Leveraging Mainframe Security and Public Cloud Flexibility
A hybrid cloud solution based on IBM zSystems provides reliability, security, maximum application performance, and cost control.
A privately held corporation that engages in the collection and distribution of data for the airline industry.
The client had been a longtime user of IBM zSystems mainframes to manage the data for its airline and travel service customers. Its applications, including business-critical ones that return data inquiries for travelers and airlines or agencies, as well as less-critical ones for running its business, have been deployed across virtualized x86 servers in its data center, running the Linux operating system.
The client wanted to move some of its application workloads from those distributed systems to the public cloud to reduce the administrative burden and cost associated with maintaining it in its data center. For some applications, this is a practical and cost-effective strategy. However, moving some existing mission- and business-critical applications to AWS would have required their complete rearchitecting to ensure the absolute reliability and availability that the client and its customers require.
The client was looking for a strategy that would:
- Ensure the highest possible reliability for some of its existing business- and mission-critical applications.
- Move other workloads to the AWS public cloud.
- Provide a longer-term strategy for eventually moving all hardware out of their data center into a hosted, hybrid cloud environment combining the cost-effectiveness of public cloud with the reliability and security of private cloud.
- Continue to ensure compliance with PCI and ISO 27001 data and infrastructure security
- Consolidate workload that was currently spread across more than 1,300 partially utilized x86 cores.
- Leverage their existing investment in homegrown and third-party applications, without requiring a ground-up rearchitecting for AWS cloud.
Sirius helped the client implement Red Hat Enterprise Linux on 36 IFLs on an IBM z14 mainframe, providing a migration path to hosting their business-critical applications on the mainframe and freeing the client to migrate their remaining applications onto AWS cloud. The resulting hybrid cloud solution based on IBM zSystems would allow the client to achieve all the goals of reliability, security and maximum application performance for its business-critical applications and data without rearchitecting all their code, while providing a cost-effective public cloud strategy for non-critical applications and data.
The client successfully deployed and rigorously tested the operation of their hybrid cloud in a fully functional test/dev environment, with full deployment of their production environment in March 2021.
Consolidating workload from distributed x86 servers to Linux on IBM Z has provided the client with major business, technical, cost, compliance and administrative benefits.
First and foremost was the improved reliability and availability that was an absolute requirement for its mission-critical applications, including the recoverability of systems and data integrity for transactions.
The second was the evolution of the client’s hybrid cloud strategy around the mainframe. While the client was prepared to migrate certain less-critical applications to the AWS public cloud without major modification, there were several business- and mission-critical applications that would have required complete rearchitecting to achieve their standards for reliability, availability and security in a public cloud setting—as well as PCI and ISO requirements for ongoing compliance. That effort would have been cost-prohibitive, and would have required more time and resources than the client could justify.
Instead, by consolidating application workload from approximately 1,300 partially utilized x86 cores onto just 36 optimized IFLs on Z, the client was able to realize significant benefits, including:
- Significantly better performance. Due to direct system-level connectivity between applications running on the IFLs and Db2 data running under z/OS, the single hardware platform dramatically improves I/O performance, lowering latency for data-intensive transactions and improving batch processing times.
- Better security. Business-critical applications and Db2 data are running on a single platform, eliminating points of possible compromise. From the hardened z/VM hypervisor to native security features like RACF to the fact that there is no vulnerability through network or host bus adapters, the entire platform is inherently more securable.
- Lower operating costs. Consolidating workload onto the IFLs has allowed the client to eliminate dozens of servers on multiple racks, reducing hardware and environmental costs in their data center, not to mention the cost of cabling and managing all the disparate parts.
- Simplified administration. Migrating their applications onto Linux on Z means just one platform, one hypervisor, and less hardware and networking, dramatically simplifying administration for hardware, operating systems and security.
- Reduced software costs. Though most of the applications that the client runs are based on open-source or in-house code running on Linux, there were some software products that were priced on a per-core basis. Migrating from about 1,300 partially used cores to just 36 optimized IFLs has allowed the client to realize significant savings on some of its software license fees.
- Simplified compliance. Standardizing on the single IBM zSystems hardware platform that allows direct connection between its applications and data, which is further secured with the mainframe’s proven security features such as data encryption and RACF for access control and auditing functionality, has made compliance audits for PCI-DSS and ISO 27001 significantly faster and easier.
- Better backup and recovery/DR. Migrating workload to IBM zSystems offers better resiliency options through native solutions like GDPS. The client’s recovery objective from a secondary data center is currently four hours, but with GDPS that could be reduced to minutes or even seconds.
Sirius, a CDW company, is a leading national solutions integrator focused on helping organizations transform their business by managing their operations, optimizing their IT, and securing it all. With over 2,600 employees, multiple offices across the U.S., and a team of experts with more than 5,500 professional and technical certifications, the Sirius team specializes in Digital Infrastructure, Security, Cloud, Managed Services, and Digital and Data. Sirius solutions are built on proven technologies from top strategic partners, and delivered by the brightest minds in the business.