates and Upgrades
• SQL Server Database for Business Intelligence
– Kept in sync with MCP Database via Integration Technology
– Designed for easy ad hoc queries.
© 2012 Unisys Corporation. All rights reserved.
15
•
•
•
•
•
•
•
Availability:
Minimal System downtime
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• MCP Rapid Software Update/Upgrade Time
–
–
–
–
Typically done in Hours, vs. Days or weeks
Can even be done with no user visible downtime.
Support for mix and match between releases
Application and Environmental software will run
• One Release Back, Two Releases Forward
• Ex: Average Oracle Database upgrade time – 35.2 Hours
Average Microsoft SQL Server upgrade time – 24.8 Hours
Downtime per year: Oracle:
27.5 hours unplanned (99.69%), 61.2 hours planned
SQL Server: 30.9 hours unplanned (99.65%), 72.0 hours planned
Microsoft SQL Server vs. Oracle Database: A Comparative TCA Study - Alinean Inc, May 2006
• Ex: Windows Software Compatibility Issue
– Upgrading to new versions of Windows or Service Packs are often delayed due to
software incompatibility
© 2012 Unisys Corporation. All rights reserved.
16
Support
•
•
•
•
•
•
•
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• MCP
–
–
–
–
Defined support policy with User specified priority
Process for escalation and immediate service
Goal: Fix your problem
Strong relationship between Unisys and FIS
• Ex: Microsoft Windows
– Multiple Levels Of Support
– Limited on the number of Bugs, Hours Support
– Goal: Provide a workaround
© 2012 Unisys Corporation. All rights reserved.
17
Integration
© 2012 Unisys Corporation. All rights reserved.
18
•
•
•
•
•
•
•
Integration with Everything.
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• MCP Integration is Technology Agnostic
– Windows, Unix, Linux
– .NET, J2EE
– Web Services, Message Queuing, Tuxedo
• Windows, Unix, Linux each have their own preferred
infrastructure
• Although they recognize inter-play is becoming important.
© 2012 Unisys Corporation. All rights reserved.
19
Development Choices.
• No one answer is right for all application or even application
components
• Multiple Layers to Produce a single application
• Multiple system may even be used.
Application Components
Presentation
Workflow
Business
Transaction
Database
Definition
© 2012 Unisys Corporation. All rights reserved.
20
Development Language.
• Language Fads:
– Fortran / Cobol / Pascal / C / Ada / C++ / Java
– 4GL’s and Application Builders
• Choose a language based on needs and skills
• COBOL is good for Business Transaction
• But COBOL is not the best for presentation
• Java/C++ is more complex for Business Transactions
• Every language can be made to work
© 2012 Unisys Corporation. All rights reserved.
21
Is Cobol Dead?
• $2 Trillion in total investment in COBOL
• There are over 200 billion lines of COBOL code in use
today (Total 310 billion lines of software – COBOL = 65%)
• Five billion lines of new COBOL code are written every
year
• 15% of new applications are written in COBOL
• 34% of coding activities are in COBOL
• 80% of daily transaction are processed by COBOL
• 70% of mission critical apps written in COBOL
• 70% of the world's business data resides on mainframes
www.eweek.com 9-21-09
© 2012 Unisys Corporation. All rights reserved.
22
COBOL Today
• COBOL focuses on writing the business transactions
• Tools for creating COBOL programs on ClearPath
–
–
–
–
Programmer Workbench – Visual Studio Like Editing
Eclipse Plug-in
Integrated, Interactive Debugging
Source Control Tools
© 2012 Unisys Corporation. All rights reserved.
23
Development Choices.
Application Components
Presentation
Workflow
Java | Windows
J2EE | .NET
Business
Transaction
Database
Definition
COBOL
© 2012 Unisys Corporation. All rights reserved.
24
•
•
•
•
•
•
•
Why MISER uses Cobol and MCP
Application Compatibility
Scalability
Security
Enterprise Class Database
Availability
Support
Integration
• Decades of code validation, building on a strong foundation
• Resilient Transaction-oriented Database
• Tight integration with other environments like Windows
– Business logic can be in COBOL and use Unisys tools
– Integration / Presentation can in done using Windows tools
• Secure Platform
• Minimal System Management
• Fast Updates / Upgrades
• 1 set of code for small and large users, now and in the future
• No need to migrate the core periodically
–
–
–
–
Source code written for MCP can run for decades unchanged
C  C++  C#, ASP  ASP.NET, Windows 2000  Windows 2003  …
Java 1.4  Java 5.0, Oracle 9i  Oracle 10g
Industry experience shows these have been large migration efforts
© 2012 Unisys Corporation. All rights reserved.
25
The New Data Center Architecture
ClearPath Forward
What does the future hold for ClearPath?
• The NextGen strategic vision has been
delivered and will provide new levels of
technology over the next several years
FS 4100
Application Workload
MCP
Specialty Specialty Specialty
Engine Engine Engine
s-ParTM (Secure Partitioning)
Unisys Intel Platform
• ClearPath Forward establishes an
expanded strategic Data Center vision.
Leveraging the Next Generation
architecture, it will enable an enriched
foundation to sustain ClearPath growth
indefinitely
© 2012 Unisys Corporation. All rights reserved.
27
ClearPath Forward
An expanded investment direction
• Concurrent support for multiple operating environments including
MCP, Windows and Linux
• Enterprise-class attributes enabled for non-ClearPath environments
• “Single pane of glass” management across all supported operating
environments
• Expanded array of development technologies
• A dynamic, cloud like environment that can comprise multiple
processing elements to establish a ClearPath Forward platform
managed as a single entity, enabling transparent provisioning of
hardware and software resources
….Contemporary, modernization enablement technology delivering real
business value
Agile, Economical, Contemporary, Mission-Critical Computing
© 2012 Unisys Corporation. All rights reserved.
28
ClearPath Forward
The Vision
© 2012 Unisys Corporation. All rights reserved.
29
ClearPath Forward Platform
New Data Center Vision
ClearPath
Attributes
ClearPath NextGen
ClearPath Forward
Application Workload
Any Application Workload
MCP
ClearPath MCP
ClearPath MCP
Secure
Partition
Secure
Partition
Secure
Partition
MCP
Specialty Specialty
Engine Engine
Windows Windows
Linux
Linux
ClearPath
Attributes
ClearPath Forward Services
s-Par
s-Par
Unisys Intel Platform
Unisys Intel Platform
Extend ClearPath core attributes to other operating environments
ClearPath Forward Mission-critical Platform Vision
• Solutions platform, leveraging ClearPath attributes across operating environments
- Enables integration to deliver composite applications
- Simplifies delivery and administration
- Ability to host multiple MCP operating environments concurrently
• New opportunities to expand mission-critical environments within the data center
© 2012 Unisys Corporation. All rights reserved.
30
Questions?
© 2012 Unisys Corporation. All rights reserved.
31
Related documents
Don Berchoff
Don Berchoff
hostname
hostname
The What and Why of Encryption
The What and Why of Encryption
Migrating Applications to the Cloud
Migrating Applications to the Cloud
The body shop
The body shop
Chapter 6
Chapter 6
What is Accounting?
What is Accounting?
File - Ruby Donaldson Amey`s Master`s of Science in
File - Ruby Donaldson Amey`s Master`s of Science in
`Utter Failure` or Unity out of Diversity?
`Utter Failure` or Unity out of Diversity?
Unisys
Unisys
Download