Inspired by increasing demand for mainframes running electronic-commerce applications, IBM last week rolled out a new version of its OS/390 mainframe operating system, featuring beefed up security, systems management, and encryption capabilities.
IBM officials also shed a ray of light on what users can expect in Version 2, Release 9, due to ship in March 2000. Officials said they plan to further improve the operating system's native file and print serving for Windows clients, text-search support for Extensible Markup Language (XML)-generated documents, and unidentified Unix System Services functions.
Many of the features added to Version 2, Release 8, of OS/390 are aimed at helping corporate users integrate core business processes with those of their suppliers, partners, and customers.
"All this activity is driving a dramatic shift in the nature and volumes of transactions, where a single Web site can spawn hundreds of transactions. The shift to e-transactions is bringing with it a heavy requirement for scaling and security," said Doug Baylog, director of IBM's OS/390 software group, in Somers, N.Y.
"Release 8 is focused on that next generation of e-transaction processing and infrastructure," Baylog added.
An important improvement to the product's security, officials said, is that the exchange of encryption keys between the end points of a virtual private network (VPN) can now be automated and dynamically managed through the Internet Key Exchange, a commonly accepted protocol for cryptographic key and security management.
"We have had VPN support [in OS/390] before, but what we did not have was the ability for the systems on the other end of the VPN tunnel to react to changes in keys and synchronisation. We have implemented this protocol to simplify what is needed for two servers from two different companies in a supplier relationship," Baylog said.
In Release 8, IBM has also centralised the management of digital certificates belonging to server applications and their related private encryption keys. Company officials believe this will help both users and developers provide common management of such certificates in addition to the "chain of trust" necessary to verify client certificates.
IBM has also added support for the Lightweight Directory Access Protocol (LDAP), Version 3, designed specifically for new and emerging networked electronic-business application-development efforts. OS/390, Release 8, includes support for Java, LDAP access to Resource Access Control Facility, and support for Secure Sockets Layer for encrypted privacy of communication.
Also in Release 8 is an improved version of the SecureWay Communication Server, which now provides Virtual Addressing (VIPA) takeover. VIPA makes it possible for real IP addresses for network connections to be associated with "pseudo" addresses sometimes assigned to users.
Users were generally pleased about the technical additions to the product, saying bigger, faster, stronger features for e-commerce applications are never unwelcome.
"We are constantly evaluating what new mainframe-based services or products we can bring to the Web, and in so doing are constantly reminded how much security and reliability we need. [Release 8] has some nice things for us to consider," said Tom Wilson, a purchasing agent at a large Mid-western bank.
IBM has improved on Release 7's capability to offer differentiated service to various categories of users, which allowed administrators to set high, medium, and low priorities of service. In Release 8, IBM has added support for the Reservation protocol, or RSVP, a protocol to accommodate a variety of multimedia services.
According to Baylog, IBM has given Release 8 the capability to set policies that allow traffic priorities on a network to be more dynamically updated through new Policy Agents. For instance, on the fly, administrators can have traffic related to SAP take precedence over that being generated by PointCast.