320 likes | 576 Views
ClearPath MCP Software. Technology Overview and Software Update ClearPath MCP Release 12.0. Focus Areas Service-Oriented Architecture Real-time Infrastructure Security. Key Benefits Point-and-click SOA enablement for entry/midrange users Reduce dependence on ClearPath-specific skills
E N D
ClearPath MCP Software Technology Overview and Software Update ClearPath MCP Release 12.0
Focus Areas Service-Oriented Architecture Real-time Infrastructure Security Key Benefits Point-and-click SOA enablement for entry/midrange users Reduce dependence on ClearPath-specific skills Increase IT’s ability to satisfy service-level agreements Reduce the time, skill level and risk of human error associated with ensuring continuous availability of data and applications Increased network scalability and throughput Comprehensive security reporting for administrators, auditors, and regulators Additional protection for sensitive data backed up to tape and transferred between computers Stronger and more flexible user identification and access control ClearPath MCP Release 12.0Focus and Benefits Available April 2008
ClearPath SOAClearPath Java opportunities • Develop composite applications(Composite = Existing applications + packages + new Java or .Net components) • Integrateexisting ClearPath applications and Java applications • Develop new ClearPath–based Java applications or components • Integrate ClearPath-based applicationsanddata with Java applications on any platform • Access external databases and applications on any platform from ClearPath applications • SOA-enableyour applications • Useindustry standard skills and toolsto develop ClearPath Java solutions
DMSII DMSII ClearPath MCPJProcessor Java Run-Time All access, management and recovery via MCP MCP Environment Java Environment (J2SE 5.0, JBoss, Tomcat) Transparent Migration Java Applications • User Access • Web browser • Java clients • Tools available • Administration • Development tools • Monitoring tools Hibernate DTP Resource Adapter COMS Resource Adapter JDBC Driver COMS Transaction Server SQL Query Processor DTPTP COMSTP Intel-based JProcessor appliance DMSII DMSII MCP CMOS
DMSII DMSII ClearPath MCPvmJava Run-Time All access, management and recovery via MCP MCP Environment Java Environment (J2SE 5.0, JBoss, Tomcat) Transparent Migration Java Applications • User Access • Web browser • Java clients • Tools available • Administration • Development tools • Monitoring tools Hibernate DTP Resource Adapter COMS Resource Adapter JDBC Driver COMS Transaction Server SQL Query Processor DTPTP COMSTP Intel-based Java Environment DMSII DMSII Intel-based MCP environment
Java Environment MCP 11.1 & 12.0 • Java J2SE 5.0 (Java Virtual Machine) new features • Metadata • Generic types • Concurrency utilities • Monitoring and management instrumentation • JBoss J2EE application server • Makes it easy to develop, deploy, and manage enterprise Java applications • A professional open source software product with no software license fees • Unisys / JBoss Inc. partnership offers JBoss Enterprise Application Platform Subscriptions: • Support (9x5 or 24x7) and bug fixes • New versions
JavaTools WebTools EclipsePlatform SQL Explorer OtherTools Integrated Development EnvironmentEclipse • Standard platform for application development tools • Open source (no software license charges) • Runs on a wide range of operating systems • Open, extensible architecture, based on plug-ins • Attracting a community of tool developers • Use to develop composite applications • Java components • Existing MCP-based applications and data • All-in-One Package integrates • Open source Eclipse IDE • Recommended/tested open source Eclipse plug-ins • Eclipse extensions provided by Unisys • Eclipse Web Enabler plug-in • Availability: download on eCommunity
DMSII DatabaseDesign and Maintenance • Current DMS II Database environment • Describe the physical and logical characteristics of the database, via DASDL • Challenge for new staff • A new alternative • Edit on a PC using Database Operations Center and Embarcadero ER/Studio • Visualize and edit DMSII schemas • Deploy on a ClearPath MCP Server • Create new DMSII database schemas • Import relational database schemas to DMSII • Maintain and update existing DMSII database schemas
RTIBusiness Continuity Accelerator MCP 12.0 • Enables continuous availability of applications and data • Accelerates and automates • Relocating workload and data from a primary to an alternate server • Restarting a workload on an alternate server. • Reduces • Downtime • Required skill level • Risk of human error • Makes the process repeatable and predictable • Can help reduce the number of dedicated BC servers by repurposing servers (e.g. Development/test to BC) • No distance limitations (aligned with data replication product) • Introduced on MCP 12.0 as an optional software product
Business Continuity AcceleratorComplete Solution Works with a data replication product (one is required) • EMC Symmetrix Remote Data Facility (SRDF) • EMC MirrorView • SafeGuard Duplex • Host-based mirrored disk (MCP OS feature) Can be used with • SMA OpCon/xps • Remote Database Backup • Mirrored disk enhancement products • SAN Mirror Disk Manager • SAN StoreSafe Manager • SAN Spare Disk Manager
Alternate Site Primary Site Business Continuity Accelerator Business Continuity Accelerator Network Operating Environment Operating Environment Image Enabler Image Enabler Unisys Business Continuity Accelerator Data Replication Product Available on all ClearPath MCP servers that support MCP 12.0
Uses automation to Transfer resources Storage subsystem Software license keys Halt/Load parameters USERDATA file contents Network addresses HOSTNAME Activate image enabler Halt/Load alternate server Restart jobs – even if servers have different e-mode levels Avoid manual steps - multiple utilities Halt both systems (Server Control) Make the disk drives available to the alternate server (EMC Navisphere or Control Center) Make partition configuration changes (LOADER) Change Halt/Load units and load a partition (Server Control) Deal with the DEAD 431 system stops Copy the SYSTEM/KEYSFILE (Native File Transfer, tape or CD-ROM) Activate Image Enablers (system console) Automation Avoids Manual Steps
RTIWorkload Management • Simplifies management of ClearPath MCP servers • Maintains Service Level Agreements (SLAs) • Improves performance of critical applications • Specifies operations policy in business terms • Reduces the need for MCP-specific performance-tuning skills • Included in the operating environment • Available on all ClearPath MCP servers that support MCP 12.0 • Significant MCP 12.0 enhancements
RTIResource management • Runaway Program protection • Each performance goal for a workload group in any policy can optionally specify conditions that determine when an individual program in the group is considered a runaway program • The specified conditions fall into two categories: • Resource consumption rate limits: Sustained CPU, IO, or DMSrates over a time period • Resource consumption maximums • Total Elapsed or CPU time • Total IO or Database operations • Automatic responses to detected events are provided • Useful on metered servers • Elapsed time goal • Useful for batch jobs with completion deadlines • Specifies a desired completion time for tasks within a Workload Group • Based on “baseline statistic” data of previous runs
RTIInternet Protocol Version 6 (IPv6) • The successor to the current Internet Protocol version 4 for use on the global Internet • More addresses – IPv4 provided 232. IPv6 provides 2128 • Improved authentication and privacy: IPsec mandatory • Automatic configuration of host IP addresses • Stateless Autoconfiguration Protocol • Neighbor Discovery Protocol • Replaces ARP, ICMP Router Discovery, ICMP Redirect • Subject to US Government export control (packaged in the operating environment encryption option)
Locum SecureAudit • Security reporting is required by many organizations • Security officers, administrators and managers • Internal and external auditors • Government examiners and regulators • SecureAudit delivers security reports for MCP servers • Security events extracted from the SUMLOG file • Relevant - each targets a specific security issue • Non-technical - technical jargon is avoided • Readable - layouts are clear and friendly • Concise - extraneous information is omitted • Fast-executing - efficient processing • One or more log files per report • Reports for specific time intervals • Optional software product
Protection of Sensitive Data • Public concern about data privacy is at an all time high • Legislation requiring notification of people impacted by suspected breaches • Several well-publicized recent events where sensitive personal or financial data was compromised • Security of offsite data is a key issue • Need to use sensitive data at disaster recovery facilities • MCP 12.0 introduces new features to help protect sensitive data -- all require the Operating Environment Encryption Option and encryption-capable hardware
Tape Encryption Software tape encryption capabilities in a single optional software product • Encrypt/decrypt library maintenance tapes and CDs • Make an encrypted/decrypted copy of an existing tape • Encrypt data while stacking several tapes onto a single stacked tape • Decrypt data while unstacking a stacked tape onto several tapes • Encrypt/decrypt DMSII database data on audit and dump tapes • Encrypt/decrypt DMSII database data in dumps copied to tape: disk dumps, accumulated dumps, and incremental dumps
IP Security (IPsec) • Protect sensitive data while it is being transferred between computers • Authenticates and/or encrypts each IP packet in a data stream • Includes protocols for cryptographic key establishment • Uses policies to define security at the MCP-to-network boundary. IP packets can be: • Forbidden from being transmitted unencrypted (DISCARD) • Allowed to be transmitted unencrypted (BYPASS) • Encrypted prior to transmission (PROTECT) • Provided for IPv6 only • Subject to US Government export control (packaged in the operating environment encryption option)
Securing FTP with Explicit SSL/TLS • Can protect sensitive data in files being transferred between computers • Use of Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols is dynamically negotiated so that only the sensitive portions of an FTP session are secured • Defined in RFC 4217 • Included in the operating environment
Databases in Permanent Directories • Can improve security on development and test systems • Removes the dependence on the use of shared usercodes or chargecodes • Enables administrators to monitor access by usercode • Provides the ability to move between logically identical databases by simply changing the DATAPATH task attribute • Does not affect existing databases unless explicitly invoked
Case-Sensitive Passwords • Enhance identification and access control with stronger, more flexible passwords • Increases the number of possible passwords to make hacking more difficult • Controlled by a new security option CASESENSITIVEPW. When this option is set: • Passwords containing lowercase characters / some special characters do not need to be enclosed in quotation marks (“”) to retain case sensitivity • Password characters are not automatically uppercased.
ClearPath Software Release Strategy What’s not changing • Unisys will continue to support interim (x.1, x.2, and so on) software releases for as long as the underlying major (x.0) release is supported. • Unisys will continuously deliver new software products and features each year between major releases via • Interim (x.1, x.2) releases • Independent releases • Downloadable interim corrections
ClearPath MCP Releases Future dates are subject to change