IBM zSystems mainframe

Business transformation and disruption is all about data. But it’s not just about collecting huge amounts of data, it’s what you do with that data and how it can enable you to create powerful insights.

While many people focus on the cloud unicorns, the reality is that industry incumbents have a huge advantage. These businesses have decades of experience which translates into massive amounts of data and business logic. Where do many of these businesses host their most important workloads and data? IBM zSystem—the system that is best known as “the mainframe.” 

Today, IBM is announcing its latest IBM zSystem—IBM z16. Two weeks ago, IBM spent time briefing the industry analyst community on the business strategy and technical underpinnings of the IBM z16. We met with a variety of IBM business leaders including executives from the IBM Systems division, Distinguished Engineers and IBM cloud leaders. The most significant updates to the platform are the inclusion of a dedicated on-chip AI accelerator and the addition of quantum-safe cryptography.

It’s important to understand the size of the IBM zSystem ecosystem. The platform is used by 45 of the 50 largest banks in the world, four of the top five airlines and eight of the top 10 insurers, among others. Likewise, the partner ecosystem is huge, ranging from the largest system integrators to small DevOps- and AI-focused technology vendors. Suffice it to say, some of the world’s largest businesses and governments run on IBM zSystems.

In this article, I will briefly cover the five biggest takeaways from the pre-announcement industry analyst briefings.

IBM is Bringing AI to the Mainframe

Many cloud data warehouse and analytics vendors say “Bring me the data.” IBM is flipping the script, because IBM zSystems already house clients’ most critical customer and operational data. IBM z16 will be shipped with an on-chip integrated accelerator for AI.

Everyone knows that AI creates a competitive advantage, so why should you care about the on-chip AI accelerator? The last mile of deploying machine learning/artificial intelligence (ML/AI) models is still a huge challenge. Businesses are investing large amounts of money and skills in developing models; however, latency often kills. The difficulty is that ML/AI models need to be built into applications so that the model can be executed at the point of transaction with virtually no delay. This also must be done at a massive scale! Think about the latency and security concerns if near-real-time banking transactions needed to go from a back-end system to a cloud AI platform to check for fraudulent transactions.

For those of you who have been following the IBM zSystems platform, IBM’s z14 unveiled a pervasive encryption capability. This encrypt-by-default approach without traditional encryption overhead was enabled through an encryption-dedicated chip. Similarly, AI workloads will be performed by the integrated AI accelerator.

Your AI Infrastructure is Only as Powerful as Your Software Ecosystem

Developers and data scientists want to use data, ML and AI tools that they know and trust. AI success requires an open stack of software options, not a walled garden. While IBM has a wide range of AI technologies, including Watson Machine Learning for z/os, IBM Cloud Pak for Data and IBM Cloud Pak for Watson AIOps, just to name a few, an IBM-only approach would be a non-starter for many data scientists.

The z16 AI accelerator supports a wide selection of ML libraries and compilers. Clients can build and train models in a variety of popular frameworks including TensorFlow, SAS, Microsoft CognitiveToolkit (Microsoft CNTK), PyTorch and Keras, along with others.

The system uses ONNX, an open source tool to enable interoperability of ML/AI models to prepare and deploy the model on the dedicated AI accelerator.

What does this mean? You can bring your existing data models to z16. In addition, your teams can use their existing preferred vendors while also working with IBM zSystem’s integrated accelerator chip.

Cybersecurity Arms Race: Quantum-Safe Cryptography is a Growing Need

Cybercrime is a multibillion-dollar business. Although fairly routine exploits like phishing remain the number-one money generator for cybercriminals, these gangs and nation-state-sponsored organizations are getting more sophisticated. For example, cybercriminals are investing in AI and ML just like traditional businesses. In some cases, cybercrime syndicate engineering employees believe they’re working for a legitimate company.

What is quantum-safe cryptography? The research is focused on identifying algorithms that are resistant to attacks by both classical and quantum computers. 

Why is this a growing area of concern? IBM, along with Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) all offer quantum computing-as-a-service. While quantum computing has massive potential for applications across a wide range of industries including drug discovery, chemical engineering and combating climate change, keep in mind that cybercriminals are looking at this technology to unlock complex cryptography algorithms. 

IBM claims that IBM z16 is a “quantum-safe system.” The company uses a variety of different hardware, software and business process approaches to assure data security. For example, the system includes a new crypto express card with quantum-safe APIs to upgrade existing application security. At a firmware level, IBM z16 has a built-in dual signature scheme.

In addition, for a number of years, the IBM zSystems platform has taken a zero-trust approach to security which includes a bring-your-own-key (BYOK) framework. IBM can never access the keys to your encrypted data–and neither can cybercriminals and/or governmental organizations—instead, those encryption keys remain inside your firewall.

IBM zSystems Tech Goes to the Cloud; Mainframe Remains On-Premises

What a difference a nine can make! Five nines mean 99.999% availability while four nines (99.99% availability) result in more than 47 minutes of downtime per year.

When I work with C-level executives that have a mainframe within their environment, the role of the IBM zSystem is always discussed. In many cases, businesses have explored the possibility of transitioning off of the mainframe, but resilience, predictability and security are the reasons why businesses remain on the platform.

IBM zSystems mainframe services are increasingly being offered in the cloud. Most recently, IBM announced IBM Z testing in the cloud. Likewise, IBM’s Cloud Hyper Protect Crypto Services, a key management approach using a specific security chip module, is enabled by IBM zSystems technology.

However, you shouldn’t expect mainframe-as-a-service. Between latency, security, resilience, governance and compliance, it’s going to be a long time until you migrate and/or send your mainframe workloads to the cloud.

As the author of Hybrid Cloud for Dummies and Cloud for Dummies 2nd Ed. (among other books and articles) I can confidently say that the cloud is not a panacea. The business case for moving many mainframe workloads to the cloud doesn’t exist. 

Digital Transformation Means More Than Slick Apps–Plumbing Matters!

Don’t get me wrong, mobile check deposits, airline ticketing and contactless hotel check-ins are great, but in many cases, they rely on older systems that have not been updated. 

A few weeks ago while traveling for work, my flights were delayed for hours. I saw that another flight was leaving within the hour. I was already at the airport and figured I could rebook it via the airline’s app. Of course, it wasn’t that easy—I finally went to the ticketing desk and told the agent that I’d like to book a different flight. The agent then went to work; they spent a long time entering information into their system, talking to a colleague, asking for help and asking me several questions. After about ten minutes my flight was finally rebooked.

This airline has a great app experience when things are running smoothly (so great, in fact, that I prefer to book my travel on the app rather than the computer). However, even a slight disruption caused everything to go off the rails. It’s clear to me that the company still relies on old, broken processes and outdated technology.

My Perspective

Moving AI closer to the data just makes sense. The last mile of AI—moving models into transactions—continues to be a huge challenge. I work with many businesses that have tons of data and do an excellent job retrospectively analyzing that data. However, real-time data-driven decision-making remains a challenge because of latency and the fact that moving data between on-premises and cloud systems raises security and governance risks (in addition to costs).

Quantum-safe security is a growing concern for highly regulated organizations in the banking, insurance and governmental segments. Over the last several years, financial industry CIOs and CISOs/CSOs at large financial services organizations were focused on establishing a zero-trust approach to security. However, as attacks become more sophisticated, security teams are starting to perform risk assessments on their approach to cryptography. The inclusion of quantum-safe cryptography is important for IBM zSystems customers.