IBM’s new z/14 encrypting mainframe

IBM’s new z/14 encrypting mainframe

By in Assured Forwarding Tag , , , , , , , , , , , , , ,

Today IBM International Business Machines Corporation 126,41 -0,56 -0,44% launched its latest mainframe, the z/14. z/14 builds on the heritage of the z/13 platform launched in 2015, and the previous z/10 (2008) and z/9 (2005) platforms. z/14 however, is not just a performance and scaling enhancement on the previous generation, but offers a fundamental change in the architecture of any data management platform. It encrypts data at almost all points on its journey through the system.

IBM is touting encryption as a security tool, particularly in data centres. The performance impact of enabling security in the data centre can severely impact user experience. It also adds to the overall system complexity and management headaches in managing the keys and certificates.

The z/14 provides Pervasive Encryption of data, encrypting data at rest or in flight. Current systems typically encrypt selected portions needed for compliance. This is possible as the chips inside the z/14 have 4x the silicon dedicated to cryptographic functions compared with z/13. This delivers 7x the encryption performance of the z/13, and 18x of equivalent x86 platforms (at 5% of the cost). And all with no change in the application or APIs.

The z/14 also has tamper-responding encryption keys. The system supports millions of keys held in memory, allowing many connections. The system will invalidate them at any sign of intrusion. This key management system is compliant with FIPS Level 4.

“The pervasive encryption that is built into, and is designed to extend beyond, the new IBM Z really makes this the first system with an all-encompassing solution to the security threats and breaches we’ve been witnessing in the past 24 months.” – Peter Rutten, Analyst, Servers and Compute Platforms Group, IDC.

IBM is focusing on customers that need GDPR compliance, or FFEIC for financial institutions. IBM will use the z/14 in the IBM cloud to deliver both encrypting services and to host its Blockchain service.

But it doesn’t stop there. IBM with AngelHack is providing over $50k in prizes for innovative uses of the mainframe platform and its pervasive security.

For those that like boxes, here is IBM’s z/14 in both naked and clothed versions. But I’m not certain that the picture of an open z/14 chassis is the best one to demonstrate the security that 100% encryption of the data will bring!

John Dixon

John Dixon is the Principal Consultant of thirteen-ten nanometre networks Ltd, based in Wiltshire, United Kingdom. He has a wide range of experience, (including, but not limited to) operating, designing and optimizing systems and networks for customers from global to domestic in scale. He has worked with many international brands to implement both data centres and wide-area networks across a range of industries. He is currently supporting a major SD-WAN vendor on the implementation of an environment supporting a major global fast-food chain.

Comments are closed.